campaign Archives

AppWizard

June 16, 2026

New Rokarolla Android malware targets 217 banking, crypto apps

A new Android banking trojan named Rokarolla targets 217 banking and cryptocurrency applications and features 137 commands for malicious activities. It is distributed via deceptive websites posing as legitimate application sources and impersonates Google Play Protect to lure users into installing infected apps. Once installed, it seeks Accessibility service permissions and access to notifications, SMS, and calls. Rokarolla communicates with a command-and-control server, sending device profiles to generate unique identifiers for victims. Its primary goal is to steal financial information by using deceptive login overlays to capture sensitive data and maintain control over the device. The malware employs evasion tactics such as disabling Google Play Protect, hiding its icon, silencing notifications, and keeping the screen awake. It can steal SMS messages, extract contacts, capture keystrokes, record screen content, manipulate clipboard contents, block calls, and take screenshots. Zimperium confirms that Rokarolla is not found on Google Play, and users are advised to avoid downloading APK files from untrusted sources and to be cautious with Accessibility permissions.

Winsage

June 16, 2026

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

Cybersecurity researchers have identified two new Windows variants of the SprySOCKS backdoor, named WINDRV and WINPLUS, which were previously thought to be exclusive to Linux systems. Both variants feature hard-coded command-and-control configurations and can communicate via TCP, UDP, and WebSocket protocols. They support over 30 commands for operations such as system information collection and file management. WINDRV employs kernel drivers for stealth, obscuring network connections and allowing TCP traffic diversion. SprySOCKS was first documented by Trend Micro in September 2023, linked to the Chinese state-sponsored threat actor Earth Lusca, also known as FishMonger. The Windows variants belong to version 1.8 of SprySOCKS and utilize a kernel driver named RawWNPF for enhanced stealth. The attack chain begins with an initial access method that drops a batch script, leading to the installation of the backdoor. Evidence suggests these variants may have been used in attacks against government organizations in Honduras, Taiwan, Thailand, and Pakistan between 2023 and 2024. The WINPLUS variant was first detected in July 2024 in Pakistan. There are indications of a potential UEFI bootkit involvement exploiting CVE-2023-24932, a vulnerability in the Windows Boot Manager.

AppWizard

June 15, 2026

How to Use Meta AI on Meta Apps

Meta AI is integrated into WhatsApp, Instagram, Facebook, and Messenger, providing functionalities like chat, search, image generation, and automated customer support through the Meta Business Agent. Its availability varies by country, account type, app version, and language. Users should be aware that seeing a colleague's blue Meta AI ring in WhatsApp while they do not may indicate a rollout flag on Meta's end rather than an app malfunction. Meta AI can answer queries, suggest ideas, generate images from prompts, clarify messages, assist with searches, and support customer interactions for business accounts. It is linked to the Llama model family, including Llama 2 and Llama 3. To use Meta AI on WhatsApp, users need to update the app and can start a chat by locating the Meta AI button or circle. They can ask practical questions, request image generation, and utilize it in group chats. On Instagram, it enhances DMs and search functions, allowing users to create AI chats for content ideas and captions. In Messenger, there is an "Ask Meta AI" bar for direct interactions. Users can also utilize Meta AI on Facebook for search and content discovery. The Meta Business Agent is a version of Meta AI for businesses, providing 24/7 responses to customer inquiries. It can be set up in Meta Business Suite or WhatsApp Business. Privacy measures should be considered, as users cannot entirely disable Meta AI and should avoid sharing sensitive information in chats. For better responses, users should provide context and constraints in their prompts and consider training in prompt design and AI risk management for professional use.

AppWizard

June 15, 2026

Your inbox might finally get quieter now that Google is taking down a major AI scam ring

Google has filed a lawsuit against the alleged China-based "Outsider Enterprise" network for using Gemini AI to conduct extensive phishing scams. The company is working with the FBI and major telecommunications carriers, including AT&T, T-Mobile, and Verizon, to intercept scam messages. Investigators have linked the operation to over 9,000 counterfeit websites and more than one million malicious URLs, primarily targeting Android users. The "Outsider" phishing platform offered over 290 website templates for mimicking banks and other entities, utilizing AI-generated code. Google is also supporting seven bipartisan bills aimed at combating AI-driven fraud and has implemented AI-driven defenses that block over 10 billion malicious messages each month.

AppWizard

June 15, 2026

Over 50 Android Apps Found Spreading MagicAd Trojan via Official Stores

A trojan named Android.MagicAd.1 has been identified as a significant threat to Android users, capable of delivering persistent background advertisements by circumventing built-in defenses. Detected in 2025, it has spread through over 50 infected games and utility applications, infiltrating both dubious download sites and official app stores like the Samsung Galaxy Store and Xiaomi’s GetApps. The malware employs a strategy of rotating applications to evade detection, remaining active on user devices after download. It uses hidden, encrypted components within native code libraries and conducts environment checks to avoid monitoring before launching its payload. Android.MagicAd.1 bypasses Android's restrictions by targeting trusted system applications, utilizing methods that vary by device manufacturer. For example, it uses a delayed system command on Xiaomi and Amazon devices, exploits Android Binder on Vivo devices, and employs a universal fallback method for other brands to gain priority for displaying ads. All identified malicious applications have been removed from official stores, but the campaign highlights the vulnerability of security software.

Winsage

June 15, 2026

Should Xbox CEOs have term limits, and did this week show why the question matters?

Microsoft's Xbox division is facing significant challenges, including a margin crisis and the need for substantial organizational changes, as stated by the head of Xbox. The company is preparing for significant layoffs and budget cuts while emphasizing its commitment to console gaming despite the evolving landscape. Xbox is struggling to articulate its value to potential players and is dealing with the impact of rising RAM prices and recent game failures. Phil Spencer, the CEO, has been instrumental in revitalizing the brand but is also associated with the current difficulties, raising questions about leadership transitions in the future.

Winsage

June 14, 2026

When Windows 7 Arrived in Japan, It Came Printed on Toilet Paper

On October 22, 2009, Japan launched Windows 7, accompanied by a unique promotional item: a roll of toilet paper featuring Windows 7 branding and details about its enhancements. This marketing strategy was similar to the previous promotion for Windows Vista Service Pack 1. The toilet paper included messages about Windows 7's speed, security, and compatibility improvements, with sections detailing faster startup times, enhanced memory management, a streamlined user interface, and security features like the Action Center and BitLocker To Go. Networking capabilities were improved with HomeGroup, and Windows Media Center expanded its functionality. The design of the promotional toilet paper allowed users to revisit key points easily, and some versions mimicked Windows software boxes. This initiative was driven by local retailers, reflecting Japan's trend of quirky promotions in the electronics retail sector.

AppWizard

June 14, 2026

AMD taunts Apple’s MacBook Neo for failing to run 75% of top PC games — Only 5 out of the 20 top PC games work on the Neo, while all run on AMD’s budget offerings

The MacBook Neo has received positive reviews, redefining expectations for budget laptops and raising concerns among Windows manufacturers. AMD has launched a marketing campaign comparing its Ryzen 200 series systems to the MacBook Neo, highlighting that 15 of the top 20 PC games are incompatible with the Neo, which can only run five natively. AMD's systems provide access to extensive gaming libraries without requiring workarounds. AMD's selected comparison device, the HP OmniBook X Flip with a Ryzen 5 220 chip, can run older games but struggles with modern titles. While AMD claims its systems can run all top PC games, performance may not meet gamers' expectations. Apple's Silicon is powerful, but gaming demand on Mac remains limited, and users can only emulate x86 code, not achieve native compatibility. The MacBook Neo is recognized as a strong budget option, while Intel's Wildcat Lake laptops and Qualcomm's Snapdragon C-series chips are emerging alternatives in the market.

AppWizard

June 13, 2026

It’s bittersweet that the best time to play Destiny 2 in years coincides with its end, but I’m happy for the new players who get to experience its most liberating iteration yet

Bungie has released the final update for Destiny 2, featuring extensive patch notes that include 71 pages and 17,000 words of changes. Key highlights of the update are: - Catalysts for all exotic weapons that previously lacked them. - Reworked anti-champion mods linked to weapon frames and the ability to choose from seven seasonal artifact sets. - New aspects, grenades, and abilities. - Enhanced attunement options for targeted farming. - An increase of 300 vault space slots and eight additional loadout slots. - Improvements to Gambit addressing long-standing player complaints. Bungie has also introduced a collection bundle for players to access all available expansions at a discount. The update aims to provide a more liberating experience by removing escalating power gains and unnecessary grinds, enhancing gameplay for both new players and veterans.

AppWizard

June 13, 2026

Dole expands Minecraft campaign with pineapple focus

Dole is launching a 15-week campaign starting June 21 across North America and Europe, focusing on pineapples and targeting younger audiences. This campaign includes in-game rewards for Minecraft players, such as a branded ‘pineapple hoodie.’ The previous campaign resulted in a 20-fold increase in website visits from QR code scans, generating 2 million landing page views and significant social media impressions. Over 60% of participants expressed increased intent to purchase Dole’s fruit after engaging with the campaign. This year's campaign will feature new recipes, digital puzzles, and offline engagement activities, along with QR-enabled stickers in retail environments to connect purchases to digital rewards.