Russia Archives

AppWizard

August 14, 2025

Officials in North Ossetia ordered to use Russian Max messaging app

Officials in North Ossetia are required to use the Russian messaging app Max for all official communications, as mandated by Daniil Gakhov, head of the region's Digital Development Committee. This directive is part of a federal initiative promoting 'digital sovereignty' in Russia and follows restrictions on platforms like Telegram and WhatsApp. A working group has been formed under regional head Sergei Menyailo to facilitate Max's integration into government operations, with communications to foreign services restricted to this domestic app due to national security concerns. President Vladimir Putin has called for increased use of Max within government frameworks. A new law aims to streamline domestic digital services and create a unified national information exchange service. Users have reported disruptions in established platforms, with selective blocking being tested by telecom operators. The introduction of Max has raised skepticism, especially regarding user data access by state authorities. Meanwhile, residents of Ingushetia are experiencing mobile data outages affecting essential services.

AppWizard

August 14, 2025

Russia curbs WhatsApp, Telegram calls to ‘combat criminals’

Russia's communications watchdog, Roskomnadzor, announced restrictions on calls made through WhatsApp and Telegram to combat criminal activities. The agency claims these messaging apps have become primary channels for fraud, extortion, and recruitment for subversive actions. Russian security services allege that Ukraine uses Telegram for recruitment and sabotage. The government seeks greater control over user data for investigations into fraud and terrorism. Restrictions will be lifted once the platforms comply with local legislation. Telegram stated it actively prevents misuse of its platform, while WhatsApp expressed concerns over the implications of these restrictions on user privacy and security.

AppWizard

August 13, 2025

Russia restricts calls via WhatsApp and Telegram, the latest step to control the internet

Russian authorities have announced partial restrictions on calls made through Telegram and WhatsApp, citing concerns about crime and misuse of these platforms. Roskomnadzor claims these messaging services are used for deception, extortion, and terrorist activities. The government has expressed frustration over the lack of cooperation from the platform owners regarding countermeasures. Recent reports indicate users are experiencing difficulties with calls on these applications. WhatsApp had over 96 million monthly users and Telegram had more than 89 million in Russia as of July. In Crimea, cellphone internet shutdowns may last indefinitely, and a new law penalizes users for accessing illicit content. A new national messaging app, MAX, is being developed by VK, a Russian company. Access to calls via WhatsApp and Telegram could be restored if the platforms comply with Russian laws, but current restrictions only apply to audio calls.

TrendTechie

August 8, 2025

Троян Efimer крадет криптовалюту через торренты и сайты на WordPress

A new Trojan named Efimer has been identified, which can alter cryptocurrency wallet addresses in the clipboard, redirecting funds to cybercriminals. Efimer spreads primarily through compromised WordPress sites and phishing emails. Once installed, it can disable Windows Defender, install a Tor client, and capture seed phrases and wallet addresses. It targets Windows users globally, particularly those in Brazil, Russia, India, Spain, Germany, and Italy. The Trojan primarily targets wallets holding Bitcoin, Ethereum, Monero, Tron, and Solana, but may expand to other cryptocurrencies. To protect against Efimer, users are advised to use reliable security solutions, create strong passwords, enable two-factor authentication, avoid downloading files from unverified sources, and not store seed phrases in plain text.

Tech Optimizer

August 7, 2025

Hackers Use Legitimate Drivers to Kill Antivirus Processes and Lower The System’s Defenses

Attackers have been using the ThrottleStop.sys driver to disable antivirus software in compromised networks since October 2024. This driver, designed for CPU throttling, allows malware to gain kernel-level memory access and terminate security processes. Initial access is typically gained through stolen RDP credentials or brute-forced administrative accounts, enabling the deployment of the AV killer alongside ransomware like MedusaLocker. Once inside, attackers extract additional user credentials using tools like Mimikatz and move laterally with Pass-the-Hash techniques. They upload two key components, ThrottleBlood.sys (the renamed driver) and All.exe (the AV killer), to user directories. The malware effectively disables Windows Defender and other endpoint protections, leading to severe data encryption in industries with exposed RDP endpoints, particularly affecting victims in Brazil, Ukraine, Kazakhstan, Belarus, and Russia. Securelist analysts noted that traditional self-defense features in Kaspersky products can counter this AV killer, but many organizations still rely on less effective solutions. The malware exploits two vulnerable IOCTL functions in the ThrottleStop.sys driver, allowing arbitrary memory reads and writes. It uses a loop to match and terminate antivirus processes by invoking kernel functions. The malware avoids detection by restoring original kernel bytes after execution. This situation highlights the need for improved driver integrity monitoring and robust security strategies.

AppWizard

August 6, 2025

Russia mandates use of new state-controlled messaging app

The Kremlin is launching Max, a state-controlled messaging application for government officials, with a full implementation deadline of September 2025. Developed by VK Company, Max integrates various government services and financial transactions, raising privacy concerns. The Russian government plans to phase out foreign apps like WhatsApp, which currently has a 70% user base. Max will be pre-installed on all new devices sold in Russia starting September 2025. As of July 2025, over 2 million users have registered on the app, which has been labeled a "digital gulag" by cybersecurity experts due to its potential for state-sponsored surveillance. Human rights organizations are concerned about its impact on digital freedoms amid increasing government suppression of dissent.

TrendTechie

August 3, 2025

Главное за 3 августа ⟩ Заблокирован популярный торрент-трекер, черный день на дорогах и роскошная яхта в Риге

The National Council for Electronic Media (NEPLP) blocked access to the Russian torrent site kinozal.tv. The cruise yacht Ilma made its inaugural visit to the Port of Riga on August 2. A traffic accident resulted in two fatalities. A Riga resident, Lana, faced discomfort during her hotel stay in Ventspils and received a request from hotel management to stop public commentary after her negative review. The Prosecutor's Office charged a man with sexual assault against minors at a closed children's home in Kurzeme. Ukraine's anti-corruption agencies uncovered a corruption scheme involving a Rada member and military administration heads. Kremlin propagandists claimed Ukraine is a pawn in a larger conflict. A two-year-old girl died in an accident at the Aquagan water park in Croatia. Former President Trump announced the deployment of two nuclear submarines. The Krašennikov volcano erupted for the first time in recorded history without affecting populated areas. The Summer Sound festival in Liepāja is the largest beach festival in the Baltic region. Travelers faced flight cancellations from airBaltic. RUS TVNET covers celebrity gossip and relationship dynamics, particularly regarding narcissistic behavior.

TrendTechie

August 3, 2025

NEPLP заблокировал доступ к одному из самых популярных российских торрент-трекеров

The National Electronic Media Council (NEPLP) has restricted access to the Russian torrent tracker kinozal.tv and added it to its list of restricted domains, along with ThePirateBay.org. This action follows a previous decision in late July to block access to ten websites that disseminate Russian propaganda, which were deemed to contradict Latvia's national security interests. These websites were reported to promote biased information regarding the war in Ukraine and could negatively impact Latvian society and its support for Ukraine. Additionally, two specific websites were identified as platforms for recruiting Russian servicemen for military operations in Ukraine.

Tech Optimizer

August 1, 2025

Microsoft says Russian hackers are planting fake antivirus software in embassy attacks

Recent findings from Microsoft Threat Intelligence indicate that Russian state hackers are targeting foreign embassies in Moscow using a sophisticated malware called ApolloShadow, which disguises itself as Kaspersky antivirus software. This malware installs a TLS root certificate, allowing hackers to impersonate trusted websites accessed by compromised systems within the embassies. The attacks are categorized as adversary-in-the-middle (AiTM) attacks, enabling hackers to intercept and manipulate communications. The group behind these attacks, known as Secret Blizzard, has a history of targeting Ukrainian military technology and has now expanded its operations to conduct cyber espionage within Russia. Diplomats using local ISPs or telecommunications services in Russia are considered likely targets for these activities, which may utilize Russia's domestic intercept systems like the System for Operative Investigative Activities (SORM).

TrendTechie

July 31, 2025

Torrent Pharma заплатит $1,4 млрд за контрольный пакет акций JB Pharma | Новости

Torrent Pharmaceuticals is acquiring a controlling stake of 46.39% in JB Chemicals and Pharmaceuticals from KKR for ₹119 billion, positioning JB Pharma's market capitalization at ₹256.89 billion. Following this acquisition, Torrent may purchase an additional 26% of shares from minority shareholders and up to 2.8% from JB Pharma employees. This move aims to strengthen Torrent's domestic business and enhance its presence in new therapeutic areas, particularly ophthalmology. JB Chemicals has a strong position in hypertension treatment and operates in Russia and South Africa. Torrent Pharmaceuticals has eight manufacturing facilities, five FDA-approved, and is prominent in cardiology, gastroenterology, and neurology in India, with a research and development center employing over 750 scientists.