Hacker group inserted malware in NoxPlayer Android emulator
A popular Android emulator has been compromised by a mysterious hacking group. A handful of victims across Asia were targeted in a supply chain attack, leaving malware on their device. The attack targeted BigNox, the company that creates NoxPlayer. NoxPlayer emulates Android apps on Windows or macOS desktops. Slovak Security team ESET discovered the attack on January 25. The attack compromised the company’s official API and file-hosting servers.
Three different malware families were distributed from malicious updates to selected victims for surveillance-related gains. ESET says it only spotted malware updates being delivered to five victims. The victims were located in Taiwan, Hong Kong and Sri Lanka. The researchers at ESET did not link this incident to a well known hacking group.