malware Archives

Tech Optimizer

February 11, 2026

Hackers Used Hugging Face to Distribute Android Banking Trojans

Cybersecurity researchers have identified a malware campaign that exploited Hugging Face's AI infrastructure to distribute Android banking trojans. The attackers used a deceptive app called TrustBastion, which tricked users into installing what appeared to be legitimate security software. Upon installation, the app redirected users to an encrypted endpoint that linked to Hugging Face repositories, allowing the malware to evade traditional security measures. The campaign generated new malware variants every 15 minutes, resulting in over 6,000 commits in about 29 days. It infected thousands of victims globally, particularly in regions with high smartphone banking usage but lower mobile security awareness. The operation is believed to be linked to an established cybercriminal group. Security experts warn that this incident highlights vulnerabilities in trusted platforms and calls for improved security measures, including behavioral analysis systems and verification of application authenticity. The incident has also sparked discussions about the need for enhanced security protocols for AI platforms.

Tech Optimizer

February 11, 2026

If you’re struggling to play tactics sim Menace, it could be because your antivirus is randomly deleting files

Menace, a turn-based tactics game, has launched in early access with notable updates. Players are advised to whitelist the 'GameAssembly.dll' and 'Menace.exe' files due to some antivirus programs incorrectly classifying the former as malware. The first update introduces new adversaries, including pirate veteran scavengers and a pirate heavy machinegun truck. Enhancements include an optimized splash screen for ultra-wide monitors and significant balancing changes, such as a new heat mechanic for laser and plasma rifles and the addition of motion scanners to pirate EMP units.

Tech Optimizer

February 11, 2026

How to Disable Windows 11 Defender: Temporary and Permanent

Microsoft Defender Antivirus is the built-in security solution for Windows 11, protecting against viruses, malware, and ransomware. Users may need to disable it temporarily or permanently for various reasons, including software installation, penetration testing, performance issues, transitioning to third-party antivirus solutions, or troubleshooting conflicts. Temporary disabling can be done through the Windows Security app, which will automatically re-enable after a restart. Permanent disabling requires changes in Group Policy, applicable only to Windows 11 Pro, Enterprise, and Education editions, and necessitates disabling Tamper Protection first. Another method for permanent disabling is installing a third-party antivirus, which automatically deactivates Defender's real-time protection. Windows 11 Home users cannot use Group Policy for permanent disabling but can still temporarily disable Defender or install a third-party antivirus. Disabling Defender exposes the system to threats, and users should ensure they have alternative protection in place. Major Windows updates may reset Defender settings, and caution is advised when modifying system settings.

Tech Optimizer

February 10, 2026

AKDAN Malware Hunters blocks new malware that are difficult to detect with existing Antivirus with ‘AKDAN HALL’

AKDAN Malware Hunters has launched the AKDAN HALL PED, a security solution that detects and neutralizes unknown document-based malware in 0.27 seconds, achieving a 99% success rate against emerging threats. This technology uses Pre-Execution Detection (PED) and a virtual "hypnosis" environment to analyze potentially malicious behavior, differing from traditional antivirus software that relies on known threat databases. CEO Sean Jeon, with over 15 years in cybersecurity, emphasizes the need for proactive measures as 91% of cyberattacks start via email, often using document-based malware. The AKDAN HALL product line includes a cloud-based agent for personal use and the AKDAN HALL Mini, a compact server for sensitive environments, both designed to complement existing antivirus solutions. The company has received support from the Initial Startup Package program at Seoul National University of Science and Technology and plans to expand into the Japanese market.

Tech Optimizer

February 10, 2026

GuLoader Leverages Polymorphic Malware and Trusted Cloud Infrastructure to Evade Detection

GuLoader, also known as CloudEye, is a downloader malware that has been active since late 2019, primarily used to fetch and install secondary malware like Remote Access Trojans (RATs) and information stealers. It employs legitimate cloud services such as Google Drive and Microsoft OneDrive to host its malicious payloads, allowing it to evade detection by security tools. GuLoader utilizes advanced techniques including polymorphic code, which alters its appearance to avoid static detection signatures, and exception-based control flow to confuse analysis tools. Over the years, GuLoader has refined its tactics, including the use of software breakpoints and various exception types to redirect its operations. It also employs dynamic XOR encryption to obfuscate internal data, making it difficult for analysts to extract URLs. The malware's continuous evolution poses ongoing challenges for security researchers. Indicators of Compromise (IOCs) include specific hash values for different versions of GuLoader from 2022 to 2024.

Tech Optimizer

February 10, 2026

Why Should Small Businesses Invest In Antivirus Protection?

53% of UK businesses experience cybercrime attempts at least once a month, and 70% of business owners anticipate a cyber attack in the near future, yet only 35% feel adequately prepared. 43% of cyberattacks are directed at small businesses, with over half potentially closing due to the damage. Antivirus software is a cost-effective solution that can prevent data breaches, reduce the likelihood of ransomware, and protect devices of remote workers.

BetaBeacon

February 10, 2026

Download Google Play Store (free) for Android, APK and Web App

The Google Play Store is essential for Android users to access a wide collection of trusted and regularly updated applications.

AppWizard

February 10, 2026

Google warns millions of android users as virus spreads via WhatsApp, Instagram, Facebook, YouTube and more Apps; How to stay safe

Google has issued a warning to Android users about a dangerous malware called Arsink Malware, which is a Remote Access Trojan (RAT) capable of stealing personal information and taking control of infected devices. It spreads through apps that appear legitimate, often masquerading as "Mod" or "Premium" versions of popular applications. Arsink malware typically infiltrates devices via Telegram channels, Discord posts, third-party websites, and suspicious download links. Google has confirmed that no versions of Arsink are available on the Play Store and that devices with Google Play Protect enabled are automatically safeguarded against such threats. Google is also working with researchers to dismantle the infrastructure associated with this malware. To stay safe, users are advised to download apps only from the official Google Play Store, avoid 'Mod' or 'Premium' versions of apps, refrain from clicking on suspicious links, carefully check app permissions, keep Google Play Protect enabled, and regularly update their devices for security patches.

Tech Optimizer

February 10, 2026

Why Should Small Businesses Invest In Antivirus Protection?

53% of UK businesses experience cybercrime attempts at least once a month. 70% of business owners anticipate a cyber attack in the near future, but only about 35% feel prepared. 43% of cyberattacks are directed at small businesses, and over half of these may face closure due to the damage. Antivirus software can prevent data breaches, is cost-effective, reduces the likelihood of ransomware, and protects devices of remote workers.

AppWizard

February 10, 2026

Android users warned about new bug that steals private data – which apps to delete

The Arsink malware is an Android Remote Access Trojan (RAT) that exfiltrates sensitive information while granting remote control to its operators. It has impacted over 45,000 devices in 143 countries, including the UK. Arsink lures users to download deceptive "pro" versions of popular applications, often promoted on social media instead of the Google Play Store. Once installed, it can access text messages, emails, call logs, contacts, microphone recordings, photos, location data, and more. The malware also allows hackers to control device features such as using the torch, playing audio, making calls, and changing settings. It hides its icon, runs a persistent foreground service, and generates notifications to avoid detection. Users are advised to remove any "pro" versions of well-known apps like Google, YouTube, WhatsApp, Instagram, Facebook, and TikTok that are not from the official Google Play Store.