Ddos 
According to Softpedia, the Andy Android emulator installation package for Windows was found to contain an encrypted currency mining program. The user community conducted a thorough investigation and pointed out that after installing the simulator, a malicious program will quietly deploy on the PC. It reports that users of TopWire have taken the lead in exposing an agenda disguised as Updater.exe on Reddit and will continue to run after the simulator is shut down. After further inspection, we found that Andy deployed this mining program, and users can only delete this Android emulator by uninstalling it.
Under normal circumstances, the cryptocurrency mining program will occupy a significant amount of computer computing resources for a long time, causing the computer’s standard operation response to become extremely slow. The Reddit users pointed out that they found that the FPS (frame rate) would drop significantly under random conditions, but could not see an apparent reason. Only the GPU’s load and temperature increased significantly.
Although we initially suspected that there was a problem with the third-party installer used to package the emulator application, after looking at the software’s code, we found that the download request for the malicious file was still issued by itself (not the installer).
It reports that this matter has reported to Andy developers. However, this Reddit user explained:
“A friend opened Andy in process explorer to see the files it drops upon installation. By the looks of things, the installer isn’t at fault. Andy itself calls an IP which then transfers the bitcoin miner to your system. Andy clearly have no interest in fixing this issue and they’re doing their best to censor it. At this point I wouldn’t be surprised if this is completely down to their doing. The fact that they’ve completely blocked me from contacting them and the removal of all of my posts to them suggests that they don’t care and don’t want anyone to know.”
This will cause many users to uninstall the Andy Android emulator in their Windows operating system, while significant resource sites have removed their download links.
Source: Softpedia
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
