![]() ![]() “This discards the possibility that a MitM ( man-in-the middle) attack was used to tamper the update binary,” the company added.ĮSET’s write-up on the incident includes instructions for NoxPlayer users on how to find out if they’ve been affected. To confirm the spying was taking place, ESET said it was able to reproduce the attack by contacting “” using a test machine. However, the emulator’s developers, who are based in Hong Kong, “denied being affected" when confronted by ESET. NoxPlayer didn’t immediately respond to a request for comment. But ESET says the spying stands out because it appears to be targeting the gaming community, a rarity in today’s threat landscape. Who might be behind the hacking remains unclear. Among ESET’s own antivirus users, the malicious updates only went to five computers based in Taiwan, Hong Kong, and Sri Lanka. However, the hackers behind the scheme don’t appear to be compromising NoxPlayer users on a mass scale. ![]() The malicious updates come in three variants, capable of fetching files, logging keystrokes, and other remote spying on a computer. ![]() Last month, ESET uncovered some covert activity occurring through the emulator in a few rare instances, it was delivering malicious updates to users' computers since at least September.Īccording to ESET, the malicious updates arrive via NoxPlayer’s own backend infrastructure at “," and possibly with the help of the software's API at "." This suggests a hacking group secretly compromised the emulator’s update mechanism to serve up the bad computer code. The emulator is called NoxPlayer, which reports having 150 million users, mainly in Asia. Best Hosted Endpoint Protection and Security SoftwareĪn emulator that lets you play Android games on your PC has also been delivering malware to computers, according to antivirus company ESET. ![]()
0 Comments
Leave a Reply. |