Russia Archives

Tech Optimizer

May 8, 2025

This Is a Mac-Only Antivirus Software, And It Is Your Ultimate Shield Against Hackers (Now 60% Off)

Cyberattacks are increasingly common due to psychological warfare among global powers. Macs are vulnerable to these attacks, necessitating effective antivirus solutions. Intego is the only antivirus software developed specifically for macOS, offering two packages: Mac Internet Security and Mac Premium Bundle. The Mac Internet Security suite includes real-time antivirus protection, a customizable firewall, and anti-phishing features, priced at .99 for one Mac or .99 for three Macs during the first year. The Mac Premium Bundle adds features like system cleanup, parental management, and automated backups, starting at .99 for one Mac or .99 for three Macs in the first year. Intego is designed specifically for Apple computers, providing lightweight, effective protection with minimal impact on system performance. It has a perfect malware detection score and offers a 30-day money-back guarantee. Users can also add a VPN subscription as Intego is associated with CyberGhost and ExpressVPN.

AppWizard

May 2, 2025

This ‘narrative simulator’ about a delivery driver in deeply rural Russia is giving me serious Mudrunner meets Disco Elysium vibes

The upcoming game Zarya is a narrative simulator set in a rural post-Soviet backdrop, where players control Vasily, who navigates life while helping friends. Although available on Steam for over a year, it gained attention with a new gameplay trailer. Players will drive Soviet-era vehicles and engage in activities like grilling, fishing, and shopping. The game emphasizes storytelling, allowing players to assist villagers, transport harvests, and experience authentic post-Soviet life. Interested players can sign up for a playtest on Steam, but as of September 2024, no invites have been sent out yet.

AppWizard

April 30, 2025

AI Inside the Messenger: How Gem Space Helps with Everyday Tasks

Gem Space is a multifunctional super app that integrates messaging, news feeds, AI tools, and various features to enhance productivity. It allows users to manage tasks from a single platform, utilizing AI for tasks like drafting emails, translating messages in real-time, and transcribing voice messages. Users can create content quickly within the app and receive curated news tailored to their interests. Additionally, it offers gift suggestions through its built-in AI and is testing a marketplace for delivery across Russia. The app aims to simplify daily tasks and improve work-life balance.

AppWizard

April 29, 2025

Russian government seizes Lesta Studio assets

The Russian government has taken control of Lesta Studio's assets, which manages Wargaming's interests in Russia, due to allegations of extremist activities involving Wargaming's CEO, Victor Kislyi, and Lesta Studio's head, Malik Khatazhaev. Wargaming exited the Russian and Belarusian markets in April 2022, divesting its local assets to Lesta Studio at zero cost and on a debt-free basis, and currently holds no assets or business interests in those countries.

TrendTechie

April 29, 2025

Новые версии открытых Torrent-клиентов

Two open-source torrent clients, Deluge and qBittorrent, have released updated versions. Deluge 2.2 features a cross-platform BitTorrent client developed in Python, utilizing the libtorrent library and Twisted framework. It offers multiple interface options, operates on a client-server model, and supports modern torrenting capabilities such as DHT, UPnP, NAT-PMP, traffic encryption, and proxy connections. The new version includes support for the BitTorrent v2 format, enhancing hash calculations and improving file integrity with SHA2-256 and Merkle hash trees. The minimum required Python version is now 3.7. qBittorrent, developed in C++ using the Qt library, is compatible with Windows, Linux, and macOS. It allows users to search for torrents, manage downloads, set priorities, and configure network settings. The latest version introduces enhancements like drag-and-drop functionality, improved random number generation, and upgraded search capabilities, along with significant improvements to the web interface.

AppWizard

April 25, 2025

Russian military personnel on the front lines targeted with new Android spyware

A sophisticated Android malware, identified as Android.Spy.1292.origin, targets Russian military personnel by disguising itself within a modified version of the Alpine Quest mapping application. This malware is designed to steal contacts and monitor locations, evading detection while collecting sensitive data such as the user's mobile phone number, contacts, current date, geolocation, information about files on the device, and the app's version. It is distributed through a dedicated Telegram channel and unofficial Android app repositories. The malware's modular architecture allows for updates that enhance its capabilities, particularly in extracting confidential documents exchanged via Telegram and WhatsApp.

AppWizard

April 24, 2025

Trojanized Alpine Quest app geolocates Russian soldiers

Russian soldiers are facing a digital threat from a modified Android application, Alpine Quest, which has been tampered with to track their locations and extract sensitive information. The malware, known as Android.Spy.1292.origin, was embedded in an older version of the app and distributed as a free upgrade to Alpine Quest Pro via a fraudulent Telegram channel. Once installed, the trojan collects various types of information, including geolocation, downloaded files, phone numbers, and app versions, and can download additional modules to exfiltrate specific files. Additionally, researchers at Kaspersky discovered a backdoor hidden in counterfeit software updates for ViPNet, a secure networking suite. The malware, disguised as msinfo32.exe, connects to a command-and-control server to steal files and deploy more malicious components. On the Ukrainian side, Russian operatives are conducting a phishing campaign targeting Ukrainian officials and allies, using social engineering tactics to hijack Microsoft 365 accounts. Attackers contact victims via messaging apps, invite them to video calls, and trick them into providing OAuth codes, granting access to their accounts.

AppWizard

April 23, 2025

Fake Alpine Quest Mapping App Spotted Spying on Russian Military

A malicious variant of the Alpine Quest navigation app has been identified, specifically targeting Russian military Android devices. Security experts from Doctor Web discovered that this modified app contains the Android.Spy.1292.origin spyware, which collects sensitive information and executes remote commands. The spyware is distributed as a free download through a deceptive Telegram channel, marketed as a premium version of the legitimate app. Upon installation, it transmits data such as the user's phone number, account details, contact list, geolocation data, and stored files to a remote server. It also communicates with a Telegram bot controlled by the attackers, providing updated location information. The spyware can download additional modules to extract specific content, particularly documents from messaging platforms like Telegram and WhatsApp. It searches for a file named locLog generated by Alpine Quest, which records user movements. Doctor Web advises against downloading apps from unofficial sources and warns that malicious applications can bypass review processes on official app stores. The identity of the group behind this campaign is unknown, but there are previous associations with Ukrainian hacktivist factions targeting Russian military personnel.

TrendTechie

April 18, 2025

Прекратил работу главный торрент-трекер России. Причины неизвестны. Опрос

As of 11:00 PM on April 15, 2025, Rutracker has resumed operations after a significant outage that began around 5:00 PM Moscow time the same day. Users from major Russian cities reported difficulties accessing the site, which has been permanently blocked in Russia since 2016. During the outage, users encountered a "Web Server Down" message due to a 521 error from Cloudflare, indicating a connection termination. The access issues appeared to affect only Russian users, as individuals in Italy and Kazakhstan could still access Rutracker. This incident marks the third occurrence in six months raising concerns about the future of popular web resources among Russians. Rutracker had previously announced its own anti-Russian sanctions in March 2022 but continued to be accessible to Russian users until this outage. In January 2023, Rutracker experienced another outage lasting nearly a full day. The recent issues have been attributed to hosting problems, although some users reported no access issues during that time.

Winsage

April 17, 2025

Hackers Exploiting NTLM Spoofing Vulnerability in Wild to Compromise Systems

Cybercriminals are exploiting a vulnerability in Windows systems known as CVE-2025-24054, which involves NTLM hash disclosure through spoofing techniques. This flaw allows attackers to leak NTLM hashes, leading to privilege escalation and lateral movement within networks. It is triggered when a user extracts a ZIP archive containing a malicious .library-ms file, causing Windows Explorer to initiate SMB authentication requests that expose NTLMv2-SSP hashes. Exploitation of this vulnerability began shortly after a security patch was released on March 11, 2025, with campaigns targeting government and private institutions in Poland and Romania. These campaigns utilized spear-phishing emails containing malicious ZIP archives, which, when interacted with, leaked NTLM hashes. The malicious files included various types designed to initiate SMB connections to attacker-controlled servers, allowing for pass-the-hash attacks and privilege escalation. The stolen hashes were sent to servers in several countries, indicating potential links to state-sponsored groups. One campaign involved Dropbox links that exploited the vulnerability upon user interaction. Microsoft has recommended immediate patching, enhancing network defenses, user education, network segmentation, and regular security audits to mitigate risks associated with this vulnerability.