browsers Archives

Tech Optimizer

September 22, 2025

Gamers Warned as BlockBlasters Patch Installs Malicious Software

BlockBlasters, a 2D platformer-shooter developed by Genesis Interactive, was removed from Steam after a late-August patch introduced malware that compromised players' sensitive information. The update, released on August 30, contained harmful components identified by security firm G DATA as a sophisticated operation aimed at stealing personal data. The malware, initiated by a file named game2.bat, collected data such as IP location and Steam login credentials, transmitting it to a command-and-control server. The malicious sequence included additional scripts that targeted browser extensions and cryptocurrency wallets. Over 100 players downloaded the compromised build, with reports of infections during gameplay. Following these revelations, BlockBlasters was flagged as "suspicious" and removed from the platform. Players are advised to uninstall the game and conduct antivirus scans.

AppWizard

September 22, 2025

VidMate HD: How to Download and Use the App on Android

Vidmate is an entertainment application that allows users to stream live TV, download music, and watch videos offline. It is free, lightweight, and compatible with older Android devices, offering features like custom playlists, buffer-free streaming, and downloads in various resolutions (144p to 4K). Vidmate is not available on the Google Play Store due to Google's restrictions on video downloaders, but it can be downloaded safely from reliable sources. Users need to enable unknown sources in their settings to install the APK. Vidmate supports over 1000 sites, provides accelerated download speeds, and offers an ad-free experience. While the app itself is legal, users must comply with copyright laws when downloading content. Vidmate is versatile, appealing to students, music enthusiasts, and businesses. It includes hidden features like automatic video downloads from URLs, dark mode, an in-app file manager, and background playback. For secure usage, users should download from trusted sources, consider using VPNs, avoid pirating content, and keep the app updated.

Tech Optimizer

September 22, 2025

Threat Actors Market Stealthy New RAT as Alternative to ScreenConnect FUD

Cybersecurity researchers have identified a sophisticated Remote Access Trojan (RAT) being marketed as a fully undetectable alternative to the legitimate ScreenConnect remote access solution. This malware evades security measures like Google Chrome and Windows SmartScreen by bundling itself with valid Extended Validation (EV) certificates, allowing it to appear legitimate and evade detection. The RAT employs a comprehensive evasion toolkit, including antibot mechanisms and cloaked landing pages, to mislead automated security scanners while delivering malicious payloads. It utilizes fileless execution techniques via PowerShell commands, enabling it to operate without leaving traditional file traces. The malware provides attackers with real-time control over compromised systems, facilitating data exfiltration and system manipulation. The sales strategy of the threat actors indicates a mature cybercrime-as-a-service model, with the tool marketed as a "FUD loader" for establishing persistent access before deploying secondary payloads. This trend highlights an increasing focus on exploiting user trust in legitimate brands and undermining security technologies, particularly through the use of valid EV certificates. Security professionals are warned to expect more instances of brand impersonation and sophisticated evasion techniques.

Tech Optimizer

September 20, 2025

Threat Actors Selling New Undetectable RAT as ’ScreenConnect FUD Alternative’

A new Remote Access Trojan (RAT) is being marketed on underground forums as a fully undetectable alternative to ScreenConnect, featuring advanced capabilities to bypass security defenses. The seller claims it achieves zero detections during static and runtime analysis, making it a significant threat for initial access and payload delivery. The RAT can bypass security warnings from Google Chrome and Windows SmartScreen by bundling with a valid Extended Validation (EV) certificate. It includes antibot mechanisms and cloaked landing pages to evade detection by security scanners. The malware is presented through a fraudulent Adobe Acrobat Reader download page and allows attackers direct visual control over compromised machines. It utilizes a PowerShell-based command for execution, helping it avoid detection by traditional antivirus solutions. The tool is described as a “FUD loader,” intended to establish a stealthy presence on target systems before deploying additional payloads. The seller offers a demo and promises delivery within 24 working hours.

Winsage

September 20, 2025

Zorin OS 18 Beta Released with Refreshed Look, Advanced Window Tiling, and More

The Zorin OS team has announced the beta version of Zorin OS 18 for public testing, featuring a refreshed default theme with a floating panel, a new workspace indicator, and a window tiling manager. It includes a built-in Web Apps tool that allows integration with popular web browsers, enabling users to run applications like MS Office/365, Google Docs, and Adobe Photoshop directly from their desktop. Zorin OS 18 also offers OneDrive file integration for users transitioning from Windows, enhancing access to files for those migrating from Windows 10. The operating system is built on Ubuntu 24.04.3 LTS and powered by Linux kernel 6.14, featuring the PipeWire audio server backend. The beta version is available for download, but it is a pre-release and may contain bugs. The final release is expected in the coming weeks.

Winsage

September 19, 2025

Windows 10 End of Life Is Coming. Here’s What You Need to Do. via @ConsumerReports

Transitioning from Windows to a free operating system like Linux can extend the usability of older hardware. Linux distributions, such as Fedora, are compatible with older devices, including those running Windows 10. The installation process for Linux is straightforward, involving downloading a file, transferring it to a USB drive, and following a guided setup. Modern Linux versions are user-friendly, featuring a "Software Center" for easy application installation. Many everyday tasks are now browser-based, reducing the importance of the operating system. A resource for Windows 10 users transitioning to Linux is endof10.org.

AppWizard

September 18, 2025

Struggling to find the right app for the job? Google Play’s new tool has some ideas for you

The Google Play Store is rolling out an AI-powered app explorer to select users in the United States, utilizing Google's Gemini technology. This feature appears at the top of the search tab with a prompt for users to specify what they are looking for and provides tailored categories for app discovery. Upon selecting a category, users are directed to a search results page that includes an “Organized with AI” section, showcasing curated lists of related apps. The feature was first reported by a Telegram user and has been confirmed on various US devices, indicating its rollout is underway.

AppWizard

September 17, 2025

Google dismantles huge Android ad fraud network distributing malware through 224 apps

Security researchers from HUMAN’s Satori Threat Intelligence and Research Team, in collaboration with Google, dismantled an ad fraud scheme called SlopAds, which involved over 224 AI-themed applications designed to generate fraudulent ad views and clicks. The scheme had over 38 million downloads across 228 countries and was responsible for 2.3 billion ad bid requests daily, with most traffic originating from the United States (30%), India (10%), and Brazil (7%). The apps used hidden browsers to load attacker-controlled websites, simulating ad clicks and impressions. Google removed the identified apps from the Play Store and advised users to uninstall them. Experts warn that the perpetrators may adapt their tactics to continue exploiting the digital advertising ecosystem.

Tech Optimizer

September 15, 2025

Chinese malware is flooding GitHub pages – HiddenGh0st, Winos and kkRAT hit devs via SEO poisoning

Chinese users are facing malware campaigns that utilize spoofed download sites and SEO poisoning. The malware includes kkRAT, which has advanced capabilities such as clipboard hijacking, remote monitoring, and antivirus evasion. Attackers have also exploited GitHub Pages to host phishing sites.

Tech Optimizer

September 15, 2025

HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks

Chinese-speaking users are experiencing a sophisticated SEO poisoning campaign that uses counterfeit software sites to spread malware. Researchers from Fortinet FortiGuard Labs discovered this activity in August 2025, which involves manipulating search rankings to redirect users to fraudulent sites that deliver malware through trojanized installers. The malware families identified include HiddenGh0st and Winos, both variants of the Gh0st RAT, linked to a cybercrime group known as Silver Fox. The attack mechanism involves a script named nice.js that orchestrates the malware delivery process, leading to the installation of a malicious DLL, "EnumW.dll," which performs anti-analysis checks and extracts another DLL, "vstdlib.dll." This second DLL inflates memory usage to evade detection and is responsible for launching the main payload. The malware aims to sideload a DLL, "AIDE.dll," which establishes a Command-and-Control (C2) communication, collects victim data, and monitors user activity. Additionally, a separate campaign targeting Chinese-speaking users has been flagged by Zscaler ThreatLabz, featuring a new malware called kkRAT. This malware shares code similarities with Gh0st RAT and employs fake installer pages to deliver multiple trojans. It uses techniques to bypass security software and targets specific antivirus programs, including 360 Total Security and Kingsoft Internet Security. The installer launches shellcode that retrieves additional malicious payloads, including kkRAT, which can perform various data-gathering tasks and manipulate clipboard data to replace cryptocurrency addresses.