cybersecurity firm Archives

AppWizard

July 8, 2025

Call of Duty takes PC game offline after multiple reports of RCE attacks on players

Call of Duty has temporarily taken its PC games offline due to reports of remote code execution (RCE) attacks that have compromised players' computers. The developers are investigating the issue. Players have shared videos of their systems being hacked during gameplay, with incidents including game freezes and unauthorized command executions. The vulnerability is linked to the shift from dedicated servers to peer-to-peer networking, which has made older games more susceptible to attacks. MalwareBytes has noted that this issue has become well-known in the community, leading many to avoid these titles. Previous vulnerabilities allowing RCE through the Steam platform were identified six years ago. The official Call of Duty X account has not provided updates on the investigation or the status of the games.

AppWizard

June 29, 2025

Hackers Spying on Android Phones in Real Time, Targeting 500+ Bank, Crypto and Payment Apps To Steal Sensitive Data: Cybersecurity Firm

A new version of banking malware is targeting Android devices, allowing cybercriminals to capture login credentials and manipulate banking applications in real time. This malware uses an advanced virtualization technique to hijack legitimate banking apps by installing a malicious host application that creates a controlled sandbox environment for the targeted app. Users are redirected to this virtualized instance, where their actions are monitored and manipulated, enabling the interception of sensitive information. The malware targets nearly 500 financial applications globally, including major banks in North America, the UK, Canada, and Europe, as well as cryptocurrency wallets and digital payment platforms.

Winsage

June 26, 2025

Microsoft says goodbye to the Windows blue screen of death

Microsoft has announced the retirement of the "blue screen of death" in favor of a new black screen for Windows 11 24H2 devices, set to debut this summer. This change aims to streamline the restart experience and reduce downtime during unexpected interruptions to two seconds for most users. The blue screen has been part of Windows since the early 1990s, and the transition is part of a broader initiative to minimize disruptions.

AppWizard

June 24, 2025

Is your Android phone safe? ‘Godfather’ malware targets 500 Android apps

Cybersecurity firm Zimperium has reported a new variant of the Godfather malware targeting around 500 Android applications, mainly in banking, cryptocurrency, and e-commerce sectors. This version uses virtual spoofing to create deceptive replicas of the user's phone environment, misleading users and security measures. The malware installs a malicious "host" app that scans for banking applications and downloads counterfeit versions that operate in a concealed virtual space. When users access their banking apps, they interact with these fraudulent versions, which record sensitive information such as PINs, passwords, and two-factor authentication codes. It can also remotely control devices, execute money transfers, and exfiltrate confidential data. Most affected applications are based in Turkey, but the malware has the potential to spread globally.

AppWizard

June 22, 2025

Minecraft players target of online criminals posing as coders, why it’s a big concern and how can gamers stay safe

The gaming community surrounding Minecraft is facing a threat from cybercriminals posing as game developers, who are deploying malware to extract sensitive information from users. Investigations by Check Point have identified two malware strains linked to Russian criminal organizations on GitHub. The malware targets data from bank accounts, cryptocurrency wallets, and web browsers, with evidence suggesting involvement of Russian-speaking threat actors. Graeme Stewart from Check Point compared the tactics of these cybercriminals to organized retail theft, emphasizing their focus on financial gain. The malware is triggered when users download malicious code disguised as game modifications, leading to the theft of personal information from approximately 1 million players who engage in game modifications. To stay safe, gamers are advised to use strong passwords, update software, monitor account activity, limit personal information shared online, avoid public Wi-Fi, back up account information, and download games from reputable sources.

AppWizard

June 20, 2025

Mobile banking users beware – “Godfather” malware is now hijacking official bank apps

Zimperium has identified a new version of the Godfather malware targeting Android users in Turkey, which creates virtualized replicas of legitimate banking applications to deceive users. This malware can exfiltrate sensitive information such as login credentials, PIN codes, and unlock patterns, posing a significant risk to individuals who may mistakenly believe they are using legitimate services.

Tech Optimizer

June 13, 2025

‘BrowserVenom’ Windows Malware Preys on Users Looking to Run DeepSeek AI

A new strain of Windows malware called "BrowserVenom" is exploiting interest in DeepSeek's AI models by targeting users through deceptive Google ads. These ads lead to a counterfeit website, "https[:]//deepseek-platform[.]com," where users are tricked into downloading a harmful file named “AILauncher1.21.exe.” This malware monitors and manipulates internet traffic, allowing attackers to intercept sensitive data. The operation is believed to involve Russian-speaking threat actors, and the malware has infected users in several countries, including Brazil, Cuba, Mexico, India, Nepal, South Africa, and Egypt. The fraudulent domain has been suspended, but the malware can evade many antivirus solutions. Users are advised to verify official domains when downloading software.

Tech Optimizer

May 24, 2025

Arms Cyber Expands Ransomware Protection to macOS Devices

Apple devices, previously considered largely immune to cyber threats, are experiencing a rise in ransomware attacks targeting macOS, as reported by cybersecurity firm Black Fog. This shift is attributed to the increasing popularity of Apple devices and evolving ransomware tactics. Notable ransomware incidents include EvilQuest and MacRansom, with new threats like NotLockBit and FrigidStealer emerging. In response, Arms Cyber has begun offering ransomware protection for macOS, becoming the first firm to provide comprehensive protection across Windows, Linux, and macOS. Their solutions include real-time file entropy analysis, Steal Archival technology for rapid recovery, and Automated Moving Target Defense (AMTD) to thwart attacks. The growing use of Mac devices in critical sectors highlights the need for enhanced security measures, as attackers see opportunities in less protected systems. Managed Security Service Providers (MSSPs) are also being equipped with these protections to strengthen defenses against ransomware.

Tech Optimizer

May 20, 2025

Bitcoin stealer malware found in official printer drivers

Procolored, a printer manufacturer based in Shenzhen, has been accused of distributing malware designed to steal Bitcoin through its printer drivers. The malware, embedded in USB drivers, has reportedly stolen approximately 9.3 BTC, valued at over 3,000. A backdoor program in the compromised drivers can hijack wallet addresses copied to the clipboard. Users are advised to conduct system scans and consider a complete system reset. The issue was first highlighted by YouTuber Cameron Coward, whose antivirus software flagged the malware. Procolored denied the allegations but later acknowledged the problem, stating they removed the infected drivers and attributed the malware to a supply chain compromise. Cybersecurity firm G-Data confirmed the presence of two types of malware in the drivers.

AppWizard

May 8, 2025

Signal clone used by Trump team hacked, GlobalX flight data leaked

The messaging app TeleMessage, used by President Donald Trump’s national security advisor, has been suspended due to a reported security breach, raising concerns about the security of sensitive government communications. The app, a modified version of Signal, was halted after a hacker accessed message contents from its customized versions, although the communications of national security advisor Mike Waltz were reportedly not affected. TeleMessage's suspension follows a statement from its parent company, Smarsh, confirming an investigation into the security incident. Despite President Trump's criticism of Signal, the White House continues to defend it, highlighting its pre-installation on government devices. Concerns about privacy protections arise from TeleMessage's archiving features, which may compromise Signal's end-to-end encryption. Additionally, GlobalX, the airline involved in Trump’s deportation flights, experienced a hacking incident, resulting in the exposure of flight records and passenger lists.