malware attacks Archives

Tech Optimizer

May 5, 2026

The best mobile antivirus software of 2026: Expert tested and reviewed

Bitdefender Mobile Security is currently regarded as the best mobile antivirus software, achieving a 100% detection rate for malware on Android devices according to AV-TEST's August 2025 report. The 2026 version introduces App Anomaly Detection and includes features like Scam Alert and anti-theft tools. Sophos Intercept X for Mobile offers a free version with a perfect score in AV-TEST's comparisons and features such as multi-factor authentication and a Privacy Advisor. Surfshark Antivirus, part of the Surfshark One package, scored six out of six in AV-TEST's evaluations and includes various security tools, but is only available for Android, macOS, and Windows. Avast Mobile Security is a popular free option with robust features and achieved perfect scores in protection and usability in AV-TEST's September-October 2025 report. AVG Antivirus, operating on the same engine as Avast, also detected 100% of malware in AV-TEST's March-April 2025 evaluations and includes anti-theft tools.

Winsage

April 24, 2026

Microsoft to roll out Entra passkeys on Windows in late April

Microsoft will introduce passkey support for phishing-resistant passwordless authentication on Microsoft Entra-protected resources starting in late April, with broader availability expected by mid-June 2026. This feature will allow passwordless sign-in on unmanaged Windows devices and will support various device types, including corporate, personal, and shared options. Administrators can manage passkeys through Conditional Access and Authentication Methods policies. Users can create device-bound passkeys stored securely within the Windows Hello container, using methods like facial recognition, fingerprint scanning, or a PIN. The passkeys will adhere to FIDO2 standards and will be securely bound to individual devices, preventing transmission over the network to enhance security against phishing and malware attacks. Microsoft has also announced plans for mandatory multifactor authentication registration for Entra tenants by October 2024 and that all new accounts will be passwordless by default starting in May 2025.

Tech Optimizer

April 10, 2026

Popular Monitor Utilities, CPU-Z And HWMonitor, Have Been Infected With Malware

Recent reports indicate that the hardware monitoring tools HWMonitor and CPU-Z have been compromised, leading to users downloading malware instead of the legitimate software. Users reported receiving suspicious executable files and antivirus alerts when attempting to download the latest versions. A specific incident involved a user who downloaded HWMonitor from the official CPUID website, only to find the file was labeled incorrectly and flagged as a virus by Windows Defender. Cybersecurity experts confirmed that this is a serious issue involving a multi-stage trojanized attack from a compromised domain. The developer of CPU-Z and HWMonitor acknowledged that a secondary feature linked to the website was compromised for about six hours, causing the main website to display incorrect files. Users are advised to refrain from downloading or updating these utilities until the issue is resolved.

Tech Optimizer

March 24, 2026

This tax-themed malvertising attack can blind security software before it arrives — and then unleashes ransomware

Cybercriminals are targeting taxpayers with phishing schemes and malware attacks as the April 15 tax deadline approaches. They create fake tax form websites that appear in Google Ads, leading users to download malicious software like ScreenConnect, which can disable device security. These tactics aim to steal sensitive information and potentially facilitate ransomware attacks. Counterfeit Chrome updates are also being used in similar schemes. Taxpayers are advised to verify the authenticity of websites and rely on trusted sources to protect their personal information.

Winsage

March 11, 2026

Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys

Microsoft is introducing passkey support for Microsoft Entra on Windows devices, enabling phishing-resistant, passwordless authentication through Windows Hello. The feature will be available on an opt-in basis in public preview from mid-March to late April 2026 for global tenants, with a subsequent rollout for government cloud environments from mid-April to mid-May. This feature extends passwordless sign-in to unmanaged Windows devices, reducing reliance on traditional password-based methods. Passkeys are device-bound, stored in the Windows Hello container, and cannot be synced across devices. IT administrators must enable the Passkeys (FIDO2) authentication method within Entra's Authentication Methods policies to participate in the public preview. Additionally, Microsoft announced that all new Microsoft accounts will be "passwordless by default" starting in May 2025, following the rollout of passkey authentication for personal accounts in 2024.

Tech Optimizer

February 25, 2026

Effective ways to prevent the download of malicious code

Malware is malicious software designed to disrupt normal system operations, often infiltrating devices through activities like web browsing or opening documents. In 2023, SonicWall Capture Labs reported over 6 billion malware attacks, an 11% increase from the previous year. Common types of malware include viruses, worms, Trojans, spyware, adware, ransomware, fileless malware, and bots. Malware spreads through email attachments, phishing links, compromised websites, fake apps, and removable media. Its effects can include performance issues, data theft, and financial damage. Signs of malware presence include sluggish performance, unexpected crashes, and unauthorized changes. Recommended actions if malware is suspected include disconnecting the device, running a malware scan, and changing passwords. Preventative measures include using security software, practicing safe browsing, keeping software updated, and building security awareness.

Tech Optimizer

February 11, 2026

The malware your antivirus can’t see and the AI making 560,000 new viruses every day

Hackers are generating 560,000 new malware variants daily using artificial intelligence, contributing to a 131% increase in malware attacks over the past year. AI tools like ChatGPT and Claude enable rapid malware creation, with 80% of phishing attacks now utilizing AI. Malware is being sold on the dark web, with packages available for 0 for 1,000 installations and monthly subscriptions ranging from 0 to ,000, including customer support. Mac malware incidents have increased by 50% this year, targeting users through deceptive downloads. Red flags for malware include sluggish performance, excessive pop-ups, a hijacked home page, and unfamiliar programs. Paid antivirus solutions can stop 95%-99% of malware, while free options may only catch 60%-80% of threats. Webroot is noted as an effective antivirus solution that uses less memory and scans faster than competitors.

AppWizard

November 29, 2025

The Spy in Your Pocket: How Ordinary Android Apps Are Turning Into Dangerous Spyware

Numerous commonly used Android applications, often appearing harmless, can contain malicious code that functions as spyware. These applications, which include phone cleaners, file managers, and wallpaper apps, can record screens, capture keystrokes, access microphones and cameras without consent, and transmit data to unknown servers. Uninstalling these apps may not eliminate the threat, as they can remain hidden. Users often grant unnecessary permissions to these apps, inadvertently allowing cybercriminals access to personal data. Recent cybersecurity assessments indicate a rise in mobile malware attacks, particularly in India, where weak enforcement and low awareness contribute to the problem. Spyware can drain device resources, leading to rapid battery depletion and lagging performance. Additionally, these apps can steal personal information, enabling identity theft and ongoing repercussions. Trusting apps solely based on their presence in the Play Store is a misconception, as modern spyware can bypass initial checks. To stay safe, users should verify developers, decline unnecessary permissions, conduct security scans, avoid third-party APKs, and keep their devices updated.

AppWizard

November 6, 2025

Productivity and Workflow Apps Target for Android Malware and IoT Attacks: Study

- There has been a 67% year-over-year increase in malware aimed at mobile devices. - A 387% rise in IoT and OT attacks has been observed, particularly in the energy sector. - Researchers identified 239 malicious applications on the Google Play Store, which collectively had 42 million downloads. - A significant amount of malware was found in the "Tools" category, where malicious apps disguised themselves as legitimate productivity tools. - The manufacturing sector is a primary target for mobile and IoT attacks, with manufacturing and transportation industries accounting for 20.2% of all observed IoT malware attacks. - Mobile attacks are primarily concentrated in India, the United States, and Canada, with the U.S. being the epicenter for IoT threats, accounting for 54% of incidents. - India leads in mobile attacks at 26%, followed by the U.S. at 15% and Canada at 14%, with India experiencing a 38% increase in mobile threat attacks compared to the previous year. - There is a shift from card-focused fraud schemes to mobile payment methods among threat actors.

AppWizard

November 5, 2025

Beware: 239 Dangerous Android Apps Found on Google Play with 40M+ Installs

Cybersecurity threats targeting mobile devices and critical infrastructure have significantly increased, with Zscaler's research revealing that 239 malicious Android applications on the Google Play Store have been downloaded 42 million times. The energy sector has experienced a 387% rise in cyberattacks compared to the previous year. Malicious applications often disguise themselves as legitimate tools, exploiting user trust, especially in hybrid and remote work environments. There has been a 67% year-over-year increase in Android malware transactions, with spyware and banking malware posing significant risks. The manufacturing and transportation sectors accounted for 20.2% of all observed IoT malware attacks, with a shift in focus from manufacturing to include transportation. Approximately 40% of blocked transactions were linked to the Mirai malware family, while Mozi has become the second most prevalent. Geographically, India is the top target for mobile attacks (26%), followed by the United States (15%) and Canada (14%). The U.S. also leads in IoT malware incidents at 54%. New threats include Android Void malware, affecting 1.6 million Android TV boxes, and Xnotice, a Remote Access Trojan targeting job seekers in the oil and gas industry. Adware now represents 69% of mobile threats, surpassing the Joker malware family.