cryptocurrency Archives

AppWizard

March 19, 2026

New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data

Cybersecurity researchers have identified a new family of Android malware called Perseus, designed for device takeovers and financial fraud. It utilizes Accessibility-based remote sessions for real-time monitoring and interaction with infected devices, particularly targeting Turkey and Italy. Perseus monitors user notes to extract personal or financial information and is distributed through dropper applications via phishing websites. It expands on the codebase of previous malware like Phoenix and employs disguises as IPTV services to reduce user suspicion. Once operational, it performs overlay attacks and captures keystrokes to steal credentials from financial applications. The malware allows operators to issue commands through a command-and-control panel, enabling various malicious actions, including capturing note content and initiating remote visual streams. Perseus also conducts environment checks to evade detection and ensure it operates on legitimate devices.

Tech Optimizer

March 19, 2026

How AI And Hacking Professionalism Are Overwhelming Endpoint Security

The digital landscape is transforming due to the professionalization of cybercrime, which is now a significant part of organized crime, second only to drug trafficking. Malware includes various types such as viruses, browser hijackers, password stealers, Trojans, botnet malware, and ransomware. Traditional antivirus solutions rely on signature-based detection, heuristic analysis, and behavior monitoring, but these methods can lead to false positives and negatives. The evolution of cybersecurity has seen the rise of "Ransomware-as-a-Service" (RaaS) and the use of polymorphic malware that changes its signature, making traditional defenses ineffective. Hackers are also using AI and machine learning to evade behavioral monitoring. New defense strategies include Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR), which focus on monitoring for breaches rather than preventing them. Leading vendors in this space include CrowdStrike, SentinelOne, Microsoft, and Palo Alto Networks. The zero trust security framework treats all access attempts as potentially hostile and emphasizes the integration of various security technologies. Emerging startups like FinalAV Security are developing zero trust solutions for consumers and small businesses, focusing on prevention rather than detection.

Tech Optimizer

March 16, 2026

What Is a Crypto Miner Virus?

A crypto miner virus, or cryptojacking malware, secretly uses a device’s CPU or GPU to mine cryptocurrency for an attacker, leading to increased electricity costs and potential hardware damage for the victim. It typically infects devices through phishing emails, pirated software, compromised websites, and malicious browser extensions. Monero is the preferred cryptocurrency for mining due to its efficiency on standard CPUs and privacy features. Signs of infection include overheating, high CPU usage, and increased electricity bills. Detection involves monitoring system performance and running antivirus scans. Prevention includes using antivirus software, keeping systems updated, and avoiding pirated software. Notable incidents include attacks on a European water utility and the Los Angeles Times website.

AppWizard

March 13, 2026

FBI Investigating After Malware Found Lurking in Steam PC Games

The FBI is investigating malware hidden in several video games on the Steam platform, targeting users from May 2024 to January 2026. The investigation includes games like BlockBlasters, Chemia, Dashverse, DashFPS, Lampy, Lunara, PirateFi, and Tokenova, with some previously removed from Steam for malicious content. Steam had over 132 million monthly active users and more than 117,000 games in 2025. The FBI is reaching out to affected gamers, ensuring victim confidentiality and potential eligibility for services under federal and state law. This incident is part of a broader trend of malware targeting gamers, with previous cases involving fan games and cheat software affecting millions of accounts.

AppWizard

March 13, 2026

Did a Steam Game Give Your PC Malware? The FBI Wants to Know

The FBI has launched an investigation into malware threats associated with PC games on Steam, particularly targeting users from May 2024 to January 2026. The games identified include BlockBlasters, Chemia, Dashverse/DashFPS, Lampy, Lunara, PirateFi, and Tokenova, all linked to malware incidents. For example, PirateFi was designed to steal browser cookies, Chemia updated itself with malicious software, and BlockBlasters was identified as a Trojan that siphoned cryptocurrency. The FBI's alert also mentions Lampy, which may harbor malware. Valve, the parent company of Steam, has not responded to inquiries but has warned users about the affected games. The investigation suggests a potential link to a single group or individual, with reports indicating that victims were lured through Telegram messages offering free game keys or job opportunities.

TrendTechie

March 12, 2026

Хакер уничтожил крупнейший французский торрент-трекер и обвинил владельцев в хранении данных кредитных карт миллионов пользователей

YggTorrent, a prominent French private torrent tracker launched in 2017, was reportedly destroyed by a hacker known as Gr0lum in early March, leaving 6.6 million users affected. Gr0lum accused the YggTorrent administration of engaging in DDoS attacks against competitors, purging dissenting uploaders, and sabotaging their own API. In 2025, YggTorrent introduced a Turbo subscription model that hampered downloads, leading to user criticism. Following its downfall, YggTorrent has made a tentative return as a countdown website, with the administration denying all allegations and asserting that databases and backups were not destroyed. The French piracy community remains skeptical of these claims.

AppWizard

March 12, 2026

Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets

Cybersecurity researchers have identified six new families of Android malware designed to extract sensitive data and facilitate financial fraud. Notable threats include: - PixRevolution: Targets Brazil's Pix payment platform, activates during Pix transfers, and uses real-time monitoring to intervene in transactions. Victims are tricked into installing malicious apps from counterfeit Google Play Store listings, which enable accessibility services for the malware to capture screens and overlay fake interfaces to reroute funds. - BeatBanker: Spreads through phishing attacks disguised as legitimate Google Play Store pages. It uses an inaudible audio loop for persistence, functions as a banking trojan, and includes a cryptocurrency miner. It creates deceptive overlays for platforms like Binance and Trust Wallet to divert funds and can monitor web browsers and execute remote commands. - TaxiSpy RAT: Exploits accessibility services to gather sensitive information such as SMS messages and call logs, targeting banking and cryptocurrency applications with overlays for credential theft. It employs advanced evasion techniques like native library encryption and real-time remote control. - Mirax: A private malware-as-a-service (MaaS) offering with a subscription model that provides tools for banking overlays and information gathering, including keystrokes and SMS. - Oblivion: Another Android RAT available at a competitive price, featuring capabilities to bypass security measures on various devices. - SURXRAT: Distributed through a Telegram-based MaaS ecosystem, it uses accessibility permissions for persistent control and communicates with a Firebase-based command-and-control infrastructure. Some samples incorporate a large language model component, indicating experimentation with AI by threat actors.

AppWizard

March 12, 2026

Meta Rolls Out Scam Warnings on Facebook, Messenger, and WhatsApp

Meta is implementing measures to combat scams on its platforms, including Facebook, Messenger, and WhatsApp, by using artificial intelligence and forming enforcement partnerships. Users will receive real-time alerts on Facebook for suspicious friend requests, and Messenger will enhance scam detection by analyzing conversation patterns. WhatsApp will notify users of unusual device-linking attempts to secure accounts. Meta has removed over 159 million scam ads and disabled 10.9 million fraudulent accounts, collaborating with law enforcement to disable more than 150,000 accounts and effect 21 arrests. The company plans to mandate advertiser verification for high-risk categories to reduce fraudulent ads and aims for verified advertisers to account for 90% of ad revenue. The success of these initiatives will be measured by reductions in reported losses and chargebacks.

AppWizard

March 11, 2026

New BeatBanker Android malware poses as Starlink app to hijack devices

A newly identified Android malware called BeatBanker disguises itself as a Starlink application on fake Google Play Store websites. It functions as a banking trojan and includes Monero mining capabilities, allowing it to steal credentials and manipulate cryptocurrency transactions. Researchers at Kaspersky traced BeatBanker to campaigns targeting users in Brazil. The latest version uses the BTMOB RAT for remote access, enabling keylogging, screen recording, camera access, GPS tracking, and credential capture. BeatBanker is distributed as an APK file that decrypts and loads hidden code into memory, conducting environment checks before activation. It presents a fake Play Store update screen to trick users into granting permissions for additional payloads. To avoid detection, it delays malicious operations and plays a nearly inaudible MP3 file to maintain persistent activity. The malware uses a modified version of the XMRig miner to mine Monero on Android devices, connecting to mining pools through encrypted TLS connections. It can start or stop mining based on device conditions and uses Firebase Cloud Messaging to relay device information to its command-and-control server. Currently, BeatBanker infections have only been observed in Brazil, but there are concerns about its potential spread. Users are advised to avoid side-loading APKs from untrusted sources and to review app permissions regularly.

AppWizard

March 2, 2026

Meta makes changes following a Solon man’s $1 million loss in scheme police say started on Facebook Messenger

A 63-year-old resident in Solon, Ohio, lost over a million dollars to a scammer posing as a cryptocurrency investment guru. The scam began with a friendly outreach on Facebook, which transitioned to WhatsApp for private conversations. Over several months, the victim was convinced to invest in what he thought was a legitimate opportunity. This incident reflects a broader trend, as the FBI reported that Ohioans aged 60 and older lost over a million to fraud in 2024. Meta Platforms is enhancing tools to detect and disrupt fraudulent activities on its platforms, including new warnings for screen sharing requests on WhatsApp. In the first half of 2025, Meta removed eight million accounts suspected of scams and shut down 21,000 pages impersonating legitimate businesses. Warning signs in the Solon case included initial contact from a stranger, a quick shift to cryptocurrency discussions, and unusually high promised returns.