attacks Archives

Tech Optimizer

June 3, 2025

How we test antivirus software

Robust antivirus software is essential for protecting sensitive data in personal and business contexts. Different antivirus solutions vary in malware detection and overall protection. The ideal antivirus balances comprehensive coverage with system performance. Resources like AV-Comparatives and AV-Test provide impartial testing of antivirus capabilities, including real-world protection tests and evaluations of false alarms. Performance and customer support are critical factors in antivirus software evaluation. The impact on device speed and resource consumption is important, as is the quality of customer support for troubleshooting. Reliable support options enhance user satisfaction. Thorough testing of antivirus software is crucial due to the evolving tactics of cybercriminals. Not all antivirus solutions are equally effective, and rigorous evaluation helps identify subpar options and false positives. Free antivirus options may suffice for casual users, but premium versions often offer better features and protections. Meticulous testing ensures that security software meets its promises and helps users make informed decisions.

AppWizard

June 2, 2025

I found a mysterious demo disc with no name hiding a game almost no one in the world has ever seen, and it made me feel like I’d uncovered buried treasure

The text describes the experience of organizing a retro gaming collection, highlighting the discovery of a doujin game demo CD labeled "Action RPG (Temp) C81 Demo Version" developed by Foxtail. The game features a straightforward action RPG format with crisp pixel art, intuitive controls, and a stamina system that requires strategic gameplay. It consists of 20 stages with various challenges and enemy types, culminating in a simple message upon completion. The overall experience is characterized by a sense of creativity and passion from the developer, despite the game's lack of polish.

AppWizard

June 2, 2025

Vulnerabilities in Preinstalled Android Apps Expose PIN Codes and Allow Command Injection

Significant vulnerabilities have been identified in pre-installed applications on Ulefone and Krüger&Matz Android smartphones, disclosed on May 30, 2025. Three vulnerabilities affect these devices, including CVE-2024-13915, which targets the com.pri.factorytest application, allowing unauthorized factory resets. CVE-2024-13916 and CVE-2024-13917 affect the com.pri.applock application on Krüger&Matz smartphones, enabling malicious apps to extract user PIN codes and inject arbitrary intents. These vulnerabilities stem from improper export of Android application components, allowing malicious applications to bypass Android’s permission model. Users are advised to check for updates and consider disabling vulnerable applications.

Tech Optimizer

June 2, 2025

Key service for malware developers taken offline

The takedown of AVCheck, a major Counter Antivirus (CAV) service used by cybercriminals, disrupts their ability to test malware against antivirus detection, thereby hindering successful attacks. Matthijs Jaspers from the High Tech Crime Team highlighted that this operation is crucial in combating organized cybercrime, as it prevents early-stage criminal activities. The investigation revealed connections between AVCheck and other services like Cryptor.biz and Crypt.guru. Additionally, law enforcement has taken proactive measures, including deploying a fake login page to deter AVCheck users and collaborating with Project Melissa to target malware services. The need for coordinated efforts among various sectors is emphasized to effectively combat cybercrime.

Tech Optimizer

June 2, 2025

International authorities dismantle AVCheck in cybercrime operation

International authorities have dismantled AVCheck, a platform used by cybercriminals to test malware against antivirus software. The website avcheck.net now displays a seizure notice from the US Department of Justice, FBI, US Secret Service, and Dutch police. AVCheck was one of the largest counter antivirus services globally, aiding cybercriminals in evaluating their malware's stealth capabilities. Investigators found links between AVCheck's administrators and crypting services like Cryptor.biz and Crypt.guru. Law enforcement had placed a fake login page on AVCheck to warn users about legal risks before its shutdown on May 27, 2025. Undercover agents confirmed the illegal nature of AVCheck through transactions and connections to ransomware attacks. The FBI has also warned about the Silent Ransom Group, which has targeted law firms in the US using social engineering tactics.

Tech Optimizer

June 2, 2025

Hackers Allegedly Selling Windows Crypter Claims Bypass of All Antiviruses

Underground cybercriminal forums are seeing an increase in advanced malware tools, including a Windows crypter that claims to bypass major antivirus solutions. This crypter is marketed as fully activated and capable of achieving Full Undetectable (FUD) status against contemporary antivirus engines. It employs advanced obfuscation techniques to evade detection, including code injection methods, entropy manipulation, and anti-debugging features. The tool allows for granular control over obfuscation parameters, enabling customization for specific target environments. The rise of such sophisticated evasion tools poses challenges for traditional endpoint security, making organizations vulnerable if they rely solely on signature-based antivirus solutions. To defend against these threats, organizations should adopt multi-layered security architectures, including behavioral analysis and endpoint detection and response (EDR) solutions.

AppWizard

June 1, 2025

Why Elden Ring: Nightreign is both a hit and a headache for fans

Elden Ring Nightreign is a multiplayer game developed by FromSoftware, featuring fast-paced combat mechanics and eight distinct characters called Nightfarers, each with unique strengths and weaknesses. Players aim to defeat the Nightlord while surviving three in-game days on Limvel Island, facing various bosses and challenges, including a night boss that tests their skills. The game lasts approximately 14 real-time minutes per day, with a storm circle that closes in, causing damage if players do not move. Players can unlock new characters and relics through boss victories. The game is available on PC, PS4, PS5, Xbox One, and Xbox Series consoles, priced at an undisclosed amount. It has received a mixed reception, with a 78% aggregate score on OpenCritic and a "Mixed" rating on Steam from over 31,000 reviews. Players have expressed frustration with solo difficulty and matchmaking issues. In response, FromSoftware plans to release patch 1.02 to introduce automatic revivals for solo players and increase rewards. A mod called Seamless Co-Op allows PC players to team up without needing a third player.

Tech Optimizer

May 31, 2025

Study offers a national report on antivirus software trends

Nearly half of Mac users have encountered viruses despite having protective software installed, challenging the belief that Apple products are immune to malware. The report highlights that 71% of Android users have antivirus software, but only 49% seek third-party tools. More than half of Americans do not use additional security measures beyond antivirus. Among iOS users, 38% are unaware of third-party antivirus options. While 84% have antivirus on computers, only 68% have it on smartphones and 60% on tablets. Despite widespread adoption, only 16% of antivirus users feel their software is ineffective. The virus encounter rates are 44% for Mac users, 36% for Windows users, and 30% for other platforms.

Tech Optimizer

May 31, 2025

Devious new ClickFix malware variant targets macOS, Android, and iOS using browser-based redirections

ClickFix attacks have evolved from targeting Windows systems to also affecting macOS, iOS, and Android devices. The new version starts with a compromised website where cybercriminals inject JavaScript code that redirects users to a fake URL shortener. This action leads to a download page serving malware. On macOS, the attack executes a malicious shell script via a terminal command, while on Android and iOS, it can occur without user interaction, allowing malware to be downloaded simply by visiting the compromised site. The malware is packaged in a .TAR archive and has been flagged by multiple antivirus programs.

Tech Optimizer

May 31, 2025

Authorities Dismantled AVCheck, a Tool For Testing Malware Against Antivirus Detection

Law enforcement agencies from multiple nations dismantled a cybercriminal operation that provided malware testing services to evade antivirus detection. This effort led to the seizure of four domains and their servers, disrupting infrastructure that facilitated ransomware attacks globally. U.S. Attorney Nicholas J. Ganjei announced the disruption of an online software crypting syndicate that helped cybercriminals keep their malware undetected. The seized domains offered counter-antivirus tools and crypting services, allowing criminals to obfuscate malware and gain unauthorized access to systems. Investigators conducted undercover purchases and analyzed services, revealing connections to ransomware groups targeting victims in the U.S. and internationally. The operation, part of Operation Endgame, involved collaboration among the U.S., Netherlands, France, Germany, Denmark, Ukraine, and Portugal, with the FBI Houston Field Office leading the U.S. investigation. The seizures occurred on May 27.