sensitive data Archives

AppWizard

June 21, 2025

Godfather Android trojan uses virtualization to hijack banking and crypto apps

Zimperium zLabs has identified a new version of the GodFather Android trojan, which uses on-device virtualization to hijack legitimate banking and cryptocurrency applications. This malware creates a sandbox environment on the victim's device to run actual applications while intercepting user input in real time, allowing for complete account takeovers and bypassing security measures. The current campaign primarily targets Turkish banks. The GodFather malware employs ZIP manipulation and obfuscation techniques to evade detection, concealing its payload within the assets folder and using session-based installation methods. It utilizes accessibility services to monitor user input, automatically grant permissions, and exfiltrate data to a command-and-control (C2) server via Base64-encoded URLs. The trojan leverages open-source tools like Virtualapp and Xposed to execute overlay attacks, virtualizing applications within a host container. It scans for specific banking applications, downloads Google Play components into a concealed virtual space, and creates a deceptive environment to execute genuine banking applications. When users access their legitimate banking apps, GodFather redirects them to counterfeit versions within its virtual space, capturing their interactions. The malware employs advanced hooking techniques tailored to banking applications, intercepting network connections and capturing sensitive information. It can also compromise lock screen credentials by displaying fake overlays. GodFather supports a wide range of commands, allowing attackers to simulate gestures, manipulate screen elements, and steal sensitive data while remaining hidden from users and security tools. The malware targets over 484 popular applications, including banking, cryptocurrency, e-commerce, and social media platforms, with a current focus on a dozen Turkish financial institutions. This discovery marks a significant advancement in mobile malware capabilities compared to previous threats.

AppWizard

June 20, 2025

Minecraft players warned of mods stealing passwords & personal data

A recent investigation by Check Point Research has revealed a campaign targeting Minecraft mods that could compromise players' personal information. The campaign, orchestrated by the Stargazers Ghost Network, exploits the modding ecosystem and platforms like GitHub to reach players. Malware disguised as popular scripts or cheats, specifically targeting mods like “Oringo” and “Taunahi,” is crafted in Java and requires the Minecraft runtime to execute. Once installed, these malicious files initiate a multi-stage attack, compromising systems and extracting sensitive data. Check Point Research has been monitoring fraudulent GitHub repositories since March 2025, noting their legitimacy and ability to evade antivirus detection. Potential data breaches include browser logins, cryptocurrency wallets, and private messages on platforms like Discord.

AppWizard

June 19, 2025

Godfather Android malware now uses virtualization to hijack banking apps

A new iteration of the Android malware "Godfather" has emerged, utilizing advanced techniques to create isolated virtual environments on mobile devices for stealthy account data theft and transaction manipulation from legitimate banking applications. It targets over 500 banking, cryptocurrency, and e-commerce applications globally, employing a comprehensive virtual filesystem, virtual Process ID, intent spoofing, and a component called StubActivity. Godfather is delivered as an APK app with an embedded virtualization framework, scanning for installed target applications and launching them within its virtual environment. It intercepts user interactions with genuine banking apps, capturing sensitive data like credentials and PINs while presenting a legitimate interface. The malware can execute commands to unlock devices and initiate transactions while avoiding detection. Godfather first appeared in March 2021 and has evolved significantly since then, with the latest version representing a notable advancement over previous iterations. Users are advised to download apps only from trusted sources and remain cautious about app permissions to protect against this malware.

AppWizard

June 19, 2025

Malicious Minecraft mods distributed by the Stargazers DaaS target Minecraft gamers

Check Point researchers have discovered a malware campaign targeting Minecraft users, utilizing a distribution-as-a-service model called Stargazers. This malware, disguised as cheat tools, employs Java and .NET stealers to compromise player systems. The attackers have been active since March 2025, using GitHub repositories that appear to offer legitimate mods but contain malicious JAR files. The infection process begins with the installation of a compromised JAR file, which triggers a multi-stage attack that extracts sensitive data from Minecraft and Discord, as well as broader information like browser credentials and cryptocurrency wallet details. The malware is linked to Russian-speaking threat actors, and the Stargazers Ghost Network is identified as the distributor. The report highlights the need for caution when downloading third-party content in gaming communities.

Winsage

June 18, 2025

Windows 10 End Nears: Switch to Linux for Security

Microsoft will cease support for Windows 10 on October 14, 2025, affecting an estimated 200 to 400 million devices that will no longer receive updates or patches, exposing them to security vulnerabilities. Transitioning to Windows 11 requires modern hardware specifications, which many older devices lack. Users must decide between investing in new hardware, opting for extended security updates, or switching to alternative operating systems like Linux. The Document Foundation advocates for Linux and LibreOffice as viable alternatives, emphasizing their ability to run on older hardware and providing robust security updates. Linux offers users greater control and transparency, addressing privacy concerns associated with proprietary systems. LibreOffice supports open document formats, ensuring long-term accessibility without vendor constraints. The end of Windows 10 support may prompt significant shifts in the tech industry, encouraging a move towards systems that prioritize sustainability and user rights.

Tech Optimizer

June 17, 2025

Novel Lyrix ransomware sets sights on Windows systems

Freedman HealthCare experienced a significant data breach involving 52.4 GB of sensitive data and 42,204 files, allegedly compromised by the hacking group World Leaks, also known as Hunters International. The group has threatened to release the compromised information by Tuesday morning.

AppWizard

June 17, 2025

WhatsApp to start showing ads in messaging app; launches new monetisation features

WhatsApp plans to introduce advertisements within its messaging app, specifically in the Updates tab, while ensuring that personal chats remain free of commercial content. This decision is part of parent company Meta Platforms' strategy to generate new revenue streams. WhatsApp reassured users that personal messaging, calls, and statuses will remain end-to-end encrypted and not used for ad targeting. This move marks a departure from the original ad-free vision set by WhatsApp's founders. Advertisements will be based on non-sensitive data, such as age, language, location, and interaction with ads. WhatsApp also unveiled three monetization features, emphasizing the importance of monetizing the app as part of Meta's broader strategy to diversify advertising revenue across its platforms.

Winsage

June 14, 2025

You can’t argue with the price when a 95% discount drops Windows 11 Pro to just $10

Windows 11 Pro is available for a limited-time price of , reduced from its original retail value of 9, representing a discount of up to 95%. The Pro version includes features such as Hyper-V Virtualization, BitLocker Drive Encryption, Sandbox, Microsoft Defender Application Guard, and Windows Information Protection. Users also gain access to various AI tools. To acquire the software, one must purchase, download, and activate it with a license key, ensuring hardware compatibility with Windows 11.

Tech Optimizer

June 13, 2025

It’s time to stop believing these lies about antivirus software

The proliferation of social media misinformation, deep fakes, and sophisticated phishing attacks has made online safety challenging. Many individuals hold outdated beliefs about cybersecurity, such as the myth that Macs are immune to viruses and that caution alone can replace antivirus software. Regardless of the operating system, using a robust antivirus program is recommended, as built-in security features are not foolproof. Third-party antivirus software can provide additional functionalities like parental controls and VPN services, but they are not a complete safety net. Users must remain vigilant and practice good cybersecurity hygiene, including regular scans, strong passwords, and recognizing phishing attempts. Modern antivirus programs have become more user-friendly and less resource-intensive. Some malware can operate stealthily, making detection difficult, which emphasizes the need for regular scans and monitoring personal accounts for unusual activity. Antivirus protection should extend to mobile devices as well, as they are also vulnerable to cyber threats. Users should check if their antivirus program covers mobile devices and familiarize themselves with security settings on their smartphones.

Tech Optimizer

June 13, 2025

Microsoft Data Loss Prevention (DLP): Tips to Protect Your Business Following the Latest Outage

Microsoft attributed a recent global outage affecting various digital infrastructures to a "CrowdStrike update," which disrupted multiple applications including OneDrive, OneNote, Outlook, PowerBI, Microsoft Teams, and others. Users experienced issues such as synchronization failures and access difficulties. The incident highlights vulnerabilities in supply chains that organizations rely on for managing sensitive data, which can be targeted by cyber threats. Data Loss Prevention (DLP) is a feature within Microsoft Purview designed to protect sensitive information from unauthorized disclosure. DLP policies can monitor user activity and take protective actions like alerting users about inappropriate sharing, blocking sharing attempts, or relocating data to secure locations. DLP can be applied across various platforms, including Office 365 applications and Windows endpoints. The DLP lifecycle includes planning and deployment phases, where organizations assess data to be monitored and ensure policies do not disrupt workflows. Monitoring and reporting tools provide insights into policy matches and incidents, helping organizations refine their DLP efforts. However, DLP has limitations, including false positives, user resistance, and challenges in detecting data leakages through new communication channels.