geolocation Archives

TrendTechie

January 13, 2026

Tilburg University: что метаданные торрентов могут рассказать специалистам по кибербезопасности?

Cybersecurity specialists often encounter torrent traffic during investigations into corporate policy violations and criminal activities. A study proposes that torrent metadata can serve as a source of open-source intelligence, focusing on the valuable information that can be extracted from publicly available torrent metadata. Torrent files contain descriptive information such as file names, tracker addresses, cryptographic hashes, and various metadata fields. Trackers provide lists of peers connected to specific files, revealing IP addresses and ports, which can be used for security analysis. The research collected metadata from The Pirate Bay and public UDP trackers across 206 popular torrent resources, resulting in a dataset of over 60,000 unique IP addresses. These addresses were enriched with data on geolocation, internet service providers, autonomous systems, and indicators of VPN or hosting infrastructure usage. A specific analysis phase labeled IP addresses linked to child sexual exploitation materials using an external monitoring database, without direct interaction with illegal content. Co-author Giuseppe Cascavilla noted that the choice of UDP trackers was intentional, allowing for testing the analysis concept while limiting observation completeness. He suggested that expanding the methodology to include large-scale data collection from DHT networks could improve coverage and identify users avoiding centralized trackers, potentially revealing correlations between anonymization and riskier behavior. The findings are presented as a conservative snapshot of activity observable through open tracking mechanisms.

BetaBeacon

October 18, 2025

How online casino platforms are transforming Android mobile gaming experiences

Android casino apps are optimized for fluid play, quick loading times, and smooth performance on various devices. Developers use Android's toolkit to enhance the user experience with features such as fingerprint login, round-the-clock chat, and loyalty perks. Cross-platform integration allows players to seamlessly switch between different gaming hubs under one account. Mobile-exclusive innovations focus on gesture controls, targeted alerts, and geolocation tools to improve user convenience. Leading platforms are implementing stronger player protection features to promote responsible gambling.

AppWizard

September 12, 2025

Meet Max, Russia’s all-in-one app: From messages to spying on Russians

The Russian messaging application Max was first tested in March 2025 and is developed by Communication Platform LLC, a subsidiary of VK. It is marketed as a "national" and "unified" messenger, with significant promotion from the Kremlin. A law signed by President Vladimir Putin in June 2025 established Max as a state-owned entity, mandating its use in school chats and pre-installation on smartphones. Mobile operators are required to offer Max without consuming data traffic. Users in occupied Ukrainian territories are also required to install the app. Restrictions on other messaging services have been implemented, with security services limiting their functionalities. By mid-August 2025, Max had around 18 million users, but it has faced criticism for lacking end-to-end encryption and requesting excessive access to smartphone features. Users have reported performance issues and concerns over surveillance by the Russian government. The Kremlin has acknowledged monitoring through Max, and the app is compared to China's WeChat. Putin has ordered increased control over foreign messaging applications, aiming to restrict the use of foreign software by September 2025.

AppWizard

August 29, 2025

Russia enforces Max messenger app on all new devices

The Kremlin plans to evolve Max into a national "super app" by integrating communication, payments, and administrative functions, with a mandatory pre-installation on devices sold in Russia starting January 1, 2026. Smart TVs sold in Russia will also come pre-installed with Lime HD TV for free access to Russian state television. The app faces restrictions alongside messaging services like WhatsApp and Telegram, which have been blocked due to national security concerns. Max is being promoted as a successor to VK Messenger, with directives issued for public institutions to transition to Max by November. Despite promotional efforts, users have reported technical difficulties and privacy concerns, as the app collects extensive user data. Max cannot be installed with foreign phone numbers, limiting access for Russians abroad. Celebrities are being recruited to promote Max, while user feedback has been mixed, with concerns regarding reliability and privacy. The app has met security requirements for integration with government services and is envisioned to facilitate various services in the future.

AppWizard

August 28, 2025

Malicious Android App Uses Fake Antivirus Front to Spy on Russian Users

A new strain of Android malware, identified as Android.Backdoor.916.origin, is being distributed through an app called GuardCB, which poses as a security application. The app, with a Russian interface and a logo resembling that of the Central Bank of Russia, requests extensive permissions, including device location, microphone and camera access, messages and call logs, contacts, and administrator rights. It also seeks access to popular applications like WhatsApp, Telegram, Chrome, Gmail, and Yandex. The malware enables hackers to stream live video and audio, capture images, access stored files, monitor keystrokes, and track communications and geolocation in real time. The app conducts simulated antivirus scans and generates fake threat results to reassure users while compromising their security. There are no confirmed links to specific actors or espionage activities, but the malware's extensive permissions and targeted nature raise concerns about potential state involvement amidst escalating cyber conflicts in the region.

Tech Optimizer

August 25, 2025

New Android Spyware Masquerading as Antivirus Targets Business Executives

Doctor Web’s antivirus laboratory has identified a sophisticated Android backdoor malware named Android.Backdoor.916.origin, which has been evolving since January 2025. This spyware primarily targets Russian businesses through focused attacks, disseminated via private messages as a fake antivirus application called “GuardCB.” The app's icon resembles the Central Bank of the Russian Federation's emblem and is presented in Russian. Variants of the malware include names like “SECURITY_FSB” and “FSB,” falsely claiming to be security tools linked to Russian law enforcement. Upon execution, the malware simulates an antivirus scan, requesting extensive system permissions for surveillance and data exfiltration, including access to geolocation, audio recording, SMS, contacts, call logs, media files, and camera functions. It establishes connections to command-and-control servers, allowing attackers to send and receive sensitive data, initiate audio and video feeds, and execute commands. The malware employs keylogger functionality to intercept keystrokes and monitor specific applications for content theft. Doctor Web has notified domain registrars to disrupt the malware's infrastructure and confirms that all known variants are detected and neutralized by their antivirus solutions. Organizations are advised to enforce strict APK sideloading policies and verify app authenticity to counter such threats.

AppWizard

August 25, 2025

Corporate Leaders Targeted by Android Spyware Masquerading as Security Apps

Security experts at Doctor Web have identified a sophisticated Android spyware campaign targeting Russian business leaders, utilizing malware named Android.Backdoor.916. First detected in January 2025, this malware is distributed through APK files disguised as security applications, particularly under the name GuardCB, which mimics the emblem of the Central Bank of the Russian Federation. Other variants include “SECURITY_FSB” and “FSB,” and the app interface is exclusively in Russian. The malware is disseminated via private messages on popular messaging platforms, avoiding official app stores. Upon installation, it simulates device scans and generates fictitious threat reports while activating extensive spyware modules that request permissions for geolocation, camera and microphone usage, SMS and contact access, call logs, and background operation. It can transmit SMS messages, upload contact lists, forward call history and location data, and exfiltrate media. It also enables real-time audio streaming, video capture, and screen activity monitoring, using Accessibility Service to maintain a keylogger for intercepting sensitive content from various applications. Control over the malware is maintained through a modular system that reconnects to the command server every minute, with fallback connectivity options to multiple hosting providers. The malware is designed for targeted cyber-espionage rather than mass infections, focusing on corporate executives and business figures. Doctor Web's antivirus solutions for Android can detect and eliminate known variants of this backdoor, highlighting the vulnerability of high-value individuals to mobile spyware disguised as legitimate applications. Experts recommend enhancing mobile security policies and educating high-risk employees about social engineering tactics.

AppWizard

August 20, 2025

Fake Antivirus App Spreads Android Malware to Spy on Russian Users

Cybersecurity experts at Doctor Web have identified a new variant of Android malware called Android.Backdoor.916.origin, active since January 2025. This malware can eavesdrop on conversations, steal messages, stream video, and log keystrokes. It targets Russian business representatives rather than average users, being distributed through direct messages as a fake antivirus app named GuardCB, which mimics the Russian Central Bank's emblem. The app requests extensive permissions, including geolocation, audio recording, camera access, and SMS data, and can function as a keylogger. It is designed for persistence, launching background services and communicating with multiple command-and-control servers. The malware can livestream audio, broadcast video, capture text, and upload contacts and call history. It exploits Android’s Accessibility Service to capture keystrokes and prevent uninstallation. The interface is exclusively in Russian, indicating it is specifically designed for a targeted group. Users in Russia are advised to download applications only from trusted sources to mitigate risks.

AppWizard

July 22, 2025

What is MAX, the state-owned app Russia’s Vladimir Putin is trying to replace WhatsApp with?

Russia has mandated that all government officials transition to the Max app by September 1 as part of a strategy to reduce reliance on foreign messaging platforms like Telegram and WhatsApp. The ban on WhatsApp is anticipated as officials prepare for the rollout of the state-developed Max app by VK Company, which has extensive access to users' personal data and operates under close government oversight. The legislation also prohibits apps from countries that have sanctioned Russia, indicating an effort to bolster national security in digital communications. Additionally, restrictions on software and services from "unfriendly countries" are being proposed, along with fines for accessing online content deemed extremist.

AppWizard

July 20, 2025

Russian officials ordered to use spy-linked Max messaging app by September

Russian officials are being directed to adopt a messaging application overseen by the Russian Federation's secret services, as mandated by Kremlin leader Vladimir Putin. The deadline for this transition is September 1st. The government is particularly targeting foreign messaging applications like WhatsApp for potential bans due to national security concerns. A new messaging application named Max, developed by VK, has been introduced, designed for centralized digital tracking and raising privacy concerns. Max has extensive access to device features and sends data to servers linked to VK, which is connected to the Russian secret services. The government aims to impose further restrictions on software from countries classified as "unfriendly."