indicators Archives

Tech Optimizer

April 13, 2026

Fake Claude site installs malware that gives attackers access to your computer

Claude, an AI tool developed by Anthropic, receives nearly 290 million web visits monthly and has become a target for cybercriminals. A fake website has been found that impersonates Claude, distributing a trojanized installer named Claude-Pro-windows-x64.zip. This installer, while appearing legitimate, deploys PlugX malware, granting attackers remote access to users' systems. The fraudulent site mimics the official download page and uses passive DNS records linked to commercial bulk-email platforms, indicating active maintenance by the operators. The ZIP file contains an MSI installer that incorrectly spells "Claude" as "Cluade" and creates a desktop shortcut that launches a VBScript dropper. This script runs the legitimate claude.exe while executing malicious activities in the background, including copying files to the Windows Startup folder to ensure persistence after reboot. The attack utilizes a DLL sideloading technique recognized by MITRE as T1574.002, where a legitimate G DATA antivirus updater is exploited with a malicious DLL. Within 22 seconds of execution, the malware establishes a connection to an IP address associated with Alibaba Cloud, indicating control over the compromised system. The dropper script also employs anti-forensic measures to delete itself and the VBScript after deployment. Indicators of compromise include the filenames Claude-Pro-windows-x64.zip, NOVUpdate.exe, avk.dll, and NOVUpdate.exe.dat, along with the network indicator 8.217.190.58:443 (TCP) as the command and control destination. Users are advised to download Claude only from the official site and to remain vigilant against potential compromises.

AppWizard

April 11, 2026

Crimson Desert turns a beloved bug into a feature and makes its bonus protagonists actually worth using

Developer Pearl Abyss has released significant updates for Crimson Desert as part of their weekly patch cycle. The latest patch includes the introduction of the 'Focused Aerial Roll' skill for Kliff, allowing players to perform aerial maneuvers. Characters Damiane and Oongka have received upgrades with new skills like Axiom Force and Nature's Snare shield, and enhancements to their existing abilities. Five new camera settings have been added for customization, and improvements have been made to lock-on mechanics during boss encounters. The gameplay menu now features 'weapon display' toggles, adjustable font sizes, and increased fast-forward speeds for dialogue scenes. Fast travel has been revamped to allow teleportation while mounted or climbing, and clearer indicators for Abyss puzzles have been implemented. A camp upgrade has improved NPC placements and expanded farm areas, while basic banking services are now available even in a 'wanted' state. Additional UI enhancements and fixes have been made to streamline the gameplay experience. The patch 1.03.00 is now live on Steam and the Epic Games Store.

Winsage

April 9, 2026

This fake Windows support website delivers password-stealing malware

A phishing campaign has been identified that uses a counterfeit Microsoft support website, microsoft-update[.]support, to trick users into downloading a malicious Windows update disguised as WindowsUpdate 1.0.0.msi. This file, created on April 4, 2026, appears legitimate but contains malware designed to steal sensitive information. The campaign targets French-speaking users, leveraging recent data breaches in France to create convincing scams. The malware, once executed, installs an Electron application that runs a Python interpreter, which then deploys various data theft tools. It employs two persistence mechanisms: modifying the Windows registry and creating a shortcut in the Startup folder. The malware connects to external sites for reconnaissance and data exfiltration, using domains like datawebsync-lvmv.onrender[.]com and store8.gofile[.]io. The malware's components have evaded detection by antivirus tools, with VirusTotal reporting zero detections for the main executable and its launcher. Users are advised to check their registry, remove suspicious files, change passwords, and run a full system scan if they suspect installation of the malicious update. Safe updating practices include using the built-in Windows update feature and being cautious of phishing attempts. Indicators of compromise include specific file hashes, domains associated with the phishing campaign, and file system artifacts related to the malware's installation.

AppWizard

April 9, 2026

Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk

Version 5.2.1 of the EngageSDK was released to address security vulnerabilities related to third-party SDKs, particularly affecting digital asset management applications. Although no exploitation of this vulnerability has been reported, developers are urged to upgrade to the latest version. The Android operating system's security model provides some protections against these vulnerabilities, and the Android team has updated user protections during the transition to the secure version. The vulnerability, classified as severe, allows unauthorized access to protected components and sensitive data through intent redirection. Affected applications, particularly in the cryptocurrency and digital wallet sectors, account for over 30 million installations. The vulnerability was first identified in version 4.5.4 of the EngageLab SDK, reported in April 2025, and was addressed in version 5.2.1 released on November 3, 2025, which set the vulnerable activity to non-exported. Developers are advised to regularly review their Android manifests and upgrade to the latest SDK version to maintain application security.

AppWizard

April 8, 2026

Is Samsung Messages being discontinued? Here’s when and what we know

Samsung Electronics has announced the discontinuation of the Samsung Messages app, with support ceasing in July 2026. Users are encouraged to migrate to Google Messages, which will become the default messaging platform for Samsung Galaxy devices operating on Android 12 or newer. Devices running Android 11 or older will not be affected at this time. After July 2026, Samsung Messages will no longer send or receive texts, except for emergency contacts. Users can download Google Messages from the Google Play Store and set it as their default messaging app. Other messaging app options are available for users who prefer alternatives. Older Samsung Galaxy watches running Tizen OS will not support Google Messages after the transition, but will still allow text message functionality. RCS messaging, integrated into Google Messages, enhances the texting experience with features like read receipts and high-quality media sharing, whereas SMS is limited to basic text messaging.

AppWizard

April 7, 2026

It Looks Like Steam Will Soon Use Frame Rate Data Gathered by Its Millions of Users to Estimate How Well a Game Will Actually Run on Your PC

Valve has integrated frame rate data from its user base to provide estimates on game performance tailored to individual gaming rigs, starting with a SteamOS beta that collects performance metrics. A recent code discovery suggests that users will soon be able to input their CPU, GPU, and RAM specifications for tailored performance projections. Steam will also automatically generate performance estimates based on existing hardware configurations for users accessing the platform on their gaming PCs. This feature aims to enhance the accuracy of performance estimates, particularly for the Steam Machine, which may benefit from data collected from similar configurations. The frame rate data collection is currently in beta and may take time before becoming widely accessible.

AppWizard

April 6, 2026

Samsung will discontinue its Messages app in July and replace it with Google’s

Samsung will discontinue its Samsung Messages app by July of this year, as announced on its website. Users are recommended to transition to Google Messages, which offers enhanced features such as Rich Communication Services (RCS) messaging, group chats, and real-time typing indicators. Google Messages also includes generative AI features for photo remixing and simplifies conversation switching across devices. Samsung has been phasing out its messaging app, starting with the Galaxy Z Fold 6, Flip 6, and Galaxy S25 series, which no longer preload Samsung Messages. The final date for the app's discontinuation will be communicated through the app.

Winsage

April 5, 2026

How to Reset Registry to Default in Windows 11

Many applications modify the Windows 11 registry without user awareness, potentially leading to issues such as boot problems, application crashes, and settings reverting unexpectedly. Windows 11 does not have a "Reset Registry to Default" button, but there are methods to restore the registry to a functional state. Common indicators of registry issues include: - Applications crashing or failing to open. - Blue Screen of Death errors after registry edits or software installations. - Prolonged boot times. - Settings not saving or reverting unexpectedly. - Error messages about missing DLL files or broken file associations. - USB devices or peripherals not being recognized. To address registry issues, users can try the following methods: 1. System Restore: This method restores system-level changes without erasing personal files, provided a restore point exists. 2. Reset Windows 11: This reinstalls the operating system and resets the registry, with options to keep personal files or remove everything. 3. Import a Registry Backup File: This method restores specific registry keys if a backup exists. 4. Offline Registry Repair via Command Prompt: This is an advanced method for unbootable systems, involving manual replacement of registry hive files. Users are advised to back up the registry before making changes and to avoid using registry cleaners, as they can cause more harm than good. Regularly creating restore points and being cautious with online advice can help prevent registry problems.

AppWizard

April 1, 2026

Best Cryptocurrency Trading Apps for Android, Reviewed for 2026

Several crypto trading apps stand out in the market, including OKX, Coinbase, and Binance. All of these trading apps are responsive, user-friendly, and offer a variety of trading options. OKX supports spot, futures, and options trading, along with decentralized exchange access and advanced trading tools. It features a well-organized interface, encourages the use of passkeys for security, and offers tools such as leverage, trading bots, and copy trading. Coinbase is beginner-friendly, offering spot trading and advanced trading tools, as well as derivatives in select regions. Its interface is divided into Home, Portfolio, Trade, Prices, and Settings, and it promotes security through passkeys and authentication methods. Binance supports spot, futures, and options trading, along with demo trading options. It features quick loading times, an intuitive navigation bar, and security measures including passkeys and anti-phishing codes. Users can create multiple charts and select various indicators for detailed analysis.

Tech Optimizer

April 1, 2026

Norton Review 2026: Solid Antivirus With Great Safe Browsing Tools and Parental Controls

Norton Antivirus has a score of 8.3/10. It offers extensive parental controls on some plans, cloud backups for sensitive data, and a high-quality safe browser. However, its identity theft protection features are limited to U.S. users, it has higher resource usage than most competitors, and reaching human customer support can be difficult. Norton provides a comprehensive cybersecurity suite that includes a password manager, safe browser, cloud backups, and privacy monitoring. Its antivirus software features real-time protection, manual and automated scans, and scan scheduling. Norton Family allows parents to implement controls on children's devices. Norton does not offer a free version but provides complimentary tools such as a password manager and data breach scan. Norton AntiVirus Plus is priced for basic security needs, while Norton 360 Standard and Deluxe offer additional features like dark web monitoring and enhanced parental controls. The setup process is user-friendly, and the software operates smoothly with moderate resource usage during scans. Norton’s additional tools include device optimization, a safe browser, and a privacy monitor, though some features may not meet expectations. Norton has received high marks in security rankings, maintaining a perfect security ranking from AV-Test for the past decade. It employs strong encryption protocols for its tools and adheres to a no-logs policy for its VPN. Customer support options include a community forum, knowledge base, and 24/7 live chat and phone support, though email support is absent. Norton’s pricing is competitive, especially for families, and it can cover up to 10 devices depending on the plan.