malicious software Archives

Tech Optimizer

September 22, 2025

Gamers Warned as BlockBlasters Patch Installs Malicious Software

BlockBlasters, a 2D platformer-shooter developed by Genesis Interactive, was removed from Steam after a late-August patch introduced malware that compromised players' sensitive information. The update, released on August 30, contained harmful components identified by security firm G DATA as a sophisticated operation aimed at stealing personal data. The malware, initiated by a file named game2.bat, collected data such as IP location and Steam login credentials, transmitting it to a command-and-control server. The malicious sequence included additional scripts that targeted browser extensions and cryptocurrency wallets. Over 100 players downloaded the compromised build, with reports of infections during gameplay. Following these revelations, BlockBlasters was flagged as "suspicious" and removed from the platform. Players are advised to uninstall the game and conduct antivirus scans.

Tech Optimizer

September 15, 2025

Chinese malware is flooding GitHub pages – HiddenGh0st, Winos and kkRAT hit devs via SEO poisoning

Chinese users are facing malware campaigns that utilize spoofed download sites and SEO poisoning. The malware includes kkRAT, which has advanced capabilities such as clipboard hijacking, remote monitoring, and antivirus evasion. Attackers have also exploited GitHub Pages to host phishing sites.

Tech Optimizer

September 13, 2025

Norton Internet Security and Antivirus Review 2025

Norton has an impressive rating of 9.5 for its cybersecurity capabilities. It offers comprehensive protection that includes malware protection against viruses and spyware, web protection from phishing attempts and unsafe websites, and device security for multiple devices. Although it is priced higher than some competitors, many users believe the investment is justified due to the premium level of security it provides.

Tech Optimizer

September 13, 2025

Researchers Uncover Undetectable Malware Draining Crypto Browser Wallets

A new strain of malware called ModStealer has emerged, capable of evading antivirus detection while targeting cryptocurrency wallets on Windows, Linux, and macOS. It has reportedly gone undetected by major antivirus engines for nearly a month and is being disseminated through deceptive job recruitment ads aimed at developers. ModStealer scans for browser-based cryptocurrency wallet extensions, system credentials, and digital certificates, exfiltrating the data to remote Command and Control servers. On macOS, it uses a persistence method to run automatically at startup, disguising itself as a benign program. It combines persistence with strong obfuscation techniques, making it resilient against traditional security measures. The malware poses significant risks to cryptocurrency users and platforms, with potential compromises of private keys and wallet data leading to asset losses and large-scale exploits.

Tech Optimizer

September 5, 2025

TAG-150 Hackers Deploy Custom Malware Families to Target Organizations

A new cyber threat actor, TAG-150, has emerged since March 2025, utilizing a sophisticated multi-tiered infrastructure and custom malware, including CastleLoader, CastleBot, and CastleRAT. TAG-150's infrastructure consists of four tiers, including command-and-control servers and intermediary layers to obscure operations. The CastleRAT trojan, available in Python and C variants, features advanced capabilities such as stealth evasion, system information collection, and remote surveillance functions. TAG-150 employs phishing techniques and fraudulent domains to compromise victims, achieving a 28.7% infection rate among those who interact with their schemes. The group utilizes privacy-focused services and frequently relocates its infrastructure to evade detection. Experts recommend proactive measures to counteract TAG-150's activities, including blocking identified infrastructure and monitoring for data exfiltration. Indicators of compromise include specific IP addresses associated with CastleLoader.

Tech Optimizer

September 4, 2025

Don’t use your home Wi-Fi before fixing certain security risks

Home Wi-Fi networks connect various devices and are essential for online activities, but they can be vulnerable due to weak security settings and outdated equipment. Hackers often target residential networks, which typically have weaker defenses than corporate systems. Compromised networks can lead to the interception of sensitive information. To enhance Wi-Fi security, it is important to use a modern router with strong encryption (WPA3 or WPA2), regularly update firmware, change default login passwords, and create a strong Wi-Fi password of at least 12 to 16 characters. Monitoring connected devices and disabling Wi-Fi Protected Setup (WPS) can help prevent unauthorized access. Using a Virtual Private Network (VPN) can protect online privacy, while antivirus software can safeguard connected devices from malware. Taking these steps can significantly improve home Wi-Fi security.

Tech Optimizer

September 3, 2025

PC Optimization Software With Antivirus, Cleaner & Privacy Protection Launched

Iolo Technologies has launched a software solution for computer maintenance aimed at families and non-tech-savvy users, allowing protection for up to ten devices per subscription. Key features include Smart ActiveCare for automated system repairs, a Network Scanner for identifying vulnerabilities, a PC cleaner for removing junk files, and enhanced internet speed optimization. The software also includes Privacy Guardian to block digital tracking, an integrated password manager, DriveScrubber for secure data deletion, System Shield for malware protection, and Malware Killer for removing infections. Users can try the software with a 30-day free trial. Iolo Technologies has over 25 years of experience and has served 80 million users worldwide.

Tech Optimizer

August 29, 2025

New type of ransomware created with AI shows how easy it is to evade antivirus detection now

Researchers from SlashNext have revealed a new ransomware variant developed using artificial intelligence, which was discussed at the Black Hat USA conference. This ransomware can be created quickly using generative AI platforms, allowing attackers to bypass traditional coding methods and evade detection by standard antivirus solutions. In tests, the AI-generated ransomware successfully circumvented most major security suites, posing significant threats to financial institutions, businesses, and everyday users. The malware can modify its structure with each execution, complicating traditional detection methods. Unlike previous ransomware, this variant can be assembled in hours or days. The accessibility of AI tools enables individuals with limited coding skills to create sophisticated malware, challenging the belief that technical barriers deter attackers. Companies and IT teams are urged to reevaluate their cybersecurity strategies, as conventional antivirus tools may no longer suffice. Security professionals should monitor for unusual behaviors and invest in automated detection systems that utilize machine learning.

AppWizard

August 28, 2025

The Browser Wasn’t Enough, Google Wants To Control All Your Software

Google announced plans to regulate "sideloaded" Android applications, which are installed from sources outside the official Android repository. This initiative includes a verification system for developers, allowing only applications from verified developers to be sideloaded, aimed at preventing malicious software. Google likened this process to airport security checks, focusing on confirming developer identities rather than inspecting application content. The OSS Rebuild program, introduced earlier, aims to verify authors of open-source libraries and ensure installed versions match published source code. Critics express concern that Google's control over developer verification could lead to exclusion of certain packages, impacting competition and developer recourse. Google has indicated plans to allow students and hobbyists to install self-developed applications, with the rollout of verified sideloading expected by 2027 in most regions.

AppWizard

August 27, 2025

Google wants to fight Android malware by making sideloading more difficult

Google is introducing a new initiative called Developer Verification to enhance security for Android users by protecting sideloaded applications from malware threats. This program aims to serve as a defense against malicious software that may enter devices through unofficial channels and complements existing security measures for apps on the Google Play Store. In August 2023, Google implemented a requirement for developers to provide verified information through the D-U-N-S (Data Universal Numbering System) to increase the trustworthiness of applications on its platform.