payment Archives

AppWizard

April 21, 2026

Trojanized Android App Fuels New Wave of NFC Fraud

A new variant of the NGate malware family has emerged, using a trojanized Android application to capture payment card data and personal identification numbers (PINs). This modified version of HandyPay, a legitimate NFC relay app, has been distributed since November 2025, primarily targeting users in Brazil. The malware intercepts NFC payment card data and allows fraudulent transactions. Two distinct malware samples have been observed, delivered through phishing infrastructure that impersonates a Brazilian lottery site and a Google Play listing for a card protection tool. The trojanized app captures NFC data, requests the victim's card PIN, and transmits this information to attacker-controlled infrastructure. It requires minimal permissions, leveraging its role as the default payment application to evade detection. Evidence suggests that generative AI tools may have been used in its development, indicated by emoji markers in debug logs. ESET has reported its findings to Google, and Google Play Protect can detect known versions of the malware. The developer of HandyPay is investigating the misuse of its application.

Tech Optimizer

April 21, 2026

Best Free Antivirus 2026: Keep Your Devices Safe With These Free Tools

Many free antivirus services monetize user attention or data, and caution is advised when selecting these options. Recommended free antivirus tools should be free of ads or spyware. Trustworthy antivirus providers present clear privacy policies detailing data collection and sharing practices. Effective free antivirus tools offer real-time protection, on-demand malware scans, and user-friendly features. While free antivirus software is generally sufficient, paid options provide additional cybersecurity tools. The best free antivirus tools consume less than 5% of system resources, with active scans ideally not exceeding 40% CPU usage. Avast faced backlash for selling customer data to over 100 third parties and was fined million by the FTC in 2024. Kaspersky was banned in the U.S. in 2024 due to concerns about potential intelligence exploitation, and it cannot be recommended at this time.

AppWizard

April 21, 2026

NGate Android malware uses HandyPay NFC app to steal card data

A new variant of the NGate malware targets Android users by disguising itself within a trojanized version of the HandyPay app, which is a legitimate mobile payment processing application. This malware, documented since mid-2024, siphons payment card information through the mobile device's near-field communication (NFC) chip and sends the stolen data directly to attackers, who create virtual cards for unauthorized purchases or cash withdrawals from NFC-enabled ATMs. The new variant has been injected with malicious code into the HandyPay app, which has been available on Google Play since 2021. The code includes emojis, indicating the possible use of a generative AI tool in its development. The shift from previous iterations, which used an open-source tool named NFCGate, to HandyPay is likely motivated by financial considerations and the need for evasion, as HandyPay is more affordable and requires fewer permissions. This NGate variant has been active since November 2025, primarily targeting Android devices in Brazil. It employs two main distribution methods: a counterfeit app named “Proteção Cartão” hosted on a fraudulent Google Play page and a fake lottery website that redirects users to WhatsApp to download the malicious APK. Upon installation, the app prompts users to set it as their default NFC payment application, requests their card PIN, and instructs them to tap their card on the phone for reading, transmitting all collected information to an attacker's email address. To protect against such threats, Android users are advised to avoid downloading APKs from outside Google Play, disable NFC when not in use, and use Play Protect to scan for threats.

AppWizard

April 21, 2026

NGate NFC malware targets Android users through trojanized payment app

NFC-based payment fraud targeting Android users in Brazil has been linked to a campaign using a trojanized version of the HandyPay app, part of the NGate malware family, since November 2025. The malware is distributed through a counterfeit website mimicking a lottery and a fraudulent Google Play page. The operators chose HandyPay for its low cost and minimal permissions required. The malware requests users to set it as the default NFC payment app, allowing it to capture payment card PINs and relay NFC card data to attackers. ESET Research identified this campaign and discovered logs from compromised devices containing sensitive information. The trojanized app has never been on the official Google Play store, and ESET has notified Google and the HandyPay developer about the issue.

AppWizard

April 21, 2026

New NGate Android malware variant uses NFC app to steal card data

A new variant of the NGate Android malware exploits a legitimate NFC payment app, HandyPay, to steal users' card information and PINs, enabling unauthorized contactless transactions. This malicious version of HandyPay, which has been available since 2021, was identified by ESET researchers and is distributed through a fraudulent lottery website and a fake Google Play page. The malware captures sensitive information by prompting users to enter their payment card PIN and tap their card against the device, sending the data to an attacker-controlled phone and exfiltrating the PIN to a command-and-control server. The campaign employs social engineering tactics and requires minimal permissions, relying on users to enable app installations from unknown sources. The attackers use a centralized infrastructure for malware distribution and PIN collection, with evidence of compromised devices in Brazil. The shift to modifying a legitimate application is motivated by financial incentives, as it offers similar functionality at a lower cost compared to underground tools. Users are advised to avoid installing apps from unofficial sources and to ensure the legitimacy of applications before entering sensitive information.

AppWizard

April 20, 2026

Square Enix forces anonymous FF14 harasser to pay compensation after court order

Square Enix is pursuing legal action against an individual who harassed its developers on private social media accounts. The company successfully deanonymized the player, who shared offensive content on a video-sharing site. A recent court ruling granted Square Enix access to the individual's identity, leading to the removal of the offending videos, an official apology, and undisclosed compensation to the company. Square Enix emphasized its commitment to a safe working environment and stated it will take strict measures against harassment, including legal action. This case sets a precedent for online trolling, highlighting potential consequences for abusive behavior towards game developers.

AppWizard

April 15, 2026

Aptoide sues Google for Android app store monopoly

Aptoide, a Portuguese app store company, has filed an antitrust lawsuit against Google in a federal court in San Francisco, alleging that Google is monopolizing the distribution of Android applications and payment processing. Aptoide claims that Google's practices hinder its ability to compete, despite offering lower commissions and more affordable options. The lawsuit seeks court orders to stop these practices and demands triple damages. Aptoide previously won a legal case against Google in 2018 regarding the removal of its app without user consent and was involved in the European Commission's Android antitrust case that resulted in a €4.34 billion fine against Google. The lawsuit comes amid increased scrutiny of Google's business practices, including a December 2023 jury ruling that found Google maintained an illegal monopoly in Android app distribution and in-app billing. Following this ruling, a U.S. District Court ordered Google to implement reforms to enhance competition within the Android ecosystem. Additionally, a proposed settlement between Google and Epic Games aims to facilitate the installation of third-party app stores and allow alternative payment methods. In August 2024, a U.S. District Court identified Google as a monopolist in the general search market, citing exclusionary agreements that restrict competition. Aptoide's lawsuit reflects concerns among smaller competitors about Google's influence over Android app distribution despite ongoing legal challenges.

AppWizard

April 15, 2026

Musk’s XChat Is Coming to App Store, Meta, Apple and Finance World Are Trembling

Elon Musk's XChat will launch on the App Store on April 17 as a standalone encrypted messaging application focused on privacy, featuring end-to-end encryption, no advertisements, and a no-tracking policy. Initially part of the X platform, XChat was developed to compete with messaging services like WhatsApp, Telegram, and Signal. The app allows global communication using X accounts without requiring phone numbers, offering cross-platform capabilities unlike iMessage. XChat utilizes a Rust-based architecture with advanced security features and plans to incorporate peer-to-peer transfers and cryptocurrency payments with X Money in 2026, potentially disrupting traditional payment systems. Additionally, it may leverage Grok AI to provide users with various lifestyle services, posing challenges to Google's advertising and search traffic.

Tech Optimizer

April 13, 2026

Fake Windows 11 support site offers ‘update’ that steals data and evades antiviruses

Malwarebytes has discovered a counterfeit Windows support site offering a fake "cumulative update" for Windows 11 24H2. Users who click the "Download Update" button download an 83MB package designed to compromise sensitive information, including passwords and payment details. The file, named WindowsUpdate 1.0.0.msi, falsely lists Microsoft as the author and is created using WiX Toolset 4.0.0.5512. VirusTotal reported zero detections for the main executable and VBS launcher, highlighting the malware's architecture designed to evade detection. The malicious website's address includes "microsoft-update.support," differing from the legitimate support site. Malwarebytes has added the malicious site to its detection service database.

AppWizard

April 11, 2026

I tried the redesigned Google Wallet app, and it fixes my 2 biggest complaints

Google has redesigned its Google Wallet app, introducing a new interface that has received positive user feedback. The updated design features passes displayed as small squares, allowing users to see double the number of passes on their screens. Users can now customize which passes are visible upon opening the app by starring their preferred passes. The app retains the ability to rearrange passes and access detailed information through barcodes or QR codes. A new "View more" button provides access to a comprehensive list of transactions and passes, along with a search bar for easy navigation. However, accessing the full list of passes requires a two-step process, which some users find cumbersome. Suggestions for improvement include adding a "View all passes" button and a search bar on the home screen for enhanced usability.