data Archives

AppWizard

April 21, 2026

Trojanized Android App Fuels New Wave of NFC Fraud

A new variant of the NGate malware family has emerged, using a trojanized Android application to capture payment card data and personal identification numbers (PINs). This modified version of HandyPay, a legitimate NFC relay app, has been distributed since November 2025, primarily targeting users in Brazil. The malware intercepts NFC payment card data and allows fraudulent transactions. Two distinct malware samples have been observed, delivered through phishing infrastructure that impersonates a Brazilian lottery site and a Google Play listing for a card protection tool. The trojanized app captures NFC data, requests the victim's card PIN, and transmits this information to attacker-controlled infrastructure. It requires minimal permissions, leveraging its role as the default payment application to evade detection. Evidence suggests that generative AI tools may have been used in its development, indicated by emoji markers in debug logs. ESET has reported its findings to Google, and Google Play Protect can detect known versions of the malware. The developer of HandyPay is investigating the misuse of its application.

Tech Optimizer

April 21, 2026

Gen Digital Inc stock (US36870C1018): Is its cybersecurity moat strong enough for steady investor re

Gen Digital Inc operates a consumer-focused cybersecurity model centered on subscription-based protection services, including antivirus, VPNs, and identity theft protection. The company generates predictable revenue through auto-renewals, with over 90% of customers renewing annually. Its business model scales with internet penetration and focuses on individual users rather than enterprise contracts. Gen Digital emphasizes organic growth through product innovation and geographic expansion, with key growth drivers including the increase of connected devices and cloud-based delivery. The product portfolio features tiered subscription plans, catering to diverse consumer needs, and the company maintains a competitive position through superior detection rates and customer support. Gen Digital's primary markets are North America and Europe, with emerging opportunities in Latin America and Asia. Analysts view the subscription model favorably for its resilience and cash flow generation, while risks include competition from free tools and regulatory changes. Upcoming earnings will provide insights into subscriber trends and pricing power.

Tech Optimizer

April 21, 2026

Do You Need a Third-Party Antivirus for Windows 11? Here’s What Microsoft Says

Microsoft states that the built-in security features of Windows 11 are adequate for most users, suggesting that third-party antivirus solutions may not be necessary. However, there are scenarios where third-party antivirus software can be beneficial, especially due to recent vulnerabilities in Defender. Independent testing organizations have rated Defender highly, with AV-Test placing it among the top antivirus solutions and AV-Comparatives awarding it the Advanced+ badge. Microsoft emphasizes that Defender runs continuously as part of Windows and receives updates through Windows Update, ensuring automatic protection. The company advises that additional security software may be useful for users managing multiple devices or seeking specific features like identity monitoring or parental controls. Safe computing habits are also recommended to enhance security.

Tech Optimizer

April 21, 2026

Safeguarding Against the Personal Attack Chain in the Age of “Always On” Connectivity

The cybersecurity industry has focused on protecting corporate perimeters, but cybercriminals are increasingly targeting executives and their families, exploiting personal vulnerabilities. Executives are twelve times more likely to be targeted than average employees, with over half experiencing personal breaches. The Personal Attack Chain is a multi-stage process where attackers exploit an executive's personal digital footprint to gain access to corporate resources. The stages include reconnaissance, intrusion, lateral movement, and action on objectives. Reactive security measures are insufficient; proactive intelligence is necessary to identify threats before they reach organizations. Home security is often compromised by vendors, and travel increases vulnerability. Digital Executive Protection (DEP) is becoming essential for safeguarding executives and their families, balancing privacy, convenience, and security. Effective strategies include minimizing digital footprints, safeguarding devices and networks, providing identity theft protection, and educating executives on online safety. Personal cybersecurity is now a corporate imperative, requiring a holistic approach to protect individuals and organizations alike.

Winsage

April 21, 2026

Microsoft bundles Ookla Speedtest directly into new Windows devices

Microsoft has integrated Ookla Speedtest into the Windows operating system, allowing users to check their internet speed and ping without launching a web browser or downloading a separate application. This integration provides more reliable results by communicating directly with network hardware, which is beneficial for gamers and network enthusiasts. It simplifies troubleshooting by helping users quickly identify whether lag issues stem from their internet service provider, connection, or system. Additionally, it offers a standardized method for evaluating connection quality, particularly useful in remote work settings.

AppWizard

April 21, 2026

Europe is abandoning WhatsApp and Signal: Why governments are introducing their own messaging apps

European officials are transitioning from messaging platforms like WhatsApp and Signal to state-controlled applications to reduce reliance on US technologies. Six nations—France, Germany, Poland, the Netherlands, Luxembourg, and Belgium—are implementing secure messaging systems for sensitive communications. NATO has its own solution, and the European Commission plans to finalize its transition by year-end. This shift is driven by cybersecurity threats, particularly targeting politicians through popular apps, prompting advice to deactivate Signal groups to prevent data leaks. Belgium has developed the BEAM app, controlled by the state, for official use, offering features like end-to-end encryption and participant management. The localization trend is influenced by geopolitical dynamics and past incidents highlighting Europe’s dependence on foreign technology. Additionally, transparency issues have emerged, as reliance on private messaging services has obscured communications related to significant contracts, such as vaccine agreements.

Tech Optimizer

April 21, 2026

Best Free Antivirus 2026: Keep Your Devices Safe With These Free Tools

Many free antivirus services monetize user attention or data, and caution is advised when selecting these options. Recommended free antivirus tools should be free of ads or spyware. Trustworthy antivirus providers present clear privacy policies detailing data collection and sharing practices. Effective free antivirus tools offer real-time protection, on-demand malware scans, and user-friendly features. While free antivirus software is generally sufficient, paid options provide additional cybersecurity tools. The best free antivirus tools consume less than 5% of system resources, with active scans ideally not exceeding 40% CPU usage. Avast faced backlash for selling customer data to over 100 third parties and was fined million by the FTC in 2024. Kaspersky was banned in the U.S. in 2024 due to concerns about potential intelligence exploitation, and it cannot be recommended at this time.

AppWizard

April 21, 2026

NGate Android malware uses HandyPay NFC app to steal card data

A new variant of the NGate malware targets Android users by disguising itself within a trojanized version of the HandyPay app, which is a legitimate mobile payment processing application. This malware, documented since mid-2024, siphons payment card information through the mobile device's near-field communication (NFC) chip and sends the stolen data directly to attackers, who create virtual cards for unauthorized purchases or cash withdrawals from NFC-enabled ATMs. The new variant has been injected with malicious code into the HandyPay app, which has been available on Google Play since 2021. The code includes emojis, indicating the possible use of a generative AI tool in its development. The shift from previous iterations, which used an open-source tool named NFCGate, to HandyPay is likely motivated by financial considerations and the need for evasion, as HandyPay is more affordable and requires fewer permissions. This NGate variant has been active since November 2025, primarily targeting Android devices in Brazil. It employs two main distribution methods: a counterfeit app named “Proteção Cartão” hosted on a fraudulent Google Play page and a fake lottery website that redirects users to WhatsApp to download the malicious APK. Upon installation, the app prompts users to set it as their default NFC payment application, requests their card PIN, and instructs them to tap their card on the phone for reading, transmitting all collected information to an attacker's email address. To protect against such threats, Android users are advised to avoid downloading APKs from outside Google Play, disable NFC when not in use, and use Play Protect to scan for threats.

AppWizard

April 21, 2026

NGate NFC malware targets Android users through trojanized payment app

NFC-based payment fraud targeting Android users in Brazil has been linked to a campaign using a trojanized version of the HandyPay app, part of the NGate malware family, since November 2025. The malware is distributed through a counterfeit website mimicking a lottery and a fraudulent Google Play page. The operators chose HandyPay for its low cost and minimal permissions required. The malware requests users to set it as the default NFC payment app, allowing it to capture payment card PINs and relay NFC card data to attackers. ESET Research identified this campaign and discovered logs from compromised devices containing sensitive information. The trojanized app has never been on the official Google Play store, and ESET has notified Google and the HandyPay developer about the issue.

AppWizard

April 21, 2026

New NGate Android malware variant uses NFC app to steal card data

A new variant of the NGate Android malware exploits a legitimate NFC payment app, HandyPay, to steal users' card information and PINs, enabling unauthorized contactless transactions. This malicious version of HandyPay, which has been available since 2021, was identified by ESET researchers and is distributed through a fraudulent lottery website and a fake Google Play page. The malware captures sensitive information by prompting users to enter their payment card PIN and tap their card against the device, sending the data to an attacker-controlled phone and exfiltrating the PIN to a command-and-control server. The campaign employs social engineering tactics and requires minimal permissions, relying on users to enable app installations from unknown sources. The attackers use a centralized infrastructure for malware distribution and PIN collection, with evidence of compromised devices in Brazil. The shift to modifying a legitimate application is motivated by financial incentives, as it offers similar functionality at a lower cost compared to underground tools. Users are advised to avoid installing apps from unofficial sources and to ensure the legitimacy of applications before entering sensitive information.