![]() ![]() Submit the original source whenever possible, unless it's not in English or the article adds substantial information.Website/blog/YouTube channel owners are generally not allowed to post their own content please see this page.ĥ.We do not allow developers to simply dump a link to their app and leave. 3- The developer must interact with users in the thread.2- The developer's account must be at least three months old AND have a reasonable posting history on r/Android.1- Their post must be a self post with a detailed description of their app.Developers may post their own apps if they follow these conditions:.YouTube videos are fine as links, provided they don't break other rules.Please provide an explanation in the self-post body.Discussion-promoting rants are okay at mods' discretion. If you're asking a question, include your own analysis first in a few sentences.You might be interested in r/AndroidQuestions, r/PickAnAndroidForMe or r/AndroidApps instead. tech support, purchase advice, app recommendations). We welcome posts that benefit the community (device reviews, guides, discussions and rumors) and not the individual (seeking help, e.g.We welcome discussion-promoting posts that benefit the community, and not the individual. Comments that devolve into purely political discussions may be locked and people in violation may get banned if they are also violating Rule 9.Ģ. If not obvious, you should submit the link as a self-post and include an explanation. All posts to r/Android must be related to the Android OS or ecosystem in some way.Only submissions that are directly related to Android are allowed. ![]() Over content which benefits only the individual (technical questions, helpīuying/selling, rants, self-promotion, etc.) which will be removed if it's in violation of the rules. It is unclear if the NoxPlayer compromise is the work of a state-sponsored group or a financially-motivated group looking to compromise game developers.ĮSET did, however, point out that the three malware strains deployed via malicious NoxPlayer updates had "similarities" with other malware strains used in a Myanmar presidential office website supply-chain compromise in 2018 and in early 2020 in an intrusion into a Hong Kong university.Join us on Lemmy Chat with us on Matrix Chat on our Telegram group Secret TunnelĬontent which benefits the community (news, rumours, and discussions) is generally allowed and is valued The second is the case of the VGCA, the official certificate authority of the Vietnamese government.ĮSET researchers did not formally link this incident to a well-known hacking group. ![]() The first is the case of Able Desktop, software used by many Mongolian government agencies. ![]() This incident is also the third supply chain attack discovered by ESET over the past two months. Until today, and based on its own telemetry, ESET said it spotted malware-laced NoxPlayer updates being delivered to only five victims, located in Taiwan, Hong Kong, and Sri Lanka.ĮSET has released today a report with technical details for NoxPlayers to determine if they received a malware-laced update and how to remove the malware.Ī BigNox spokesperson did not return a request for comment. "Three different malware families were spotted being distributed from tailored malicious updates toselected victims, with no sign of leveraging any financial gain, but rather surveillance-related capabilities," ESET said in a report shared today with ZDNet.ĭespite evidence implying that attackers had access to BigNox servers since at least September 2020, ESET said the threat actor didn't target all of the company's users but instead focused on specific machines, suggesting this was a highly-targeted attack looking to infect only a certain class of users. Using this access, hackers tampered with the download URL of NoxPlayer updates in the API server in order to deliver malware to NoxPlayer users. The attack was discovered by Slovak security firm ESET on January 25, last week, and targeted BigNox, a company that makes NoxPlayer, a software client for emulating Android apps on Windows or macOS desktops.ĮSET says that based on evidence its researchers gathered, a threat actor compromised one of the company's official API () and file-hosting servers (). Only five detected until now, in countries such as Taiwan, Hong Kong, and Sri Lanka.īy Catalin Cimpanu for Zero Day | Febru- 10:30 GMT (10:30 GMT) | Topic: SecurityĪ mysterious hacking group has compromised the server infrastructure of a popular Android emulator and has delivered malware to a handful of victims across Asia in a highly-targeted supply chain attack. Attackers targeted only a handful of victims. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |