Remote Desktop Archives

Tech Optimizer

September 15, 2025

HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks

Chinese-speaking users are experiencing a sophisticated SEO poisoning campaign that uses counterfeit software sites to spread malware. Researchers from Fortinet FortiGuard Labs discovered this activity in August 2025, which involves manipulating search rankings to redirect users to fraudulent sites that deliver malware through trojanized installers. The malware families identified include HiddenGh0st and Winos, both variants of the Gh0st RAT, linked to a cybercrime group known as Silver Fox. The attack mechanism involves a script named nice.js that orchestrates the malware delivery process, leading to the installation of a malicious DLL, "EnumW.dll," which performs anti-analysis checks and extracts another DLL, "vstdlib.dll." This second DLL inflates memory usage to evade detection and is responsible for launching the main payload. The malware aims to sideload a DLL, "AIDE.dll," which establishes a Command-and-Control (C2) communication, collects victim data, and monitors user activity. Additionally, a separate campaign targeting Chinese-speaking users has been flagged by Zscaler ThreatLabz, featuring a new malware called kkRAT. This malware shares code similarities with Gh0st RAT and employs fake installer pages to deliver multiple trojans. It uses techniques to bypass security software and targets specific antivirus programs, including 360 Total Security and Kingsoft Internet Security. The installer launches shellcode that retrieves additional malicious payloads, including kkRAT, which can perform various data-gathering tasks and manipulate clipboard data to replace cryptocurrency addresses.

Winsage

September 9, 2025

Windows 10 KB5065429 update includes 14 changes and fixes

Microsoft has released the KB5065429 cumulative update for Windows 10 22H2 and 21H2, which includes fourteen enhancements and fixes. This mandatory update addresses two zero-day vulnerabilities and 81 other flaws, improving the security of the operating system. Users can install the update through Windows Update, and it will automatically begin installation after checking for updates. The update upgrades Windows 10 22H2 to build 19045.6332 and Windows 10 21H2 to build 19044.6332. Key fixes include resolving unexpected User Account Control prompts, performance issues with NDI streaming software, and various other bug fixes related to input methods, app compatibility, multimedia, and search functionality. There are no known issues with this update.

Winsage

September 8, 2025

You Can Get Windows 11 Pro on Sale for A$19 Right Now

Windows 11 Pro is currently available at a discount, with a promotion running until September 14 at 11:59 p.m. PT. Key features include Windows Copilot, a redesigned user interface, productivity tools, remote desktop access, security features like TPM 2.0 and BitLocker, biometric login support, and virtualization options. The offer is through a trusted Microsoft partner, allowing discounted codes for updates on two PCs, provided each device meets the minimum requirements of a 1GHz processor, 4GB of RAM, and 40GB of hard disk space.

Winsage

September 4, 2025

Windows 10 is being phased out—is a tablet now the better choice?

The text discusses the growing relevance of tablets as alternatives to traditional laptops in personal computing, especially with the transition from Windows 10 to Windows 11. Tablets are suitable for various users, including those with a primary PC, students, frequent travelers, casual users, and those avoiding Windows 11. Modern tablets, such as the Samsung Galaxy Tab S9, OnePlus Pad 3, and Lenovo Tab P12, offer portability, long battery life, and compatibility with accessories like keyboards and styluses. They can perform everyday tasks effectively, often with apps optimized for tablet use. Tablets also provide a less complex user experience compared to Windows 11, which has stringent hardware requirements. The Galaxy Tab S9 features an 11-inch AMOLED display, Snapdragon 8 Gen 2 processor, 8 GB RAM, and 8,400 mAh battery. The OnePlus Pad 3 has a 13.2-inch LCD, Snapdragon 8 Elite processor, and 12,140 mAh battery. The Lenovo Tab P12 offers a 12.7-inch display, MediaTek Dimensity 7050 processor, and 10,200 mAh battery.

Winsage

September 2, 2025

Threat Actors Exploit Windows Search in AnyDesk ClickFix Attack to Spread MetaStealer

Cybercriminals have developed a sophisticated variant of the ClickFix scam, utilizing human-verification social engineering and the Windows search protocol to deploy MetaStealer, an infostealer that steals credentials and sensitive data. The attack begins when a target searches for the legitimate AnyDesk tool and is redirected to a phishing page featuring a deceptive human-verification prompt. This page uses a search-ms URI scheme to connect to an attacker-controlled SMB share, presenting a malicious Windows shortcut disguised as a PDF. Executing this shortcut downloads the legitimate AnyDesk installer and retrieves a malicious "PDF" from an external server. The MSI package contains a dropper (ls26.exe) that operates similarly to known MetaStealer samples, scanning for browser credentials and exfiltrating data. The attack circumvents user suspicion by mimicking a legitimate application installation. Organizations are advised to implement strict application whitelisting, monitor Windows protocol handlers, educate users about suspicious prompts, and deploy detection rules to mitigate these threats.

Winsage

August 31, 2025

Windows 10 isn’t cutting it anymore — upgrade your PC with Windows 11 Pro for less than $13

Microsoft has initiated a countdown for Windows 10, indicating an opportunity to upgrade to Windows 11 Pro, which is currently available for .97, down from 9. This offer is time-sensitive. Windows 11 Pro enhances performance on two compatible devices and features a new user interface, productivity tools like snap layouts and advanced voice typing, improved search functionality, and robust security features such as Smart App Control and BitLocker device encryption. It also includes enhancements for gaming with DirectX12 Ultimate and supports remote work with features like remote desktop access and Azure AD. The availability of upgrade codes is limited, urging users to act quickly.

Winsage

August 30, 2025

You Can Get Windows 11 Pro on Sale for A$20 Right Now

Windows 11 Pro is currently available for a reduced price of A, down from A9, as part of StackSocial's Labor Day sale, which ends on September 7 at 11:59 p.m. PT. The software includes features such as Windows Copilot, a redesigned user interface, productivity tools, remote desktop access, TPM 2.0, smart app control, biometric login, BitLocker device encryption, Azure AD, Hyper-V, and Windows Sandbox. The discounted codes can be used to update two PCs that meet the minimum requirements of a processor speed of at least 1GHz, 4GB of RAM, and 40GB of hard disk space.

Winsage

August 28, 2025

Windows Users: Global UpCrypter Phishing Attack is Expanding

Cybersecurity experts have reported a significant increase in phishing emails targeting Microsoft Windows devices, linked to UpCrypter, a loader that installs remote access tools (RATs) for long-term access to compromised systems. These phishing emails often appear as missed voicemails or purchase orders, leading victims to counterfeit websites that prompt them to download a ZIP file containing a JavaScript dropper. This script executes PowerShell commands to connect to attacker-controlled servers, initiating further malware deployment. UpCrypter scans the system for security monitoring and can reboot to disrupt investigations if detected. If not, it downloads additional payloads, including PureHVNC for remote desktop access, DCRat for spying and data theft, and Babylon RAT for complete control over infected devices. Attackers use techniques like steganography, string obfuscation, and in-memory execution to evade detection. This phishing campaign, active since early August 2025, has affected various sectors, including manufacturing, technology, healthcare, construction, and retail/hospitality, with significant activity reported in countries like Austria, Belarus, Canada, Egypt, India, and Pakistan. Detections of this malware have doubled in two weeks, indicating a rapid escalation of the operation. Organizations are urged to implement robust email filtering and train employees to recognize these threats.

Winsage

August 27, 2025

Windows 11 KB5064080 adds Backup app for organizations, fixes File Explorer and SMB share

Windows 11 KB5064080, an optional update for August 2025, is available for devices running Windows 11 23H2. It introduces the OneDrive-based Windows Backup app for organizations, which complements the existing consumer version. Users can download offline installers in .msu format from the Update Catalog. The Windows Backup for Organizations app securely saves user preferences, credentials, and personal files linked to the Microsoft Account, facilitating a seamless setup experience for new PCs. The organizational version may differ from the consumer edition, with administrators controlling the setup process and data storage. The update does not include a Windows 7-like Restore function. Users must manually check for and install the update via the Settings app, as it will not be automatically downloaded. The update also addresses several bugs affecting system applications, including issues with the Copilot key, USB device recognition, SMB share performance, ReFS deduplication and compression conflicts, Remote Desktop camera recognition, File Explorer display errors, and the disappearance of the “Ask to Use” approval prompt. Minor bug fixes related to Narrator and COSA profiles are included, with no major known issues reported.

Winsage

August 23, 2025

Improve your PC’s performance for under $15 with Microsoft’s most advanced operating system

A lifetime license for Microsoft Windows 11 Pro is currently available for .97, down from its regular price of 9. This offer includes advanced security features, performance enhancements, and an AI-powered assistant called Copilot. Windows 11 Pro supports TPM 2.0, BitLocker encryption, and DirectX 12 Ultimate for gaming. Customers receive a digital key and installation instructions upon purchase. The offer is limited and subject to change.