By now, we all are pretty much acquainted with the Solarwinds attack that shook up the cyber world to its core. Now, we have another supply chain attack ongoing that has the entire security community mulling over.

What’s going on?

ESET researchers recently disclosed a cyber-espionage campaign targeting Asian gamers. Dubbed Operation NightScout, this supply chain attack jeopardized the update mechanism of NoxPlayer, an Android emulator for Macs and PCs. This software has over 150 million users across the world, mostly located in Asia. 

Who are the victims?

With respect to the number of NoxPlayer users, the number of victims is significantly low. Only five users located across Hong Kong, Taiwan, and Sri Lanka received the malicious updates. Three different malware families were delivered; however, they displayed surveillance-related functionality instead of aiming for financial gains.

Supply chain insecurity - a cause of worry

To simply put, any tech firm is a potential target for supply chain attacks. 
  • In the case of the SolarWinds attack, FireEye—one of the most reputed cybersecurity vendors—was breached.
  • Last year, other supply chain attacks were brought to notice, including WIZVERA VeraPort, Operation StealthyTrident, and Operation SignSight. While the first two were conducted by two disparate nation-state actors, the attackers for the third one are yet unknown.
  • However, all these attacks point to the fact that supply chains have become quite a common attack vector for cyber-espionage gangs. 

The bottom line

No organization wants to become the next SolarWinds or Able Desktop and thus, adequate security practices should be implemented. Moreover, Operation NightScout is particularly intriguing since cyber-espionage attacks against gamers are unheard of. It can only be anticipated that we will get to witness more of these attacks as they are thriving and hard to detect.

Cyware Publisher