passwords Archives

Tech Optimizer

April 13, 2026

Fake Windows 11 support site offers ‘update’ that steals data and evades antiviruses

Malwarebytes has discovered a counterfeit Windows support site offering a fake "cumulative update" for Windows 11 24H2. Users who click the "Download Update" button download an 83MB package designed to compromise sensitive information, including passwords and payment details. The file, named WindowsUpdate 1.0.0.msi, falsely lists Microsoft as the author and is created using WiX Toolset 4.0.0.5512. VirusTotal reported zero detections for the main executable and VBS launcher, highlighting the malware's architecture designed to evade detection. The malicious website's address includes "microsoft-update.support," differing from the legitimate support site. Malwarebytes has added the malicious site to its detection service database.

Tech Optimizer

April 13, 2026

Fake Claude site installs malware that gives attackers access to your computer

Claude, an AI tool developed by Anthropic, receives nearly 290 million web visits monthly and has become a target for cybercriminals. A fake website has been found that impersonates Claude, distributing a trojanized installer named Claude-Pro-windows-x64.zip. This installer, while appearing legitimate, deploys PlugX malware, granting attackers remote access to users' systems. The fraudulent site mimics the official download page and uses passive DNS records linked to commercial bulk-email platforms, indicating active maintenance by the operators. The ZIP file contains an MSI installer that incorrectly spells "Claude" as "Cluade" and creates a desktop shortcut that launches a VBScript dropper. This script runs the legitimate claude.exe while executing malicious activities in the background, including copying files to the Windows Startup folder to ensure persistence after reboot. The attack utilizes a DLL sideloading technique recognized by MITRE as T1574.002, where a legitimate G DATA antivirus updater is exploited with a malicious DLL. Within 22 seconds of execution, the malware establishes a connection to an IP address associated with Alibaba Cloud, indicating control over the compromised system. The dropper script also employs anti-forensic measures to delete itself and the VBScript after deployment. Indicators of compromise include the filenames Claude-Pro-windows-x64.zip, NOVUpdate.exe, avk.dll, and NOVUpdate.exe.dat, along with the network indicator 8.217.190.58:443 (TCP) as the command and control destination. Users are advised to download Claude only from the official site and to remain vigilant against potential compromises.

Tech Optimizer

April 11, 2026

Antivirus protection built into Windows

Windows 11 includes Microsoft Defender Antivirus, which is active from the moment the device is powered on and integrated into the operating system. It continuously updates to protect against various threats, including malicious files and unsafe links. Microsoft Defender SmartScreen evaluates the safety of websites and downloads, providing warnings for dubious content. Smart App Control prevents untrusted applications from executing, while Controlled folder access protects personal files from unauthorized modifications. Users can verify the operational status of Microsoft Defender Antivirus through Windows Security settings. Best practices for maintaining security include keeping the antivirus updated, using a single real-time antivirus engine, and enhancing security habits. Microsoft Defender Antivirus is generally sufficient for everyday risks, but additional third-party antivirus solutions may be considered based on individual needs.

Winsage

April 9, 2026

This fake Windows support website delivers password-stealing malware

A phishing campaign has been identified that uses a counterfeit Microsoft support website, microsoft-update[.]support, to trick users into downloading a malicious Windows update disguised as WindowsUpdate 1.0.0.msi. This file, created on April 4, 2026, appears legitimate but contains malware designed to steal sensitive information. The campaign targets French-speaking users, leveraging recent data breaches in France to create convincing scams. The malware, once executed, installs an Electron application that runs a Python interpreter, which then deploys various data theft tools. It employs two persistence mechanisms: modifying the Windows registry and creating a shortcut in the Startup folder. The malware connects to external sites for reconnaissance and data exfiltration, using domains like datawebsync-lvmv.onrender[.]com and store8.gofile[.]io. The malware's components have evaded detection by antivirus tools, with VirusTotal reporting zero detections for the main executable and its launcher. Users are advised to check their registry, remove suspicious files, change passwords, and run a full system scan if they suspect installation of the malicious update. Safe updating practices include using the built-in Windows update feature and being cautious of phishing attempts. Indicators of compromise include specific file hashes, domains associated with the phishing campaign, and file system artifacts related to the malware's installation.

Tech Optimizer

April 8, 2026

Avast Antivirus: A Complete Guide to the Software and Its Security Features

Avast antivirus is a widely used digital security solution for mobile and desktop platforms, developed by Gen Digital. It offers a free version that is accessible and easy to set up, making it popular among first-time users. Key security features include real-time threat protection, web protection tools, email protection, behavior monitoring, and a network inspector. The software operates quietly in the background, has a clean and intuitive interface, and provides essential security features in its free version. However, users may experience intrusive upgrade prompts, and advanced tools require a paid subscription. Avast distinguishes itself by offering behavioral threat detection in both free and paid versions, and its extensive user base enhances its threat detection capabilities. The free version includes basic protections suitable for everyday online activities, but advanced features necessitate an upgrade. Users are encouraged to adopt strong passwords, utilize password managers, enable two-factor authentication, and practice safe browsing habits to ensure online privacy.

AppWizard

April 8, 2026

The FBI Warns That Foreign Cybercriminals Have Targeted Messaging App Users

Cybercriminals connected to Russian intelligence are conducting a large phishing campaign targeting messaging applications, impacting thousands of accounts worldwide. A joint advisory from the FBI and CISA reveals that these attacks focus on individuals with access to sensitive information, including government officials, military personnel, political figures, and journalists. The campaign relies on deception, with attackers impersonating official support channels on platforms like Signal, sending messages that prompt victims to click malicious links or provide confidential information. Victims who comply risk losing control of their accounts, allowing attackers to read private messages and access contact lists. This trend has been observed not only in the U.S. but also in the Netherlands, where similar tactics are used against government employees. The FBI notes that the security of the messaging apps is not the issue; rather, the vulnerability lies in human error. The rise of social engineering tactics poses a risk to both high-profile individuals and potentially everyday users, and users are advised to be cautious with unsolicited messages and not to share sensitive information.

Tech Optimizer

April 7, 2026

Norton 360: Comprehensive Cybersecurity for Devices

Norton 360 is a comprehensive cybersecurity solution that protects consumers and businesses from digital threats, integrating features like a VPN and password manager. It safeguards various devices, including PCs and smartphones, and offers multiple editions for individuals, families, and small businesses. Key features include real-time threat detection, a smart firewall, a no-logs VPN, a password manager, parental controls, behavior-based detection for zero-day threats, cloud backup functionality, and performance optimization tools. The suite is effective against phishing, malware, and ransomware, with a 100% detection rate confirmed by independent tests. Norton 360 also caters to small businesses with endpoint protection, compliance tools, and secure file sharing. It employs heuristics and machine learning for threat adaptation and supports unlimited devices in premium plans. The software is compatible with Windows, macOS, Android, and iOS, and offers a VPN service with servers in over 30 countries. Norton 360 competes in the global cybersecurity market, maintaining a strong presence in North America and Europe, with subscription models ranging from basic to deluxe editions. Demand for the product has increased due to high-profile data breaches, and it is available in over 150 countries. Common use cases include protecting home networks, securing client data for freelancers, and safeguarding school-issued laptops. Norton 360 is part of Gen Digital Inc., which focuses on consumer cybersecurity.

AppWizard

April 6, 2026

Dangerous “NoVoice” malware found in over 50 Play Store apps that were installed 2.3 million times

A new malware threat called "NoVoice" has been found in over 50 applications on the Google Play Store, with 2.3 million installations on Android devices. Discovered by McAfee, this malware is hidden in seemingly harmless apps like system cleaners, games, and image galleries. It exploits Android vulnerabilities to gain root access, potentially allowing attackers to steal sensitive information and manipulate applications without user consent. In some cases, it may persist even after a factory reset. Google has stated that Android devices updated since May 2021 are protected against this threat and that Google Play Protect actively removes malicious apps and blocks new installations. The malware was not able to infect devices in Beijing and Shenzhen, suggesting the attackers may be avoiding local law enforcement. One identified app carrying the NoVoice payload is SwiftClean, developed by Biodun Popoola. The malware operates using a silent audio file, executing its code without user detection. Users are advised to download apps only from the Google Play Store and keep their devices updated.

Tech Optimizer

April 6, 2026

Scammers Want Our Data, Yet CNET Finds Many of Us Aren’t Protecting Our Devices

- 78% of US adults currently own a personal laptop, with HP (32%) and Apple (26%) being the most popular brands. - 54% of laptop owners have encountered potential malware on their devices in the past year. - 88% of those who reported seeing potential malware took action, while 12% did not respond. - 68% of proactive laptop owners either deleted the suspicious file or closed the website or pop-up. - 37% of laptop owners received phishing emails in the past year. - Many modern devices come equipped with built-in antivirus solutions, such as Microsoft Defender for Windows 11 and XProtect for Mac users. - 60% of users who acted upon encountering potential malware manually deleted files or closed suspicious websites, while 35% initiated antivirus scans. - Antivirus software alone cannot safeguard against data breaches or identity theft; a comprehensive cybersecurity strategy involves various tools and practices. - Recommended tools for online security include Bitdefender for antivirus, Aura for identity theft protection, Bitwarden for password management, and ExpressVPN for VPN services.

Tech Optimizer

April 3, 2026

Why I Use Additional Antivirus Protection on Top of Microsoft Defender

Microsoft Defender has evolved into a reliable security tool, integrating seamlessly with the Windows operating system and offering features such as real-time malware scanning, cloud-based threat intelligence, collaboration with the Windows firewall, and ransomware protections. It receives automatic updates through Windows Update, providing users with up-to-date threat definitions. While Defender is sufficient for users with straightforward online activities, those engaging in riskier behaviors or handling sensitive information may benefit from additional protection. Some antivirus solutions offer features that Defender lacks, such as enhanced web protections, phishing defenses, and parental controls. The text mentions that the author uses Bitdefender alongside Microsoft Defender for added security, citing its stronger web protections and broader range of tools. It emphasizes that effective security also relies on user habits, including keeping software updated, avoiding suspicious downloads, using strong passwords, and regularly backing up data.