AnyDesk Archives

AppWizard

December 13, 2024

TSplus Launches New Android App for Remote Support

TSplus has launched the first Android version of its Remote Support app, allowing users to establish remote support connections from Android devices. The app enables IT professionals to connect with users, diagnose issues, and provide support securely. Key features include viewing remote screens in Full HD at 24 frames per second, controlling remote devices with mouse and keyboard functionality, sending commands, chatting with users, and managing a list of computers and accounts. The app includes a Picture-in-Picture mode for multitasking and operates as a standalone application without the need for additional plugins. It is compatible with all Android devices released since 2015 (Android version 6.0 or later) and is available for free to existing Remote Support users with a valid license. Users can download the app from the Google Play Store.

Tech Optimizer

November 14, 2024

The 2024 Anti-Virus software thread | Which anti-virus for Windows 11?

Quickheal is praised for its robust protection against threats like ransomware and offers strong customer support, which users find crucial during crises. One user shared a positive experience where Quickheal helped recover their PC after a ransomware attack caused by a compromised download. Bitdefender is also recognized for its satisfactory protection but does not provide the same level of support as Quickheal. The choice between the two antivirus solutions may depend on individual needs, budget, and desired support during emergencies.

Tech Optimizer

November 13, 2024

SpyNote Malware Targets Android Antivirus Users

The Android Spynote malware disguises itself as a legitimate antivirus application called "Avast Mobile Security" to exploit vulnerabilities in Android systems. It requests permissions associated with antivirus apps, bypasses user restrictions, and excludes itself from battery optimization settings. Spynote simulates user gestures and displays misleading system update notifications to maintain its presence and hinder detection. Its primary target is cryptocurrency accounts, aiming to extract private keys and balance information for assets like Bitcoin, Ethereum, and Tether. The malware captures user credentials, stores them on the device's SD card, and employs obfuscation and evasion techniques to complicate detection efforts. It can detect virtual environments to evade analysis and monitors system settings to resist uninstallation attempts. Spynote is distributed through phishing sites that mimic the legitimate Avast download page, hosting malicious APKs named Avastavv.apk.

Winsage

August 21, 2024

New Mad Liberator gang uses fake Windows update screen to hide data theft

A new data extortion group called Mad Liberator is targeting AnyDesk users by using a counterfeit Microsoft Windows update screen to exfiltrate data from compromised devices. This operation began in July and has attracted attention from cybersecurity experts due to its unique distraction tactic. The attack starts with an unsolicited connection request to a computer using AnyDesk, after which attackers deploy a binary file disguised as a Windows Update. This ruse diverts the victim's attention while data is siphoned from OneDrive accounts, network shares, and local storage. During the process, the victim's keyboard is rendered inactive, allowing uninterrupted data exfiltration that typically lasts around four hours. Mad Liberator does not encrypt data post-exfiltration but leaves ransom notes in shared network directories. There is no evidence of prior interaction or phishing attempts against the targets before the connection request. The group claims to offer assistance in fixing security vulnerabilities and recovering files in exchange for ransom. If a victim does not respond within 24 hours, their name is published on the extortion portal, and if there is no payment within seven days, stolen files are made public. Currently, nine victims are listed on their website.