harvesting Archives

AppWizard

July 4, 2025

4 idle games I play while working on my PC

Idle games are designed for those working from home, allowing for minimal interaction and automated progress. They provide engaging yet low-maintenance entertainment, often developed by indie creators. Examples include: - Rusty's Retirement: A farm simulation where players set up their farm while automated assistants manage daily tasks. - Cauldron: An idle game featuring turn-based battles and resource gathering from five mini-games for upgrades. - Cast n Chill: A fishing game that allows players to actively fish or switch to an idle mode for automated fishing. - Bao Bao's Cozy Laundromat: Players manage a laundromat for pandas, with a focus timer to maintain productivity while engaging in gameplay. These games offer non-intrusive experiences, allowing players to check in at their convenience without the pressure of failure.

AppWizard

July 3, 2025

Qwizzserial Android Malware as Legitimate Apps Steals Banking Data & Intercepts 2FA SMS

A sophisticated Android malware campaign named Qwizzserial has emerged as a significant threat to banking security in Central Asia, particularly affecting users in Uzbekistan. Initially identified in mid-2024, it disguises itself as legitimate applications to deceive users into installation. Analysts from Group-IB uncovered it, noting its distribution network resembles the Classiscam fraud infrastructure. The campaign has reportedly infected around 100,000 users, resulting in financial losses exceeding ,000 within three months. The primary distribution channel is Telegram, where cybercriminals pose as government entities. Qwizzserial requests critical permissions upon installation and collects personal and financial information, systematically harvesting existing SMS messages. Recent iterations have incorporated obfuscation techniques and enhanced persistence mechanisms.

AppWizard

June 21, 2025

Tempest Rising’s first major update targets the Command and Conquer successor’s multiplayer, adding 6 maps, a 2v2 ranked mode, and an extensive balance overhaul

Tempest Rising has released its first major update, the "Rally and Recon" update, which enhances the multiplayer experience. Key features include a ranked mode for 2v2 matches with leaderboards and the ability to adjust the population cap for multiplayer matches from 100 to 500 units. The update also includes a comprehensive rebalance of existing units, affecting factions differently; for example, the GFD faction's spy drones are less effective, while its hunter tank is improved, and the Tempest Dynasty experiences slower resource harvesting but gains stronger second-tier units. Players are also anticipating the introduction of a third playable faction, which has only been available as an adversary in campaign mode.

AppWizard

June 20, 2025

‘Godfather’ Malware Is Now Hijacking Banking Apps on Android

The latest version of the "Godfather" malware targets Android devices, capable of hijacking legitimate banking applications and complicating detection. Initially detected in 2021, it used screen overlay attacks to trick users into entering sensitive information. The new iteration introduces a virtualization capability, creating a virtual environment on the device that allows it to intercept and manipulate user interactions with banking apps. This malware can harvest account credentials and exert remote control over the device, enabling unauthorized transactions. Currently, it affects nearly 500 applications, primarily targeting banks in Turkey, with potential for global spread. Users are advised to download apps only from trusted sources, modify permission settings, enable Google Play Protect, keep devices updated, and audit installed applications to protect against this threat.

AppWizard

June 20, 2025

GodFather Android Malware Uses On-Device Virtualization to Hijack Legitimate Banking Apps

Zimperium zLabs has identified a new version of the GodFather Android banking malware that uses on-device virtualization to infiltrate legitimate banking and cryptocurrency applications. This malware creates an isolated virtual environment on the victim's device, allowing attackers to observe and manipulate user interactions in real time. It employs a malicious host application with a virtualization framework that downloads and executes a copy of the targeted app, capturing credentials and sensitive information. GodFather targets nearly 500 applications globally, particularly focusing on Turkish financial institutions. It utilizes evasive tactics, including ZIP manipulation and obfuscation, to evade detection and installs its payload through a session-based dropper technique. The malware retains traditional overlay attacks and has extensive remote control capabilities, posing a significant threat to mobile security and user trust.

AppWizard

June 19, 2025

Minecraft cheat tools may actually contain malware

Trojanized cheat tools for Minecraft hosted on GitHub have been found to install malware that extracts sensitive information from players. Check Point Research identified around 500 GitHub repositories involved, potentially compromising about 1,500 devices. This operation, active since March, is linked to Russian-speaking malware developers from the Stargazers Ghost Network. The malware, disguised as cheat tools like Oringo and Taunahi, initiates a multi-stage attack requiring Minecraft to be pre-installed. It first installs a malicious JAR mod that evades detection, then proceeds to steal Minecraft tokens, Microsoft account information, and data from platforms like Discord and Telegram. The final component captures credentials from web browsers, cryptocurrency wallets, VPN applications, and gaming platforms, sending the stolen data to a Discord webhook.

AppWizard

June 11, 2025

5 Minecraft Farms to Build Early

Players in Minecraft face challenges such as food shortages and resource scarcity during the early stages of survival. Early-game farms are essential for providing resources and improving gameplay. 1. A basic crop farm can be established by planting wheat, carrots, or potatoes on well-tilled soil with a water source and sunlight. Fencing can protect crops from mobs, and villagers can help automate the process. 2. An animal breeding pen can be created by attracting cows, sheep, and chickens using wheat or seeds. Each animal provides unique resources, and a breeding cycle of about five minutes allows for a steady food supply. 3. A sugar cane farm is important for crafting paper and trading with villagers. It can be set up along a riverbank or with irrigation ditches, and can be automated with observers and pistons. 4. An XP and mob drop farm can be built around a dungeon with a skeleton or zombie spawner. A funnel system using water flows and trap doors can direct mobs for XP farming and valuable drops. 5. An iron farm can be established near a village using three villagers, beds, workstations, and a zombie to spawn Iron Golems. A kill chamber can provide a consistent source of iron ingots.

AppWizard

June 8, 2025

I defeated a bird by talking to it about the Bible in this lo-fi first-person RPG where you’re a 19th century daemon summoner

During the Frosty Games Fest, a trailer for the first-person RPG Your Holy & Virtuous Heretic was showcased, drawing comparisons to indie games like Dread Delusion and Felvidek. The game is set in the year 18XX, where players assume the role of an occultist who inadvertently enters a bizarre alternate reality after a failed ritual to summon Asmodeus. This realm features supernatural entities, magical crystals, and even computers, including a talking computer called the Statistics and Attributes Virtualization Engine. The game includes characters known as arm daemons that provide advice on attributes. It will be available on platforms like Steam and itch.io.

Tech Optimizer

June 3, 2025

Misspell one word and you’re infected: New malware campaign fools developers on both Windows and Linux

Cybersecurity experts have highlighted the risks of typosquatting, where developers accidentally download malicious packages due to typographical errors. A report from Checkmarx reveals that attackers exploit this trust by creating counterfeit packages that can grant unauthorized access to systems. Malicious packages have been found in the Python Package Index (PyPI) and can enable remote control, posing serious threats to system integrity. Attackers employ a cross-platform strategy, mixing names from different programming environments to target unsuspecting users. On Windows, malware can create scheduled tasks and disable antivirus protections, while on Linux, certain packages facilitate encrypted reverse shells for data exfiltration. Although the malicious packages have been removed, the threat remains, prompting developers to verify package sources and spellings. Checkmarx recommends organizations conduct audits of deployed packages and scrutinize application code to enhance security.

Tech Optimizer

May 28, 2025

Hackers Mimic Popular Antivirus Site to Deliver VenomRAT & Steal Finance Data

Cybercriminals are executing a sophisticated malware campaign through a counterfeit Bitdefender antivirus website, specifically the domain “bitdefender-download[.]co,” which mimics the legitimate site. This fraudulent site distributes three types of malware: VenomRAT, StormKitty, and SilentTrinity, aimed at stealing financial data and maintaining persistent access to victims’ computers. When users click the “Download For Windows” button, they inadvertently download a ZIP file containing these malicious programs. VenomRAT acts as a remote access tool, allowing attackers to steal files, cryptocurrency wallets, and browser data, including credit card information. StormKitty quickly harvests sensitive credentials, while SilentTrinity provides stealthy long-term access for further exploitation. The fake Bitdefender site is linked to other malicious domains impersonating banks, indicating a coordinated phishing operation. The attackers utilize the same command and control infrastructure, with the IP address 67.217.228.160:4449 identified as a connection point. Bitdefender is working to take down the fraudulent site, and Google Chrome has begun flagging the link as malicious. Security experts recommend verifying website authenticity and downloading software only from official sources.