malicious software Archives

Tech Optimizer

June 21, 2026

Malware Has Gotten Smarter. Here’s How Your Antivirus Has, Too

Antivirus software is evolving from relying on static databases of known malware signatures to employing behavioral monitoring and machine learning for threat detection. Traditional antivirus solutions focused on recognizing known threats through unique signatures, but this approach has become inadequate due to the rapid evolution of malware, including polymorphic and metamorphic types. Modern antivirus systems now monitor program behavior, looking for suspicious activities such as unexpected file encryption or unusual network communication. Machine learning models analyze large datasets to identify patterns associated with malware, allowing for the classification of files as safe, potentially unwanted, or malicious. Techniques like sandboxing and dynamic analysis are used to preemptively neutralize threats. However, advancements in AI also present challenges, as cybercriminals can exploit these technologies to create sophisticated malware that evades detection. Despite improvements in antivirus effectiveness, modern cyberattacks increasingly target individuals through methods like phishing and social engineering, necessitating a combination of robust antivirus solutions and good cybersecurity practices.

TrendTechie

June 20, 2026

Что такое торрент, как он работает и можно ли им пользоваться

Downloading a Linux distribution from the official website typically takes about half an hour, but during high-demand periods, such as new Ubuntu releases, speeds can drastically decrease due to server overload. Torrents, which use a peer-to-peer file-sharing protocol, allow users to download and share data simultaneously, reducing the load on a single server. Torrents operate by enabling direct exchanges between users through the BitTorrent protocol, where files are divided into smaller pieces and downloaded in parallel from multiple sources. Key terms include peers (users with parts of the file), seeds (users who have fully downloaded the file), .torrent files (metadata files), and magnet links (text-based alternatives to .torrent files). The BitTorrent protocol does not rely on a central server, enhancing resilience as files can continue to circulate as long as at least one seed is available. To use torrents, a torrent client is needed, with recommended options for 2026 including qBittorrent, Transmission, and BiglyBT. The BitTorrent technology itself is legal, but legality depends on the content being shared. Legal uses include downloading Linux distributions, open-source software, and scientific datasets, while unlicensed movies and cracked software are illegal. In Russia, while torrent technology is not prohibited, downloading copyrighted content without permission is a violation. Risks of using torrents include exposure to viruses and malware, copyright infringement, fake distributions, and IP address exposure. To protect oneself, users should choose moderated trackers, avoid suspicious files, use antivirus software, and limit upload speeds. Common problems include slow speeds, connection issues, and disappearing files, which can often be resolved by checking settings or ensuring there are seeds available. Sharing files after downloading is not legally mandatory but is considered good etiquette in the torrent community.

TrendTechie

June 20, 2026

Житель Светлогорска зарабатывал на скрытом майнинге через торренты

Law enforcement officials in the Grodno region have arrested a 35-year-old resident of Svetlogorsk for allegedly distributing malicious software. The suspect modified a hidden virus miner, embedding it in free torrent downloads, which activated on users' computers to mine cryptocurrency without their consent. This activity reportedly earned the hacker about 1,000 Belarusian rubles monthly and affected over 500 computers in Belarus and neighboring countries. An official criminal case has been initiated to address this cybercrime.

TrendTechie

June 20, 2026

Белорус распространял через торренты вирус-майнер. Сколько зарабатывал?

A 35-year-old resident of Svetlogorsk has been accused of using malicious software for hidden cryptocurrency mining by modifying a "cryptojacker" virus. He embedded code into free torrent downloads, which activated on users' computers to mine cryptocurrency without their knowledge. This operation reportedly earned him about 1,000 rubles per month and infected over 500 computers, affecting users in Belarus and neighboring countries.

TrendTechie

June 20, 2026

Светлогорский хакер зарабатывал на скрытом майнинге, заражая компьютеры через торрент-раздачи

Cybercrime prevention officers in the Grodno region arrested a 35-year-old resident of Svetlogorsk for profiting from modified malware known as a "cryptojacker." This malware was embedded in free torrent downloads, activating on users' computers to mine cryptocurrency, which degraded the machines' performance. The suspect earned approximately one thousand Belarusian rubles monthly and was exploiting over 500 computers at the time of his arrest, affecting users in Belarus and neighboring countries. An investigation is underway to identify the victims, and criminal charges have been filed against him.

AppWizard

June 19, 2026

Google sets launch date for review of Android apps distributed outside the Play Store

Google's upcoming Android app verification system will begin on September 30, 2026, restricting the installation of apps from unverified developers outside the Google Play ecosystem. Certified Android device users will be unable to install apps from developers lacking Google verification, which requires identity authentication through the Android Developer Console. A list of participating app stores includes Google Play, Samsung Galaxy Store, Xiaomi GetApps, HONOR App Market, OPPO App Market, vivo V-Appstore, and Palm Store by Transsion. A new system component, com.google.android.verifier, will be integrated into certified devices running Android 8 or later. In August, Google will introduce a feature called Advanced Flow, allowing users to install unverified apps through a complex process. A Limited Distribution mode for independent developers will enable app distribution to a maximum of 20 devices without registration fees or document verification. The regulations will initially be implemented in Brazil, Indonesia, Singapore, and Thailand, with plans for a global rollout by 2027.

AppWizard

June 19, 2026

4 security upgrades in Android 17 you didn’t know about, but will be glad to have

Google's Android 17 update is being deployed to Pixel devices, introducing new features such as multitasking bubbles, expanded dark theme controls, and a revamped screen recording interface. Key user preferences from a poll indicate that 32% favor multitasking app bubbles, while other features received varying levels of support. The update includes App Memory Limits to prevent excessive RAM usage by apps, enhancing performance. It also restricts apps from scanning local networks without explicit permission, improving user privacy. Additionally, Android 17 tightens restrictions on dynamic code loading to strengthen malware protection and implements Certificate Transparency protections by default for secure HTTPS connections. Overall, these changes aim to enhance performance, security, and user experience.

Winsage

June 18, 2026

How to check if your PC is Secure Boot ready

Microsoft has announced enhancements to its Secure Boot technology to improve system security by ensuring only trusted software is loaded during the boot process. ASUS will integrate advanced Secure Boot capabilities into its hardware, aligning with Microsoft's security protocols. This collaboration aims to enhance device integrity and protect user data against cyber threats. The updated Secure Boot technology will help prevent the execution of malicious software during startup, and both companies seek to boost consumer confidence in their products.

Tech Optimizer

June 18, 2026

Retro gaming fans are the new target for fake GitHub malware

Retro gaming enthusiasts should be cautious when exploring GitHub projects for tools or plugins, as cybercriminals may disguise malware as homebrew software. A specific incident involved a project called EQVita, which pretended to be a free audio tool for PlayStation Vita but actually contained Windows malware. The downloaded file included three files: Launch.bat, luajit.exe, and x64.txt, with the latter concealing a hidden script that connected to the attacker's server upon execution. This scam is part of a broader trend where counterfeit GitHub repositories distribute SmartLoader malware, which retrieves additional malicious software aimed at stealing passwords and cryptocurrency wallets. The PS Vita community, despite the console's production ceasing, remains active in modding, making it a target for attackers. Legitimate plugins typically come in Vita-compatible formats, while fake ones may feature polished marketing materials and AI-generated descriptions. Users are advised to verify sources, be cautious of suspicious downloads, and utilize security tools like Malwarebytes. If someone has executed the malicious EQVitav1.3.zip file, they should conduct a malware scan, change important passwords, and monitor accounts for unauthorized access. Indicators of compromise include the domains https://github.com/Voistace/EQVita and https://voistace.github.io, and the IP address 85.137.52.21.

AppWizard

June 16, 2026

New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds

Security researchers at Zimperium's zLabs have identified a new Android banking trojan named Rokarolla, which can target 217 banking and cryptocurrency applications and execute 137 remote commands. The malware spreads through deceptive websites that impersonate popular apps, installing a dropper that mimics Google Play Protect to gain Accessibility access. It uses overlay techniques to capture sensitive information by displaying counterfeit login pages and can intercept SMS messages, including one-time codes from banks. Rokarolla also features a keylogger, screen logger, and can rewrite clipboard contents to divert cryptocurrency payments. It employs advanced methods for discreet data capture and has multiple fallback command-and-control domains, making it resilient against takedowns. There is no patch available for this malware, and users are advised to install apps only from Google Play and remain cautious of unexpected Accessibility requests. Zimperium's products can detect this malware, and indicators of compromise are available on their GitHub repository.