cyber threats Archives

AppWizard

August 4, 2025

Over 11,000 Android devices hit by fake login RAT hidden in Meta Ads and fake Google Play store

A campaign has infected over 11,000 Android devices with a new variant of the PlayPraetor remote access trojan (RAT), identified by cybersecurity experts from Cleafy. The malware spreads through deceptive Google Play Store pages promoted via Meta Ads and SMS campaigns. Once installed, PlayPraetor can log keystrokes, steal credentials, and monitor the clipboard. Researchers have identified at least five distinct variants of PlayPraetor, including "Phantom" and "Phish."

Tech Optimizer

August 2, 2025

Gamers at risk as scammers are using malware-infected cheats and mods to steal passwords and crypto — here’s how to stay safe

Recent research from Dr.Web has identified a malware family called Trojan.Scavenger that targets Windows users by disguising itself as game performance boosters or enhancements. This malware exploits vulnerabilities in games like Grand Theft Auto 5 and Oblivion Remastered, typically arriving as modified dynamic libraries with extensions like .ASI. When installed, it can automatically load if the game does not validate its libraries properly. Once activated, it connects to a command-and-control server using encrypted communication and can deploy additional trojans that infiltrate Chromium-based browsers, disrupting their security features and replacing legitimate extensions with malicious ones. This puts applications at risk, including crypto wallets like MetaMask and Phantom, and password managers like Bitwarden and LastPass, as the malware captures sensitive information and sends it to attackers. Exodus wallet is also targeted, with the malware extracting critical JSON entries for private key generation. To mitigate these risks, users are advised to avoid downloading unofficial content from unverified sources, keep antivirus software updated, manage social media interactions carefully, and verify file paths and digital signatures.

Tech Optimizer

July 31, 2025

Mac Antivirus Battle: Independent Tests Crown Avast Best Protection Against Rising Malware Threats

Software Experts has recognized Avast Premium Security and Avast Ultimate as top malware protection solutions for Mac users. This acknowledgment comes amid rising cybersecurity threats targeting Apple devices. Avast is known for its comprehensive digital protection, offering antivirus, privacy, and performance tools. Despite macOS's built-in security features, experts recommend third-party protection due to increasing cyber threats. In its 2025 analysis, Software Experts evaluated Avast's performance in malware protection, usability, real-world effectiveness, and feature set, with Avast excelling in all areas. Avast Premium Security includes defenses against viruses, spyware, ransomware, and phishing threats, featuring real-time malware detection and alerts for insecure Wi-Fi networks. The newly introduced Scam Guardian Pro enhances protection against online scams with AI-driven tools. Avast Ultimate extends its offerings to a multi-device solution, including a VPN, device performance optimizer, and anti-tracking tool. In 2024, AV-Test awarded Avast the Best macOS Security Award for Consumer Users, and AV-Comparatives recognized it as a Top-Rated Product in 2023. Avast's Ransomware Shield protects personal files from unauthorized modifications, and both products are available as single-device or multi-device subscriptions. Avast's Stay Safe Virus Guarantee provides virus removal support and a refund if malware cannot be eliminated. The review emphasizes the need for reliable cybersecurity software as online threats evolve, highlighting Avast's combination of antivirus protection, privacy tools, and device optimization.

Tech Optimizer

July 30, 2025

Computer virus prevention: Best protection guide 2025

Cyber threats have evolved significantly in the past five years, introducing AI-driven phishing attacks, fileless malware, and rapid ransomware attacks. Traditional antivirus software is struggling against these advanced threats. Effective strategies for computer security in 2025 include reinforcing systems, implementing robust network defenses, and selecting appropriate security tools. NinjaOne and AnyDesk are highlighted as leading security solutions. NinjaOne focuses on endpoint management and monitoring, featuring built-in BitDefender antivirus and real-time monitoring, while AnyDesk provides secure remote desktop access with military-grade encryption and session recording. Computer virus prevention involves addressing vulnerabilities in system configuration, network defenses, user habits, and outdated software. Key practices include disabling unnecessary services, configuring firewalls, educating users about phishing, and ensuring timely software updates. NinjaOne offers proactive malware protection through behavioral monitoring, automated updates, and instant remote intervention. Pricing starts as low as [openai_gpt model="gpt-4o-mini" prompt="Summarize the content and extract only the fact described in the text bellow. The summary shall NOT include a title, introduction and conclusion. Text: You are now confronted with cyber threats that were virtually unheard of just five years ago. The landscape has evolved dramatically, introducing AI-driven phishing attacks, fileless malware that exists solely in memory, and ransomware capable of encrypting entire networks in mere moments. This raises an important question: how effective are your five-year-old security measures in this new environment? Traditional antivirus software, once a staple of computer security, now struggles against these advanced cyber threats. Fortunately, there are effective strategies to bolster your defenses and safeguard your systems. Today, we’ll explore how to prevent viruses and malicious code using strategies that are relevant for 2025. You will learn how to reinforce your systems, implement robust network defenses, and select computer security tools that can intercept threats before they can execute. Quick Snapshot: Top Computer Security Solutions for 2025 Among the leading solutions, both NinjaOne and AnyDesk play pivotal roles in enhancing your computer security defenses, albeit in different ways. Here’s a comparative look: NinjaOne AnyDesk Primary Function Endpoint management & monitoring Secure remote desktop access Best For IT teams managing multiple devices Remote support & work-from-home security Malware Protection Built-in BitDefender antivirus, behavioral detection Prevents malware transmission during remote sessions Key Security Features Real-time monitoring, automated patching, USB blocking Military-grade encryption, whitelist access, session recording Starting Price Custom pricing (as low as .50/month for 10,000 endpoints) Free for personal use, €22.90/month for business Free Trial 14 days with full features Free version available, paid plans billed annually Understanding Computer Virus Prevention & System Hardening Computer virus prevention begins with recognizing that malware exploits vulnerabilities in four critical areas: system configuration, network defenses, user habits, and outdated software. System hardening involves proactively closing these security gaps before they can be exploited. Start by disabling unnecessary services and ports. Each running service represents a potential entry point for malware. Turn off file sharing when it’s not needed, disable remote desktop access unless actively in use, and restrict administrator rights from daily user accounts. Next, focus on your network. Configure your firewall to block all incoming connections except those you specifically allow. Employ DNS filtering to prevent access to known malicious sites. Segment your network to contain breaches and enable WPA3 encryption on your Wi-Fi, while also changing default passwords on all network devices. After adjusting device settings, it’s time to modify risky user habits. Educate yourself and your team to recognize phishing attempts. Avoid opening unexpected attachments, even from known contacts, as their accounts may have been compromised. Always verify suspicious requests through a different communication channel. Lastly, ensure that you update your software. Regular updates patch security vulnerabilities that could be exploited by spyware and other threats. Enable automatic updates for your operating system and browsers, and update all software within 48 hours of patch releases, as attackers often target unpatched systems immediately after vulnerabilities become public. NinjaOne: Enterprise-Grade Malware Protection NinjaOne adopts a proactive stance on malware protection, shifting the focus from reactive measures to continuous monitoring of your IT infrastructure. Unlike traditional methods that rely on signature-based detection, NinjaOne employs behavioral monitoring to identify unusual activity patterns indicative of a compromise. Main features of NinjaOne Real-time antivirus protection: Integrated antivirus software powered by BitDefender scans continuously without hindering system performance. Automated software updates: Critical security updates are executed automatically, thwarting attackers before they can exploit vulnerabilities. Comprehensive dashboard: Monitor every device in real-time from a single interface, including running processes and active network connections, while detecting file encryption that signals ransomware attacks. Instant remote intervention: Quickly connect to infected machines to terminate malicious processes and restore normal operations within minutes. Automated security enforcement: Implement computer security standards across all devices, block USB ports to prevent spyware introduction, restrict unauthorized software execution, and quarantine suspicious devices. NinjaOne pricing NinjaOne offers custom pricing tailored to your needs, starting as low as .50 per month for 10,000 endpoints, with rates increasing up to .75 for 50 or fewer endpoints. Pricing may vary based on region and specific requirements. The platform also provides a 14-day free trial with full access to all features, allowing you to evaluate NinjaOne firsthand. Demos are available, but a money-back guarantee is not offered. AnyDesk: Secure Remote Access Without Compromising Security AnyDesk excels in providing secure remote desktop access without introducing new vulnerabilities to your computer security defenses. Utilizing military-grade encryption and stringent authentication protocols, AnyDesk ensures that remote sessions remain secure. Best features of AnyDesk TLS 1.2 encryption: All remote connections employ bank-level encryption, preventing unauthorized intervention and data modification during transmission. Whitelist-only access: Configure AnyDesk to accept connections only from pre-approved device IDs, effectively blocking unauthorized access attempts. Specific access levels can also be granted for each session, minimizing potential damage from compromised accounts. Session recording: AnyDesk’s built-in screen recording tool enables documentation of all remote activities for security audits and compliance, aiding in the detection of suspicious behavior patterns. No cloud relay option: Direct peer-to-peer connections eliminate reliance on cloud servers, reducing the attack surface for sensitive operations. AnyDesk Pricing AnyDesk offers a tiered pricing structure, including a free option. The free tier is limited to one device and includes basic features, making it ideal for personal use or initial testing. The first paid tier starts at .90 per month, covering one licensed user and one outgoing session, with support for up to 100 unattended devices. Pricing can reach as high as .90 per month for 100 users and 1,000 unattended devices, along with additional features such as CLI, mass deployment (MSI), and phone support. For more extensive needs, custom subscriptions can be arranged through customer support. Choosing the Right Anti-Virus Software Modern antivirus solutions must encompass capabilities that were not available when Norton Antivirus first debuted in 1991. Today’s threats are adept at hiding in memory, encrypting files for ransom, and pilfering credentials without triggering conventional virus scans. Effective virus protection now requires a combination of multiple detection methods: signature matching for known threats, behavioral analysis for zero-day attacks, and cloud intelligence that shares threat data globally in real-time. To ensure comprehensive protection, seek antivirus software that includes web protection to block malicious sites before they load, email scanning to catch phishing attempts and infected attachments, and ransomware protection that monitors file changes to thwart encryption attacks. A robust computer security software package should also feature a firewall, password manager, and VPN. Performance impact is a critical consideration; some products can significantly slow down your system, while others operate seamlessly in the background. What are the most dangerous types of viruses in 2025? The most destructive types of malware in 2025 extend far beyond traditional computer viruses that merely replicate themselves. Today’s threats are engineered to steal money, dismantle businesses, and compromise national infrastructure. Ransomware: This is arguably the most financially devastating threat. Ransomware attacks steal data, encrypt files, and threaten to publish sensitive information unless a ransom is paid. Recovery costs average million per incident, according to IBM's 2024 security report, excluding downtime and reputational damage. Fileless malware: This type of malware resides in your computer's memory, leaving no trace and evading traditional antivirus scans that search for malicious files. Info-stealers: These stealthy programs monitor your activities and harvest sensitive information, such as passwords and cryptocurrency wallet details, while remaining undetected. AI-powered malware: The latest threat category employs machine learning to evade detection, tailor attacks for specific targets, and autonomously generate new malicious code. They adapt their tactics in real-time, making them exceptionally challenging to combat with conventional protection methods." max_tokens="3500" temperature="0.3" top_p="1.0" best_of="1" presence_penalty="0.1" frequency_penalty="frequency_penalty"].50 per month for 10,000 endpoints, with a 14-day free trial available. AnyDesk uses TLS 1.2 encryption for secure remote connections and allows whitelist-only access. Its pricing includes a free tier for personal use and starts at .90 per month for business use. Modern antivirus solutions must combine signature matching, behavioral analysis, and cloud intelligence to combat sophisticated threats. Effective antivirus software should also include web protection, email scanning, and ransomware protection. The most dangerous types of malware in 2025 include ransomware, fileless malware, info-stealers, and AI-powered malware, which are designed to steal money, dismantle businesses, and compromise infrastructure. Ransomware recovery costs average over million per incident, excluding downtime and reputational damage.

Tech Optimizer

July 30, 2025

New Malware Targets Crypto Users with Fake Ads, Steals Keys

A new strain of malware is targeting cryptocurrency enthusiasts through deceptive online advertisements that mimic legitimate promotions for crypto wallets and trading platforms. This malware, described as a multi-stage infostealer, begins with an ad redirect that prompts users to download a fake update or extension. Once installed, it monitors clipboard activity to copy and alter cryptocurrency addresses, redirecting funds to attackers' wallets. The malware can evade detection by many antivirus solutions and is often hosted on platforms like GitHub disguised as open-source tools. Victims may not realize they have been compromised until their funds are stolen. Experts recommend using ad blockers, verifying URLs, utilizing hardware wallets, keeping software updated, and employing multi-factor authentication as protective measures. Regular system scans with advanced tools like Malwarebytes and training for employees on malvertising risks are also advised for enterprises.

Tech Optimizer

July 29, 2025

Surfshark One Review

Surfshark has launched Surfshark One, a comprehensive security suite that includes a VPN, antivirus software, a data leak detection system, and a private search engine. Surfshark One features over 3,200 servers in 100 countries, military-grade encryption, a no-logs policy, and a kill switch. The antivirus component offers real-time protection and was awarded 'Top Product' by AV-TEST in June 2024 for a 100% detection rate against advanced malware. Surfshark Alert notifies users of data breaches involving sensitive information, while Surfshark Search provides an ad-free, private browsing experience. Users can choose from various plans, with competitive pricing and a seven-day free trial available. The interface is user-friendly and supports multiple devices, allowing protection for up to five devices per account. The antivirus continuously monitors devices, and users can conduct on-demand scans or schedule them. Surfshark's VPN offers features like NoBorders mode, Dynamic MultiHop, and a built-in speed test. Additional features include the Alternative ID for managing online personas and the option for a dedicated IP address for an extra fee. However, some features like a password manager and parental controls are not included.

AppWizard

July 29, 2025

ANDROID MALWARE POSING AS INDIAN BANK APPS

The report discusses a sophisticated Android malware targeting users in India, which disguises itself as legitimate banking applications to steal credentials and conduct unauthorized financial activities. The malware employs advanced techniques such as silent installation, exploitation of Android permissions, and remote command execution to avoid detection. It utilizes Firebase for command-and-control operations and phishing pages that mimic real banking interfaces. The malware consists of a modular architecture with a dropper and a main payload. The dropper requests several Android permissions, including ACCESSNETWORKSTATE, REQUESTINSTALLPACKAGES, and QUERYALLPACKAGES, which facilitate reconnaissance and persistence. The dropper uses a silent installation mechanism to load additional payloads without user awareness. The main payload requests permissions that enable data theft and stealthy operation, such as READSMS, SENDSMS, and RECEIVEBOOTCOMPLETED. It hides itself from the user's app list and employs separate classes for specific malicious tasks, including harvesting user credentials and collecting debit card information. The phishing page mimics a legitimate banking app to capture user data effectively. The malware also monitors incoming SMS messages, extracts critical metadata, and can silently forward calls to an attacker-controlled number. A specific APK sample impersonating an Indian banking application was observed on April 3, 2025, highlighting ongoing trends in mobile-based credential theft and financial fraud. Recommendations include enforcing stricter mobile application security standards, launching public awareness campaigns, implementing threat intelligence-driven filtering, and deploying mobile endpoint detection solutions.

Winsage

July 28, 2025

AdGuard joins the Windows Recall backlash party — “Leaving backdoors wide open and hoping Microsoft will always act in good faith isn’t a solid privacy strategy”

Windows Recall is a feature from Microsoft that has faced criticism for being a potential security hazard and a public relations misstep. It was introduced with the 24H2 release, which included advanced AI functionalities. The feature relies on a neural processing unit (NPU) that operates independently of the cloud to emphasize privacy and security. In April 2025, Windows Recall became widely available for Copilot+ PCs, with security measures like isolating it within a "VBS Enclave" to protect sensitive data. However, skepticism remains, leading platforms like Signal and Brave to implement their own protective measures against Windows Recall. Signal has introduced a feature to prevent Windows Recall from capturing snapshots of its app, while Brave blocks Windows Recall by default for all its browser windows. AdGuard has also released an update to enhance user privacy by allowing users to disable Windows Recall on Copilot+ PCs, expressing doubts about the effectiveness of Microsoft's security measures.

Tech Optimizer

July 26, 2025

The best Android antivirus apps of 2025: Expert tested

Cyber threats targeting smartphones have evolved to include sophisticated malware and ransomware, with Android being particularly vulnerable to cyberattacks compared to iOS. Google recommends downloading apps only from the official Play Store, but some malicious applications can bypass these security measures. To protect Android devices from malware, investing in a reliable antivirus app is essential. Bitdefender Mobile Security is currently the top-rated Android antivirus app with a 4.7-star rating on Google Play, offering features like real-time web protection and app scanning. A free version is available, but a subscription is required for enhanced features. Sophos Intercept X for Mobile is a commendable free option with a 3.9-star rating, providing threat scanning and app protection. Other notable antivirus apps include Avast Security and Virus Cleaner, which has a 4.6-star rating and features a web shield and junk removal, and Malwarebytes Mobile Security, also rated 4.6 stars, known for its quick scans and digital footprint service. Norton360, with a 4.6-star rating, offers a comprehensive suite of features including antivirus scanning and a VPN. The best Android antivirus apps of 2025 include: - Bitdefender Mobile Security: Free, per year, 4.7 stars, 448K reviews - Sophos Intercept X: Free, 4.1 stars, 47.1K reviews - Avast: Ad-supported free, 4.6 stars, 7.34M reviews - Malwarebytes: Free, per year, 4.6 stars, 423K reviews - Norton360: Paid plans, 4.6 stars, 1.92M reviews The mobile malware landscape has reportedly increased by 151% since the beginning of 2025, with Google taking legal action against the BadBox 2.0 botnet targeting IoT devices, including Android. A new malware variant named ClickFix is also emerging, affecting macOS, Android, and iOS platforms. Relying solely on built-in protection and the Google Play Store is not advisable; a reputable antivirus app is recommended for additional security.

Winsage

July 22, 2025

Saying no to Windows 11 just got easier – Operese automatically transfers your Windows 10 files and settings to Linux

Microsoft will end support for Windows 10 on October 14, 2025, affecting over 200 million devices. A student developer, TechnoPorg, has created a free migration tool called Operese to facilitate the transition from Windows 10 to Linux. Operese translates a Windows 10 installation into a Linux setup, preserving data, settings, and applications as much as possible. It uses a customized version of Kubuntu to provide a user-friendly experience. While the tool is still in development and may not support all applications, it aims to offer a smooth migration process. Linux distributions, such as Kubuntu, are compatible with older hardware and provide enhanced privacy and security compared to Windows. TechnoPorg plans to open-source Operese once it is more stable and documented.