cooperation Archives

Tech Optimizer

May 30, 2025

Dutch police takes Counter Antivirus service AVCheck offline

The Dutch Team High Tech Crime, in collaboration with international partners, has dismantled the counter-antivirus service AVCheck, which was used by cybercriminals to make malware undetectable. AVCheck was one of the largest services of its kind, allowing malware developers to test their software against antivirus programs. The operation involved cooperation from the Netherlands, the United States, and Finland, and was executed by the High Tech Crime Team under the National Public Prosecutor’s Office. The investigation not only shut down AVCheck but also gathered evidence against its administrators and users, including those of related services like Cryptor.biz and Crypt.guru. Additionally, a fake login page was launched to deter AVCheck users, and collaborations with antivirus organizations were established as part of Project Melissa. This action is connected to Operation Endgame, which previously targeted other malware services.

AppWizard

May 26, 2025

Vietnam acts to block messaging app Telegram, government document seen by Reuters shows

Vietnam's technology ministry has instructed telecommunications providers to block the messaging app Telegram due to its lack of cooperation in addressing criminal activities by its users. A government document revealed that 68 percent of the 9,600 Telegram channels and groups in Vietnam violate local laws, involving serious offenses such as fraud, drug trafficking, and potential terrorism links. Service providers must implement blocking measures and report progress to the ministry by June 2.

AppWizard

May 24, 2025

Vietnam acts to block messaging app Telegram

Vietnam's technology ministry has instructed telecommunication service providers to block the messaging app Telegram due to its lack of cooperation in combating criminal activities among users. This directive, issued on May 21, mandates that service providers implement the block and report their actions by June 2. Findings from the cyber-security department indicated that 68% of the 9,600 Telegram channels and groups in Vietnam were violating laws, including serious offenses like fraud, drug trafficking, and suspected terrorism activities. A representative from the ministry confirmed the document's authenticity, citing Telegram's failure to provide user data during criminal investigations. As of the latest update, Telegram remained accessible in Vietnam despite the directive.

AppWizard

May 24, 2025

Vietnam orders messaging app Telegram to be blocked

Vietnam's technology ministry has mandated telecommunication service providers to block the messaging application Telegram due to its alleged non-cooperation in addressing criminal activities associated with its users. This directive, dated May 21, requires telecom companies to restrict access to Telegram and report their actions to the ministry by June 2. A report from the police indicated that 68% of the 9,600 Telegram channels and groups in Vietnam are violating local laws, including fraud and drug trafficking. The ministry highlighted the need for providers to implement measures to prevent Telegram's activities in the country. Telegram has faced scrutiny for not complying with requests for user data during criminal investigations, and the Vietnamese government has previously urged other companies like Facebook and YouTube to help eliminate content deemed "toxic."

AppWizard

May 24, 2025

Surprising: Telegram slams Vietnam’s decision to block messaging app

Vietnam's technology ministry has mandated telecom providers to restrict access to Telegram due to concerns about the app's failure to combat criminal activities and disseminate illegal content. A government document from May 21 instructed telecom companies to limit access, citing that 68 percent of the 9,600 Telegram channels and groups in Vietnam were linked to illegal activities such as fraud, drug trafficking, and potential terrorism. The ministry criticized Telegram for not cooperating with investigations, particularly regarding user data requests. Despite the directive, Telegram remained accessible in Vietnam as of the latest report. The situation is part of Vietnam's broader digital crackdown, which has included pressure on other platforms to remove content deemed harmful by the government. Telegram has previously faced scrutiny regarding its security and privacy practices.

AppWizard

April 2, 2025

Disney, Jagex, Codemasters vets found new publisher The CoLab

Three professionals from the UK gaming industry, Darren Newnham, Mark Faulkner, and John Lewis, have launched an indie publishing house called The CoLab. They have experience from companies such as United Label, Fnatic, Disney Interactive, Jagex, PlayFusion, Bossa, Codemasters, and Criterion. The CoLab has three projects in development: a cozy game called Campfire, a cyberpunk shooter named DeadWire, and a strategy game titled Counter Clash. The company has partnered with the charity Safe in Our World to support mental wellbeing in the gaming industry. The CoLab aims to support indie developers during challenging times in the sector, advocating for cooperation and collaboration while addressing issues like mass redundancies and the prioritization of shareholder value over gamers' needs. Their vision includes uniting game creators, sharing resources, and fostering a supportive environment for developers.

AppWizard

April 1, 2025

EA alum Adolf Kristjansson is Starbreeze’s new CEO

Adolf Kristjansson has been appointed as the new CEO of Swedish gaming company Starbreeze, replacing interim CEO Mats Juhl, who held the position since May 2024. Kristjansson has extensive experience in the gaming industry, having worked at Electronic Arts for over a decade and previously held roles at Tæknival / BT and GAME. He has also served on the boards of Silverfox and Thunderful Group. Kristjansson expressed enthusiasm for Starbreeze's projects, including an upcoming Dungeons & Dragons title and the expansion of the Payday franchise. Starbreeze chair Jürgen Goeldner welcomed Kristjansson and thanked Mats Juhl for his contributions as interim CEO.

AppWizard

March 13, 2025

Signal no longer cooperating with Ukraine on Russian cyber threats, official says

The encrypted messaging app Signal has stopped responding to inquiries from Ukrainian law enforcement about Russian cyber threats, raising concerns that this inaction is aiding Russian intelligence operations. Ukrainian officials, including Serhii Demediuk from the National Security and Defense Council, claim that Signal's lack of engagement is allowing Russian actors to exploit the app for espionage against Ukrainian military and government personnel. Ukraine had previously communicated with Signal about misuse, but the app has not addressed these issues. In contrast, Ukrainians are increasingly using Signal as a safer alternative to Telegram, which has faced scrutiny for potential exploitation by Russian intelligence. Meanwhile, U.S.-Ukraine cooperation has been affected by changes in American foreign policy, including a freeze on U.S. foreign aid and a temporary halt in intelligence sharing, impacting Ukraine's cyber capabilities.

AppWizard

March 6, 2025

BadBox Malware from Google Play Hacked 50,000+ Android Devices Using 24 Apps

HUMAN Security’s Satori Threat Intelligence team has identified a malware operation called “BADBOX 2.0,” which has compromised over 50,000 Android devices through 24 deceptive applications. This operation is an escalation from the original BADBOX campaign detected in 2023. The malware primarily targets low-cost, off-brand Android Open Source Project devices, including TV boxes, tablets, digital projectors, and vehicle infotainment systems. A backdoor named “BB2DOOR” provides threat actors with persistent access to the compromised systems. Four groups of threat actors—SalesTracker Group, MoYu Group, Lemon Group, and LongTV—are involved, using shared infrastructure for various fraud schemes. The malicious applications mimic legitimate apps in the Google Play Store, generating up to 5 billion fraudulent ad requests weekly. In response, Google has enhanced its protections, including blocking BADBOX behavior during app installation and terminating associated publisher accounts. Infected devices were found to be uncertified Android Open Source Project devices from China. Users are advised to verify certification and avoid unofficial app sources.

Winsage

February 18, 2025

Earth Preta APT Exploit Microsoft Utility Tool to Control Windows

Researchers from Trend Micro's Threat Hunting team have identified a cyberattack campaign by the APT group Earth Preta, targeting government entities in the Asia-Pacific region, including Taiwan, Vietnam, Malaysia, and Thailand. The group uses spear-phishing emails and advanced malware to compromise Windows systems, notably employing the Microsoft Application Virtualization Injector (MAVInject.exe) to inject malicious payloads into legitimate processes. The attack typically begins with a malicious file, IRSetup.exe, which drops both legitimate and malicious files onto the system, often accompanied by a decoy PDF posing as an official document. Earth Preta utilizes a modified variant of the TONESHELL backdoor malware, sideloaded using OriginLegacyCLI.exe and a malicious DLL, EACore.dll. This malware communicates with a command-and-control server for data exfiltration and remote operations, offering capabilities such as reverse shell access, file deletion, and persistent storage of victim identifiers. The malware adapts its behavior based on the presence of ESET antivirus software, using different techniques for code injection. Trend Micro attributes this campaign to Earth Preta with medium confidence, noting that the group has compromised over 200 victims since at least 2022, primarily focusing on government entities and using phishing as the initial attack vector.