Researchers have found a new supply-chain attack that targets the online gamers community. Implement file integrity verification using MD5 hashing and file signature checksĪdopt additional measures, notably encryption of sensitive data, to avoid exposing users’ personal informationīigNox have also stated that they have pushed the latest files to the update server for NoxPlayer and that, upon startup, NoxPlayer will now run a check of the application files previously installed on the users’ machines.ĮSET assumes no responsibility for the accuracy of the information provided by BigNox. Use only HTTPS to deliver software updates in order to minimize the risks of domain hijacking and Man-in-the-Middle (MitM) attacks UPDATE (February 3rd, 2021): Following the publication of our research, BigNox have contacted us to say that their initial denial of the compromise was a misunderstanding on their part and that they have since taken these steps to improve security for their users:
0 kommentar(er)
