ESET researchers uncover a new supply-chain attack used in a cyberespionage operation targeting online‑gaming communities in Asia.
The new supply-chain attack compromises the update mechanism of NoxPlayer, an Android emulator for PCs and Macs, and part of BigNox’s product range with over 150 million users worldwide.
Three different malware families were spotted being distributed from tailored malicious updates to selected victims with no sign of leveraging any financial gain, but rather, only cyber-espionage capabilities were seen.
ESETnamed the malicious operation NightScout.
Am I compromised?
Who has affected: NoxPlayer users.
How to determine if I received a malicious update or not:
Check if any ongoing process has an active network connection with known active C&C servers, or see if any of the malware based on the file names provided in the report is installed…