By now, we all are pretty much acquainted with the Solarwinds attack that shook up the cyber world to its core. Now, we have another supply chain attack ongoing that has the entire security community mulling over.
What’s going on?
ESET researchers recently disclosed a cyber-espionage campaign targeting Asian gamers. Dubbed Operation NightScout, this supply chain attack jeopardized the update mechanism of NoxPlayer, an Android emulator for Macs and PCs. This software has over 150 million users across the world, mostly located in Asia.
Who are the victims?
With respect to the number of NoxPlayer users, the number of victims is significantly low. Only five users located across Hong Kong, Taiwan, and Sri Lanka received the malicious updates. Three different malware families were delivered; however, they displayed surveillance-related functionality instead of aiming for financial gains.
Supply chain insecurity - a cause of worry
To simply put, any tech firm is a potential target for supply chain attacks.
In the case of the SolarWinds attack, FireEye—one of the most reputed cybersecurity vendors—was breached.
Last year, other supply chain attacks were brought to notice, including WIZVERA VeraPort, Operation StealthyTrident, and Operation SignSight. While the first two were conducted by two disparate nation-state actors, the attackers for the third one are yet unknown.
However, ..
Support the originator by clicking the read the rest link below.
