NoxPlayer emulator was hacked and malicious code inserted
Recently, ESET security researchers have discovered a new attack targeting software NoxPlayer, an Android emulator for Windows and Mac users.
NoxPlayer was developed by BigNox (a company based in Hong Kong), this software is often used by gamers to run mobile games on computer.
Researchers uncovered three different types of malware in the NoxPlayer update, however, they are designed primarily to monitor users, not to steal money.
Immediately after detecting the attack, ESET immediately contacted BigNox, the company denied being affected, declined offers of assistance and decided to conduct an internal investigation.
Researchers suggest users to check if there are any processes running in the background and connecting to the network with the C&C server. In case you have just updated the NoxPlayer software, you should uninstall it and wait until there is a new notification from BigNox.
ESET statistics show that this offensive campaign is aimed at users living in Taiwan, Hong Kong and Sri Lanka. At present, to limit attack by malware, users should not update NoxPlayer software to the latest version.
Update...
A mysterious group of hackers has just attacked the server infrastructure of the Android emulator NoxPlayer software. From here, the cyber criminals have spread malicious code to a series of victims in Asia.
This attack was discovered by security firm ESET on January 25th. Based on the evidence gathered, ESET said the hacker group has hacked into the official API and file-hosting servers of BigNox, the company that develops NoxPlayer.
With this access, the hacker forged the URL to download the NoxPlayer updates on the API server to spread the malicious code onto the victims' computers.
"Three different families of malware were spread with fake updates targeting victims in Asia. There is no indication that hackers are interested in financial interests, so this attack has. They can only be used for espionage or data collection purposes, " ESET said.
There is evidence that BigNox's servers have been compromised since around September 2020. ESET says hackers do not attack all users, but only target a few specific devices. It can be concluded that this is a clearly targeted attack, targeting only a certain class of users.
ESET said that at the present time the NoxPlayer update containing the malware was only distributed to five victims in Taiwan, Hong Kong and Sri Lanka.
ESET reported the details of the attack to BigNox but BigNox denied that they were hacked. Currently, users are advised not to update the new version of NoxPlayer or completely remove this software on their device.
You should read it
- How to speed up, use NoxPlayer without lag?
- Download NoxPlayer 7.0.0.9: Android emulator software for PC
- How to use the auto-click feature on Nox Player
- Instructions for setting up virtual keyboard to play all kinds of games on NoxPlayer
- How to open multiple NoxPlayer emulators at the same time
- How to install NoxPlayer to play Android games on computers
- How to fix NoxPlayer Has Stopped Working error
- Comparing BlueStacks and NoxPlayer, which software is better?
- How to enable multi-player mode on NoxPlayer
- How to use NoxPlayer to simulate Android gaming on computers
- How to play Lien Quan Mobile on PC with NoxPlayer
- How to fix error 1016: 'System boot timeout, temporarily exit any security software and try again' in the NoxPlayer
Maybe you are interested
6 Industries Feeling the Impact of Drones Turn a dead bird into a drone to improve snooping What is Twitter's new Safety Mode? How does Safety Mode work? What type of password attack is a Passive Online attack? Drones are Changing the Real Estate Business - Here's How Link Download Windows And Ghost Windows Latest 2020