domains Archives

Tech Optimizer

March 27, 2026

Bogus Avast website fakes virus scan, installs Venom Stealer instead

A deceptive website impersonating Avast antivirus tricks users into downloading Venom Stealer malware, which steals passwords, session cookies, and cryptocurrency wallet information. The site conducts a fake virus scan, falsely reporting threats to encourage users to download a malicious file named Avastsystemcleaner.exe. This file mimics legitimate software and operates stealthily, targeting web browsers to harvest credentials and session cookies. It also captures screenshots and sends stolen data to the command-and-control domain app-metrics-cdn[.]com via unencrypted HTTP. The malware employs evasion techniques to avoid detection and is part of a long-standing cybercrime tactic that exploits user trust in security software. Indicators of compromise include the file hash SHA-256: ecbeaa13921dbad8028d29534c3878503f45a82a09cf27857fa4335bd1c9286d, the domain app-metrics-cdn[.]com, and the network indicator 104.21.14.89.

AppWizard

March 25, 2026

Apple Maps may soon copy one of Google Maps’ more annoying features

Apple will introduce advertisements in Apple Maps search results in the US and Canada, featuring promoted listings at the top of results with a blue highlight. The ads will be privacy-focused, with no user data linked to accounts or shared externally. The Apple Business program will launch on April 14, 2026, allowing businesses to create and manage their listings on Apple Maps and run advertisements through the platform.

BetaBeacon

March 19, 2026

Best Mobile RPG Games 2026: Quest for Glory in Android RPG Realms And iPhone

The most popular mobile RPG games in 2026 are "Genshin Impact" and "Honkai: Star Rail," which dominate the app store charts and offer deep stories, smooth controls, and regular updates on Android and iPhone.

Tech Optimizer

March 19, 2026

How AI And Hacking Professionalism Are Overwhelming Endpoint Security

The digital landscape is transforming due to the professionalization of cybercrime, which is now a significant part of organized crime, second only to drug trafficking. Malware includes various types such as viruses, browser hijackers, password stealers, Trojans, botnet malware, and ransomware. Traditional antivirus solutions rely on signature-based detection, heuristic analysis, and behavior monitoring, but these methods can lead to false positives and negatives. The evolution of cybersecurity has seen the rise of "Ransomware-as-a-Service" (RaaS) and the use of polymorphic malware that changes its signature, making traditional defenses ineffective. Hackers are also using AI and machine learning to evade behavioral monitoring. New defense strategies include Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR), which focus on monitoring for breaches rather than preventing them. Leading vendors in this space include CrowdStrike, SentinelOne, Microsoft, and Palo Alto Networks. The zero trust security framework treats all access attempts as potentially hostile and emphasizes the integration of various security technologies. Emerging startups like FinalAV Security are developing zero trust solutions for consumers and small businesses, focusing on prevention rather than detection.

TrendTechie

March 12, 2026

Anna’s Archive выложили на торренты 6,4 ТБ музыки из Spotify — это лишь малая часть всего архива

The Anna’s Archive project has released approximately 2.8 million audio files, totaling around 6.4 terabytes, from Spotify's database. The files are distributed through 47 torrent distributions and include music, individual releases, and metadata. The initial release features the least popular tracks, labeled as "pop_0," and contains embedded metadata such as track, album, artist, label, and publisher information. Anna’s Archive aims to preserve music and plans to publish more files in phases. Spotify has responded by disabling accounts involved in illegal scraping and has filed a lawsuit against the operators of Anna’s Archive, claiming damages in the trillions for copyright infringement. Some domains associated with Anna’s Archive have been disabled through court orders, prompting the service to consider relocating its infrastructure. Maintaining the full estimated catalog of 300 terabytes may require two to three times more storage space, potentially needing around 50 hard drives of 18 to 20 terabytes each.

AppWizard

March 12, 2026

Meta Rolls Out Scam Warnings on Facebook, Messenger, and WhatsApp

Meta is implementing measures to combat scams on its platforms, including Facebook, Messenger, and WhatsApp, by using artificial intelligence and forming enforcement partnerships. Users will receive real-time alerts on Facebook for suspicious friend requests, and Messenger will enhance scam detection by analyzing conversation patterns. WhatsApp will notify users of unusual device-linking attempts to secure accounts. Meta has removed over 159 million scam ads and disabled 10.9 million fraudulent accounts, collaborating with law enforcement to disable more than 150,000 accounts and effect 21 arrests. The company plans to mandate advertiser verification for high-risk categories to reduce fraudulent ads and aims for verified advertisers to account for 90% of ad revenue. The success of these initiatives will be measured by reductions in reported losses and chargebacks.

AppWizard

March 11, 2026

How Advanced Browsing Protection Works in Messenger

Advanced Browsing Protection (ABP) in Messenger enhances user privacy by warning users about potentially harmful links shared in end-to-end encrypted communications. It analyzes links using on-device models and a dynamic watchlist of millions of potentially malicious sites, utilizing cryptographic techniques to maintain user privacy. ABP is based on a cryptographic primitive called private information retrieval (PIR), which minimizes the information a server learns from client queries. The system also employs oblivious pseudorandom functions (OPRFs) and manages URL queries through a privacy-preserving URL-matching scheme. The server groups links by domain, allowing clients to request a single bucket for domain-specific path components, and generates a ruleset to balance bucket sizes. To safeguard client queries, AMD's SEV-SNP technology creates a confidential virtual machine (CVM) that processes hash prefixes securely, generating attestation reports for integrity verification. The use of Oblivious RAM and Oblivious HTTP (OHTTP) enhances privacy by preventing exposure of memory access patterns and stripping identifying information from client requests. The lifecycle of an ABP request includes pre-processing phases where the server updates the URL database and computes rulesets, followed by client requests that involve calculating bucket identifiers, sending encrypted requests through a proxy, and checking for unsafe URLs based on server responses.

AppWizard

March 11, 2026

Meta outlines improved scam protection in Messenger app

Meta has introduced a Safe Browsing feature in Messenger to protect users from harmful links in direct messages, responding to the rise in online scams. The FBI projects online fraud losses in the U.S. to exceed billions from 2020 to 2024, with over a billion expected in 2024 alone. The Safe Browsing feature, launched in October, warns users about malicious links in encrypted messages. Meta has also launched an Advanced Browsing Protection setting that uses a constantly updated database of harmful websites, enhancing user security by combining on-device processing with external data retrieval. This system alerts Messenger users about potential threats before they click on links, allowing them to assess the safety of the links.

Winsage

March 2, 2026

Fake Xeno and Roblox Utilities Used to Install Windows RAT, Microsoft Warns

Cybersecurity experts at Microsoft Threat Intelligence have identified a trend where attackers distribute counterfeit gaming tools that install a remote access trojan (RAT) on users' systems. These trojanized executables, such as Xeno.exe or RobloxPlayerBeta.exe, are shared through browsers and chat platforms. The initial executable acts as a downloader, installing a portable Java runtime environment and launching a harmful Java archive, jd-gui.jar. Attackers use built-in Windows tools to execute commands via PowerShell and exploit trusted system binaries, minimizing detection risk. The embedded PowerShell script connects to remote locations, downloads an executable as update.exe, and executes it. The malware erases evidence of the downloader and modifies Microsoft Defender settings to allow RAT components to function undetected. It establishes persistence through scheduled tasks and a startup script named world.vbs, enabling prolonged access to the compromised device. Microsoft Defender can detect the malware and its behaviors, and organizations are advised to monitor outbound traffic and block identified domains and IP addresses. Users are encouraged to scrutinize Microsoft Defender exclusions and scheduled tasks for irregularities and remain cautious about downloading tools from unofficial sources.

Winsage

March 1, 2026

Hackers Abuse Windows File Explorer and WebDAV for Stealthy Malware Delivery

Cybercriminals are exploiting a legacy feature in Windows File Explorer, specifically the WebDAV protocol, to distribute malware and bypass traditional security measures. Despite Microsoft deprecating native WebDAV support in November 2023, it remains active on many systems. Attackers use WebDAV to deceive victims into executing malicious payloads by sending links that connect File Explorer directly to remote servers, avoiding web browsers and their security warnings. They employ methods such as direct linking, URL shortcut files, and LNK shortcut files to deliver exploits. The primary objective of these campaigns, which surged in late 2024, is to deploy Remote Access Trojans (RATs), with 87% of Active Threat Reports involving multiple RATs like XWorm RAT, Async RAT, and DcRAT. These campaigns predominantly target corporate networks in Europe, with many phishing emails written in German and English. Attackers use short-lived WebDAV servers hosted on Cloudflare Tunnel demo accounts to obscure their infrastructure. Security analysts are advised to monitor unusual network activity from Windows Explorer and educate users to verify addresses in File Explorer.