NoxPlayer, an Android emulator for Windows PCs and Macs, has come under a supply chain attack, ESET, a Slovak internet security company, has reported. NoxPlayer, the flagship product of Hongkong-based BigNox, is widely used by gamers to play mobile games from their PCs.

BigNox has 150 million users across 150 countries, of which 100,000 customers are active users of NoxPlayer.

Few gamers from Hong Kong, Taiwan and Sri Lanka have fallen victim to the malware attack. “Three different malware families were spotted being distributed from tailored malicious updates to selected victims, with no sign of leveraging any financial gain, but rather surveillance-related capabilities,” the ESET report said.

ESET said the company’s official API api.bignox.com and file hosting servers res06.bignox.com appeared to have been compromised as per the evidence gathered. To deliver malware to users, hackers have tampered the download URL of NoxPlayer updates. The malware has similarities with the strains used in the 2018 Myanmar presidential office website and 2020 Hong Kong University breaches.

Reiterating the possibility of surveillance as the motivation behind this attack, ESET said the hacker group had access to the servers since September, yet it did not target all of the company’s users, instead aimed only at select machines.

The security firm has now released a report with technical details for NoxPlayers users to check if they have received a malicious update with instructions to remove it. BigNox is working with ESET to further probe the matter.

The post Supply Chain Attack Targets Android Emulator NoxPlayer appeared first on Analytics India Magazine.