Cyber espionage group Gelsemium has been linked to a supply chain attack on BigNox’s NoxPlayer Android emulator. The group is said to be targeting governments, religious organizations, electronics manufacturers and universities in East Asia and the Middle East. The attack dates back to 2014 under the codename Operation TooHash based on malware payloads deployed in those intrusions. The adversary has been found employing a variety of malware delivery techniques ranging from spear-phishing documents exploiting Microsoft Office vulnerabilities to watering holes to a remote code execution flaw.
Source: https://thehackernews.com/2021/06/noxplayer-supply-chain-attack-is-likely.html