Chinese company Archives

AppWizard

September 19, 2025

4 apps you should use instead of Google Docs

The author experienced file management issues with Google Docs due to its lack of a folder system, leading to a search for alternatives. 1. Notion: Offers seamless transition from Google Docs, with essential formatting tools, auto-save, user-friendly sharing, and offline access. It is highly customizable but has a steep learning curve compared to Google Docs. 2. Obsidian: Focuses on privacy with local file storage by default, allowing offline access without internet. It offers cloud synchronization for flexibility but is ideal for users who prefer keeping documents off the cloud. 3. Simplenote: A simple app for creating notes and to-do lists with easy sharing and document pinning. It lacks a folder organization system, which may limit its use for extensive document collections. 4. WPS Office: A robust alternative that supports document creation, presentations, and spreadsheets, with a built-in PDF reader. Its interface resembles Microsoft Word, but it is owned by a Chinese company, raising some privacy concerns despite end-to-end encryption. The author also mentions Evernote and Google Keep as other options, with Evernote's free plan becoming less appealing and Google Keep being simpler but limited for extensive document needs.

Winsage

September 5, 2025

GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module

Cybersecurity researchers have identified a new threat cluster named GhostRedirector, which has compromised at least 65 Windows servers mainly in Brazil, Thailand, and Vietnam. The attacks involve the installation of a C++ backdoor called Rungan and an IIS module named Gamshen. The threat actor is believed to have been active since at least August 2024. Rungan can execute commands on compromised servers, while Gamshen provides SEO fraud services by manipulating search engine results, specifically targeting Googlebot to avoid detection by regular users. GhostRedirector has also impacted entities in various countries, including the U.S., Canada, and India, across multiple sectors. Initial access is likely gained through SQL injection vulnerabilities, followed by the use of PowerShell to deliver additional malware from a staging server. Rungan listens for commands from a specific URL and supports various functions, including user creation and command execution. Gamshen is part of a family of IIS malware and operates similarly to previously documented malware. The group employs deceptive SEO techniques to generate artificial backlinks to promote gambling websites. Evidence suggests that GhostRedirector may be linked to a China-based threat actor, supported by Chinese strings in the code and a certificate from a Chinese company. This group exemplifies persistence by using multiple remote access tools and creating rogue user accounts for long-term access.

AppWizard

September 4, 2025

Popular Android VPN apps found to have security flaws and China links

A report by researchers at the University of Toronto’s Citizen Lab and Arizona State University reveals significant vulnerabilities in several Android VPN applications on the Google Play Store, indicating that many are owned by a Chinese company and mislead consumers about their ownership. The study analyzed the 100 most-downloaded VPNs not based in the U.S. and identified three families of providers with shared technical infrastructures and security flaws. Family A includes eight VPNs linked to providers like Innovative Connecting, which have a hard-coded key for Shadowsocks, allowing eavesdroppers to decrypt communications. Family B consists of six providers, including Global VPN, also using hard-coded passwords for Shadowsocks, raising concerns about anonymity. Family C includes providers like Fast Potato VPN, vulnerable to traffic manipulation attacks. The researchers suggest that the obscured ownership of these VPNs may be a strategy to mitigate reputational risks. They also highlight the responsibility of platforms like Google to vet the security of applications, noting that hosting insecure apps could damage Google's reputation. Users are advised to conduct thorough research and choose reputable VPN services.

AppWizard

September 2, 2025

Citizen Lab Exposes Hidden Ties in 20 Android VPN Apps with 700M Downloads

Researchers from Citizen Lab discovered that over 20 popular Android VPN applications, collectively downloaded 700 million times, are interconnected through undisclosed ownership ties. These applications, marketed as independent privacy solutions, share codebases, servers, and encryption vulnerabilities. The VPN providers are categorized into three families linked to a Russian entity, a Chinese company, and another with ambiguous origins. Apps like Turbo VPN, X-VPN, and UFO VPN share cryptographic keys and backdoors, increasing the risk of man-in-the-middle attacks. Many applications use outdated encryption methods, making it easy for attackers to decrypt user traffic. Some apps route user data through servers in jurisdictions with lax privacy regulations, exposing sensitive information. The investigation revealed identical backend infrastructures among different apps, despite claims of no-log policies, breaching user trust. Hidden trackers within the apps contradict their privacy assurances. Regulators are beginning to respond, with Google removing problematic apps and the EU considering stricter data access regulations. Experts recommend choosing vetted, paid VPN services that undergo independent audits to ensure better security.

AppWizard

August 22, 2025

Android VPN Apps Linked to Chinese Co (Qihoo 360) Tied to PRC

Recent investigations by Arizona State University and Citizen Lab have revealed that several popular Android VPN applications are linked to entities in mainland China and Hong Kong, raising security concerns. These apps, which have millions of downloads, share ownership and infrastructure, and exhibit significant security flaws, including the collection of location data against privacy policies, outdated encryption methods, and hard-coded passwords that could compromise user traffic. One company manages all VPN servers for a second group of apps, while a third group is vulnerable to connection interference attacks. Notably, these VPN providers are connected to Qihoo 360, a Chinese company flagged as a potential national security threat, with ties to the Chinese military. The Tech Transparency Project reported that millions of Americans have downloaded apps that route internet traffic through Chinese companies, with one in five of the top 100 free VPNs in the U.S. App Store in 2024 being covertly owned by Chinese firms. Some VPNs have targeted younger audiences through social media ads, raising concerns about their marketing strategies. Qihoo 360 has been sanctioned and is on the Commerce Department’s Entity List, emphasizing the national security risks associated with these services. Users are advised to research their VPN providers to avoid affiliations with the Chinese Communist government.

AppWizard

August 19, 2025

Android VPN apps used by millions are covertly connected AND insecure

Recent research from Arizona State University and Citizen Lab has identified connections among three families of Android VPN applications with over 700 million downloads, raising concerns about user privacy and security. The analysis revealed three groups of VPN providers: 1. Group A: Eight apps from three providers sharing identical Java code and libraries, exhibiting vulnerabilities such as: - Collecting location data against privacy policies. - Using weak encryption methods. - Hard-coded Shadowsocks passwords that could allow traffic decryption. 2. Group B: Eight apps from five providers supporting only the Shadowsocks protocol, sharing libraries and hard-coded passwords, with all servers hosted by GlobalTeleHost Corp. 3. Group C: Two providers with one app each, using a custom tunneling protocol and sharing similar code, vulnerable to connection inference attacks. The research highlighted significant privacy breaches, including undisclosed location data collection and vulnerabilities that could allow eavesdroppers to decrypt communications. Alarmingly, these VPN providers are linked to Qihoo 360, a Chinese company that has concealed this connection, raising concerns about potential data sharing with the government due to China's strict laws. Additionally, the Tech Transparency Project found that many free VPN apps on the Apple App Store are also linked to companies in mainland China or Hong Kong without disclosing these ties.

AppWizard

April 5, 2025

TikTok avoids a US ban for a second time thanks to Trump’s 75-day reprieve

TikTok has avoided a potential ban in the U.S. due to a 75-day extension granted by President Donald Trump, announced on April 4. This is the second extension for TikTok, which follows an initial deadline set to expire on April 5. The original law required a decision by January 19 regarding the sale of TikTok's U.S. operations or a nationwide ban, a deadline that has now been postponed twice. TikTok, owned by ByteDance, can continue operations without interruption, although negotiations between ByteDance and the U.S. government are ongoing, with unresolved key matters. The situation also involves U.S.-China tariff discussions, with Trump emphasizing the importance of tariffs for national security.

AppWizard

February 14, 2025

TikTok returns to Android and Apple app stores in the US

TikTok has returned to the app stores of Apple and Google in the U.S. after a temporary blackout, following President Donald Trump's decision to postpone a potential ban until April 5, allowing TikTok 75 days to comply with legislation requiring the sale of its U.S. operations. The ban, supported by both parties in Congress, mandates that TikTok's parent company, ByteDance, divest its U.S. operations to avoid a complete prohibition of the app due to concerns over espionage and political manipulation. Reports indicate that TikTok's reinstatement was facilitated by assurances from the Trump administration to Apple and Google regarding potential liability. Trump's stance on TikTok has shifted from initially supporting a ban to expressing a more favorable view of the platform. He discussed a potential joint ownership model with TikTok CEO Shou Chew and mentioned various high-profile figures, including Larry Ellison, Elon Musk, Frank McCourt, and Kevin O'Leary, as potential buyers. Additionally, MrBeast, a popular YouTuber, has shown interest in acquiring TikTok after receiving outreach from investors.

BetaBeacon

November 16, 2024

Capcom has unveiled Monster Hunter Outlanders, a mobile action game for Android and iOS with a large open world and co-operative experience

Japanese publisher in cooperation with Chinese company TiMi Studios announced Monster Hunter Outlanders for Android and iOS. The game is an open world survival game set in the Monster Hunter universe, allowing players to fight monsters, travel through various locations, and engage in other activities. It will be free-to-play with in-game purchases available and will be released "soon".

Winsage

July 18, 2024

ESET: Chinese Adware Opens Windows Systems to More Threats

ESET discovered the HotPage malware, initially detected as adware, which was developed by a Chinese company called Hubei Dunwang Network Technology Co. The malware, disguised as an "internet café security solution," had a kernel component that allowed other threats to run code at the highest privilege level in the Windows operating system. The driver was removed from the Windows Server Catalog after ESET reported it to Microsoft. The Chinese company went through the necessary steps to obtain an Extended Verification certificate from Microsoft. The malware collects information, injects libraries into browser applications, and can allow attackers to escalate their privileges to run code as NT AUTHORITY/Systems.