Got hacked inside bignox. Worried now


GODMODE09

Active Member
Disciple
Aug 22, 2012
417
11
31
Hi,
I installed bignox in my MacBook and then went on to install a .apk file from a third party website inside the android simulator and while installing it suddenly the bignox window went from landscape to portrait mode ( like a smart phone) and got a message saying " your phone number , IMEI , Mac address along with my contacts and messages have been uploaded to our server , all data on your device has been encrypted and rendered useless". Then it went on to ask me to transfer btc to an address to get the decryption key ,etc. I immediately closed bignox and uninstalled it. My MacBook seems to be just fine like before. I don't think anything that happened inside the bignox affected my Mac.
I know I was stupid enough to do this , but I used my main google account and email while signing inside google play before to download some apps from play store inside bignox ( apps not related to this ). Can the hacker actually access any of my contact or anything else that could harm me? What sort of attack can I expect? I was using a VPN the whole time too. Changed google account password also.
Obviously I'm not going to give in to this extortion scheme.
Can the hacker do anything with my email id? Nothing else related to me was installed inside bignox.

Thanks in advance for looking.
 

psyph3r

Well-Known Member
Veteran
Jun 24, 2007
1,529
1,236
252
Pune
I think you'll be alright, the ransomware attacked an emulator lol.
Some lessons learnt today, never download apk's from unknown sources and always use a throwaway google account for shenanigans like this.
 

GODMODE09

Active Member
Disciple
Aug 22, 2012
417
11
31
You can even run ransomware inside a virtualbox/vm provided the network is isolated from host else kiss goodbye to your host and be ready for a new beginning.
Can you elaborate please ? I closed bignox and uninstalled it along with vm. Ran malware bytes on my Mac and found out it was safe. Do I need to do anything else? Should I still be worried?
I don't understand "provided the network is isolated from host else kiss goodbye to your host and be ready for a new beginning."

Is there anyway this .apk file can access anything outside the emulator into my macOS and spy / cause damage?
 
Last edited:

cute.bandar

Well-Known Member
Adept
Oct 7, 2010
298
82
67
32
You have nothing to be worried about. The only remotely possible issue could have been the google account signed in. But you have changed the password... Can also change the 2 factor authentication methods of your google account. But I don't think that's necessary..
 
  • Like
Reactions: GODMODE09

karanssh

Member
Disciple
Apr 17, 2019
6
4
6
Bangalore
Is there anyway this .apk file can access anything outside the emulator into my macOS and spy / cause damage?
Android malware generally does not work like that, and they don't have capabilities to infect host VMs... yet. You're in the clear, just don't mess around too much. Use trusted sources like apkmirror for your APK needs :)
 
  • Like
Reactions: GODMODE09