Android Emulator for PCs Found Delivering Malware-news

with CLIPREVIEWED learn the articleAndroid Emulator for PCs Found Delivering Malware

(Credit: NoxPlayer)

An emulator that lets you play Android games on your PC has also been delivering malware to computers, according to antivirus company ESET. 

The emulator is called NoxPlayer, which reports having 150 million users, mainly in Asia. Last month, ESET uncovered some covert activity occurring through the emulator; in a few rare instances, it was delivering malicious updates to users’ computers since at least September. 

According to ESET, the malicious updates arrive via NoxPlayer’s own backend infrastructure at “res06.bignox.com,” and possibly with the help of the software’s API at “api.bignox.com.” This suggests a hacking group secretly compromised the emulator’s update mechanism to serve up the bad computer code.

Credit: ESET

The malicious updates come in three variants, capable of fetching files, logging keystrokes, and other remote spying on a computer. However, the hackers behind the scheme don’t appear to be compromising NoxPlayer users on a mass scale. Among ESET’s own antivirus users, the malicious updates only went to five computers based in Taiwan, Hong Kong, and Sri Lanka. 

Who might be behind the hacking remains unclear. But ESET says the spying stands out because it appears to be targeting the gaming community, a rarity in today’s threat landscape. 

NoxPlayer didn’t immediately respond to a request for comment. However, the emulator’s developers, who are based in Hong Kong, “denied being affected” when confronted by ESET.

To confirm the spying was taking place, ESET said it was able to reproduce the attack by contacting “res06.bignox.com” using a test machine. “This discards the possibility that a MitM (man-in-the middle) attack was used to tamper the update binary,” the company added. 

ESET’s write-up on the incident includes instructions for NoxPlayer users on how to find out if they’ve been affected. The antivirus company also says users should avoid accepting any updates from the emulator that claim NoxPlayer has mitigated the threat. Based on the change-log, the last time NoxPlayer was updated was in November.

keyword: Android Emulator for PCs Found Delivering MalwareAndroid Emulator for PCs Found Delivering MalwareAndroid Emulator for PCs Found Delivering Malware

Leave a Reply

Your email address will not be published. Required fields are marked *