Using this access, hackers tampered with the download URL of NoxPlayer updates in the API server to deliver malware to NoxPlayer users. ESET says that based on evidence its researchers gathered, a threat actor compromised one of the company's official API () and file-hosting servers (). ZDNet reports: The attack was discovered by Slovak security firm ESET on January 25, last week, and targeted BigNox, a company that makes NoxPlayer, a software client for emulating Android apps on Windows or macOS desktops. Ask for a demo at your local ALSO office or by sending me a DM.A mysterious hacking group has compromised the server infrastructure of a popular Android emulator and has delivered malware to a handful of victims across Asia in a highly-targeted supply chain attack. I would recommend you to check one of the most advanced offerings provided by our partner CYE. □️ Enrich your existing cybersecurity tools with automated, machine learning solution which will dramaticaly decrease reaction time and will let you mitigate risks faster than it will affect your assets. □️ Involve cybersecurity team when choosing the supplier or implementing new updates. Do it regularly and not less than once per year. □️ Create and maintain your companies internal Cybersecurity assessment procedure. To reduce the probability of supply-chain attacks you should start with 3 basic steps: The key for supply-chain attack mitigation is to ensure that every your third-party vendors are compliant with the cybersecurity standards. This prevalence is expected to further increase as threat actors, motivated by the success of the US government breach, switch their preference to this attack method.ģ key steps to protect your company from supply-chain attacks: According to a last year study by Symantec, supply chain attacks increased by 78% in 2019. The adoption of this cyber attack method is growing at an alarming rate. □ Cybersecurity assessment procedures either not implemented or are done on non-regular basis.Īs a result we see increasing amount of cases, like the recent discovery made by ALSO Group long term security partner ESET (see article in 1st comment), where it become easier for attacker to compromise supplier software code which leads to a malware code infiltration into company assets much faster than direct attack. □ Existing suppliers are considered "trusted-by-default" □ Cybersecurity focus is switched to building Zero-Day protection as the potential breach vector Nevertheless, this attack vector is known there are usually several reasons or combination of those why it continues to work: When its done attacker gains an access to the vendors customer network and as the malware is hidden under signature victims cybersecurity systems recognizes it as an authentic to the manufacturer and grants permision for code execution. After injection into vendor's ecosystem the malicious code is being hidden under the legitimate, digitally signed process of its host. It starts with infiltraing into vendor security defences. Supply chain attacks are utilizing legitimate processes to gain uninhibited access into a business's ecosystem. Malware installed on connected devices, for example, external hard drives, cameras, phones, etc.Usually the victim can be compromised by any of the following vectors: A supply chain attack, also known as a third-party attack, occurs when a business is breached through a compromised vendor. Supply chain attacks are an emerging kind of threat that target software developers and suppliers. □ Unfortunately we see more and more of those happening attacks happening in recent months. Last year, during ALSO Group Channel Trends&Vision event I've shared my vision that supply-chain based attacks will become one of the fastest growing attack vectors.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |