![]() With this access, the hacker forged the URL to download the NoxPlayer updates on the API server to spread the malicious code onto the victims' computers. Based on the evidence gathered, ESET said the hacker group has hacked into the official API and file-hosting servers of BigNox, the company that develops NoxPlayer. This attack was discovered by security firm ESET on January 25th. From here, the cyber criminals have spread malicious code to a series of victims in Asia. At present, to limit attack by malware, users should not update NoxPlayer software to the latest version.Ī mysterious group of hackers has just attacked the server infrastructure of the Android emulator NoxPlayer software. In case you have just updated the NoxPlayer software, you should uninstall it and wait until there is a new notification from BigNox.ĮSET statistics show that this offensive campaign is aimed at users living in Taiwan, Hong Kong and Sri Lanka. Researchers suggest users to check if there are any processes running in the background and connecting to the network with the C&C server. Immediately after detecting the attack, ESET immediately contacted BigNox, the company denied being affected, declined offers of assistance and decided to conduct an internal investigation. Researchers uncovered three different types of malware in the NoxPlayer update, however, they are designed primarily to monitor users, not to steal money. Ask for a demo at your local ALSO office or by sending me a DM.NoxPlayer was developed by BigNox (a company based in Hong Kong), this software is often used by gamers to run mobile games on computer. I would recommend you to check one of the most advanced offerings provided by our partner CYE. ![]() □️ Enrich your existing cybersecurity tools with automated, machine learning solution which will dramaticaly decrease reaction time and will let you mitigate risks faster than it will affect your assets. □️ Involve cybersecurity team when choosing the supplier or implementing new updates. Do it regularly and not less than once per year. □️ Create and maintain your companies internal Cybersecurity assessment procedure. To reduce the probability of supply-chain attacks you should start with 3 basic steps: ![]() The key for supply-chain attack mitigation is to ensure that every your third-party vendors are compliant with the cybersecurity standards. This prevalence is expected to further increase as threat actors, motivated by the success of the US government breach, switch their preference to this attack method.ģ key steps to protect your company from supply-chain attacks: According to a last year study by Symantec, supply chain attacks increased by 78% in 2019. The adoption of this cyber attack method is growing at an alarming rate. □ Cybersecurity assessment procedures either not implemented or are done on non-regular basis.Īs a result we see increasing amount of cases, like the recent discovery made by ALSO Group long term security partner ESET (see article in 1st comment), where it become easier for attacker to compromise supplier software code which leads to a malware code infiltration into company assets much faster than direct attack. □ Existing suppliers are considered "trusted-by-default" □ Cybersecurity focus is switched to building Zero-Day protection as the potential breach vector Nevertheless, this attack vector is known there are usually several reasons or combination of those why it continues to work: When its done attacker gains an access to the vendors customer network and as the malware is hidden under signature victims cybersecurity systems recognizes it as an authentic to the manufacturer and grants permision for code execution. After injection into vendor's ecosystem the malicious code is being hidden under the legitimate, digitally signed process of its host. ![]() It starts with infiltraing into vendor security defences. Supply chain attacks are utilizing legitimate processes to gain uninhibited access into a business's ecosystem. Malware installed on connected devices, for example, external hard drives, cameras, phones, etc.Usually the victim can be compromised by any of the following vectors: A supply chain attack, also known as a third-party attack, occurs when a business is breached through a compromised vendor. Supply chain attacks are an emerging kind of threat that target software developers and suppliers. □ Unfortunately we see more and more of those happening attacks happening in recent months. Last year, during ALSO Group Channel Trends&Vision event I've shared my vision that supply-chain based attacks will become one of the fastest growing attack vectors.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |