malware detection Archives

Tech Optimizer

June 9, 2025

Cryptostealing Malware Found in Printer Software Highlights Growing Supply Chain Threat

A cybersecurity incident involving Procolored printers revealed vulnerabilities in everyday hardware, as users may have downloaded malware capable of stealing cryptocurrencies like Bitcoin. Tech content creator Cameron Coward reported an antivirus alert linked to Procolored printer software, prompting an investigation by G Data researchers who found malicious code in installation files on the manufacturer's website. The identified threats included a remote access tool (Win32.Backdoor.XRedRAT.A) and a cryptocurrency wallet stealer (MSIL.Trojan-Stealer.CoinStealer.H). Compromised files were last updated in October 2024 and distributed through official channels. The company initially denied the issue but later removed the downloads from their website in May 2025 and acknowledged the malware might have been introduced via USB transfers. An analysis of an attacker’s wallet showed a total of 9.3 BTC accumulated across 330 transactions before it was emptied. Cybersecurity experts recommend that users conduct antivirus scans and consider reformatting drives and reinstalling operating systems if infections are suspected.

Tech Optimizer

June 5, 2025

CISA releases TTPs & IoCs for Play Ransomware That Hacked 900+ Orgs

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the FBI and the Australian Cyber Security Centre, released an advisory on the Play ransomware group, which has targeted around 900 entities since its inception in June 2022. The group employs a double extortion model, exploiting vulnerabilities in public-facing applications and using tools for lateral movement and credential dumping. Their operations involve recompiling ransomware binaries for each attack to evade detection. The advisory highlights mitigation measures such as multifactor authentication and regular software patching. The Play ransomware specifically targets virtual environments and encrypts files using AES-256 encryption. Indicators of Compromise (IoCs) include: - SVCHost.dll (Backdoor) - SHA-256: 47B7B2DD88959CD7224A5542AE8D5BCE928BFC986BF0D0321532A7515C244A1E - Backdoor - SHA-256: 75B525B220169F07AECFB3B1991702FBD9A1E170CAF0040D1FCB07C3E819F54A - PSexesvc.exe (Custom Play “psexesvc”) - SHA-256: 1409E010675BF4A40DB0A845B60DB3AAE5B302834E80ADEEC884AEBC55ECCBF7 - HRsword.exe (Disables endpoint protection) - SHA-256: 0E408AED1ACF902A9F97ABF71CF0DD354024109C5D52A79054C421BE35D93549 - Hi.exe (Associated with ransomware) - SHA-256: 6DE8DD5757F9A3AC5E2AC28E8A77682D7A29BE25C106F785A061DCF582A20DC6

Tech Optimizer

June 4, 2025

I put McAfee and Norton head-to-head in an antivirus showdown, and the results were quite surprising

McAfee and Norton are two leading antivirus providers known for their robust online safety solutions. Both offer essential security features such as real-time threat detection, firewall protection, identity theft protection, VPN services, password management, and parental controls, but they differ in implementation. McAfee uses advanced machine learning for real-time threat detection but has a higher rate of false positives and shows room for improvement against ransomware and phishing. Norton excels in malware detection and has a strong performance against ransomware, blocking 95% of phishing links in tests. McAfee's firewall monitors incoming threats and protects connected devices, while Norton’s firewall prevents untrusted applications from accessing the internet with extensive configuration options. In identity theft protection, McAfee offers comprehensive features with live agent support, whereas Norton partners with LifeLock for enhanced services, including credit monitoring and up to one million dollars in compensation for identity theft losses. McAfee provides unlimited VPN access with basic functionality, while Norton’s VPN includes advanced features like split tunneling and a kill switch. Both include password managers, but McAfee's lacks some functionalities, whereas Norton’s is user-friendly and supports data import from other managers. For parental controls, McAfee allows website blocking and app restrictions, while Norton offers detailed content filtering and monitoring of online activities. In system performance, both have received high marks, with McAfee showing a superior impact score in tests. User experience varies, with McAfee being more accessible for non-technical users and Norton catering to more experienced individuals. Recent testing indicates both effectively blocked nearly all threats, but McAfee had more false positives. Both brands received high ratings from SE Labs for protection and accuracy. The choice between them depends on individual needs, with McAfee being user-friendly and Norton offering advanced features and enhanced identity protection.

Tech Optimizer

June 3, 2025

How we test antivirus software

Robust antivirus software is essential for protecting sensitive data in personal and business contexts. Different antivirus solutions vary in malware detection and overall protection. The ideal antivirus balances comprehensive coverage with system performance. Resources like AV-Comparatives and AV-Test provide impartial testing of antivirus capabilities, including real-world protection tests and evaluations of false alarms. Performance and customer support are critical factors in antivirus software evaluation. The impact on device speed and resource consumption is important, as is the quality of customer support for troubleshooting. Reliable support options enhance user satisfaction. Thorough testing of antivirus software is crucial due to the evolving tactics of cybercriminals. Not all antivirus solutions are equally effective, and rigorous evaluation helps identify subpar options and false positives. Free antivirus options may suffice for casual users, but premium versions often offer better features and protections. Meticulous testing ensures that security software meets its promises and helps users make informed decisions.

Tech Optimizer

June 2, 2025

AVCheck cyber crime service snared in police takedown

An international law enforcement initiative has dismantled an online software crypting syndicate that helped cybercriminals evade malware detection. The operation, led by the FBI's Houston Field Office and involving agencies from the Netherlands, Finland, and the US Secret Service, resulted in the seizure of four domains, the takedown of 300 servers, the neutralization of 650 domains, and the issuance of nearly two dozen international arrest warrants. Matthijs Jaspers from the Netherlands' High Tech Crime Team highlighted the challenges of tracking cybercriminals and the importance of collaborative efforts in combating cybercrime.

Tech Optimizer

June 1, 2025

Bitdefender vs. Norton: Which Antivirus Titan Reigns Supreme for Your Digital Safety?

Bitdefender was established in 1996 and rebranded in 2001, becoming the most popular mobile antivirus in North and South America in 2022. Norton was founded in 1982 and became well-known after Symantec's acquisition. Bitdefender achieves over 98% detection rates online and offline, with five false positives in tests, while Norton exceeds 99% online and 97% offline but has a higher false positive rate. Bitdefender offers a configurable firewall in its Total Security package, while Norton provides a customizable firewall across all products. Bitdefender lacks identity theft protection in its core offerings but offers a separate service, while Norton includes comprehensive identity theft protection in its highest tier. Bitdefender includes a VPN with a 200MB daily cap, while Norton offers an unlimited VPN in most tiers. Bitdefender features an integrated password manager without two-factor authentication, while Norton allows credential sharing and has standalone options. Bitdefender provides basic parental controls, while Norton includes additional features like GPS tracking. Bitdefender enhances its packages with a file shredder and vulnerability scanner, while Norton offers SafeCam and Dark Web Monitoring. Bitdefender is known for resource efficiency, receiving awards for performance, while Norton also received recognition for its performance. Bitdefender has an easy-to-navigate interface, while Norton has a more complex interface. In AV-Comparatives tests, Bitdefender slightly surpassed Norton in offline detection and online protection rates. Bitdefender pricing starts at approximately .99/year for one device, while Norton starts at .99/year for one device as well.

Tech Optimizer

May 29, 2025

How to run an antivirus scan on your computer

When selecting antivirus software, understanding its functionality is crucial to ensure adequate protection. Running a virus scan involves opening the antivirus program, clicking the ‘Scan’ button, and allowing the software to operate. Automated scan schedules are important for consistent protection, especially during system startup to catch hidden malware. Key points for executing scans include avoiding heavy applications during the scan, utilizing the ability to pause scans, and ensuring laptops are charged and plugged in. During scans, the antivirus may identify potentially unwanted programs (PUPs), which should not be dismissed. After a scan, reviewing the results is essential, including threat names, severity ratings, affected files, and recommended actions. If threats are detected, correlating them with known vulnerabilities is advisable. Some malware may require a device restart or boot-time scanning for removal. Maintaining exportable logs can be beneficial for future reference. Post-scan, it is important to patch operating systems, change passwords if necessary, perform system backups, and establish a regular backup plan. Most antivirus programs offer features for automated scans and real-time protection, which should be utilized. Regular checks of reports are necessary to stay informed about device security. To maintain virus-free devices, users should avoid unknown links or email attachments, download software from legitimate sources, use strong passwords, back up important files, keep browsers updated, and enable multi-factor authentication. Regular virus scans are vital for safeguarding online presence and preventing performance issues.

Tech Optimizer

May 18, 2025

Do I need antivirus software for Windows 11?

Windows 11 accounts for nearly 44% of global desktop users as of April 2025, making it a prime target for cybercriminals, with 83% of malware in 2020 aimed at Windows systems. Microsoft Defender, which comes pre-installed with Windows 11, offers commendable malware protection, basic ransomware protection, a SmartScreen feature for anti-phishing, and a firewall that monitors network traffic. While it provides a solid foundation for security, additional third-party antivirus software can enhance protection, offering more comprehensive features such as superior parental controls, integrated VPN services, and identity theft protection.

Tech Optimizer

May 17, 2025

Do You Really Need Antivirus on Windows 11? Probably Not—Here’s Why

Windows 11 has robust built-in security features that may reduce the need for third-party antivirus software. Windows Security now offers comprehensive protection, including real-time malware detection, firewall protection, SmartScreen alerts, hardware-level security, account monitoring, and system health reports. According to AV-TEST results from January and February 2025, Microsoft Defender Antivirus scored 6.0/6.0 in protection, performance, and usability, effectively stopping advanced malware and phishing attempts with minimal system resource usage. Users of Microsoft Edge benefit from SmartScreen filtering, while those using other browsers receive system notifications for network protection. Basic digital hygiene practices, such as avoiding suspicious downloads and keeping software updated, are crucial for security. Third-party antivirus solutions may offer additional features but can lead to performance issues and privacy concerns. For casual users who maintain their systems and practice safe browsing, Windows Security is generally sufficient, while those handling sensitive information or needing advanced features may consider premium antivirus options.

AppWizard

May 13, 2025

Your Android phone will soon warn you about that sketchy app sneakily changing icons

Google Play Protect is set to enhance its security features to better defend against malicious applications. The upcoming update will include the ability to detect changes in app icons, alerting users when an app alters its icon, a tactic used by malicious developers. Additionally, Google Play Protect will improve its on-device malware detection capabilities by implementing new rules to identify specific text or binary patterns associated with known malware families. These enhancements aim to provide users with timely alerts before installing potentially harmful applications, significantly reducing the risk of malware. The new icon detection feature will roll out in the coming months, initially available on the Pixel 6 series and select devices from other manufacturers. The on-device rules will be updated regularly to address emerging threats, and the enhanced malware scanning capability will be accessible to all Android users with Google Play Services.