SMS Archives

Winsage

June 18, 2026

Why Microsoft Authenticator ditched multiple-choice logins

The latest update to the Microsoft Authenticator app introduces a new interface requiring users to manually enter a number for device login, moving away from the previous option of tapping one of three choices. Initially rolled out to enterprise and educational users, the update is now extending to personal Microsoft accounts. Some personal device users have already encountered the new prompt, indicating that the rollout is in progress. Microsoft aims to enhance security with this change, which is being deployed gradually to ensure a smooth transition.

Tech Optimizer

June 18, 2026

I tested Norton’s Deepfake Protection — and it finally convinced me my next laptop needs an NPU

The landscape of online security has evolved significantly, with deepfake technology introducing new challenges. Users must be vigilant against both traditional malware and convincing fake images and videos. Antivirus software developers are enhancing their products by integrating cloud-based AI for better threat detection. For users with computers featuring neural processing units (NPUs), local solutions are available, such as Norton’s Deepfake Protection, which analyzes synthetic voices and images to flag potential threats. This feature operates in the background, providing peace of mind during online interactions. Norton 360 includes options for Deepfake Protection, Safe Web, and Safe SMS, but requires sufficient system resources to function effectively. Running this protection on older laptops may hinder performance, making NPUs a worthwhile investment for enhanced security against deepfakes and other online threats.

AppWizard

June 17, 2026

Hundreds of Android banking and crypto apps hit by dangerous new Rokarolla malware

Security researchers at Zimperium have identified a new Android banking trojan named “Rokarolla,” which threatens users of over 200 banking and cryptocurrency applications. It is distributed through spoofed websites, third-party app stores, and social media, but has not been found on the Google Play Store or other official Android repositories. Rokarolla requests extensive permissions, particularly concerning Accessibility services, SMS, calls, and notifications. Its capabilities include accessing WhatsApp contacts, capturing keystrokes, recording the screen, blocking incoming calls, and sending screenshots. Zimperium has not specified which geographical areas may be most vulnerable or the estimated number of potential infections. Users are advised to download applications only from official repositories to reduce the risk of encountering this malware.

AppWizard

June 17, 2026

New Rokarolla Android Trojan Targets 217 Banking and Crypto Apps

Zimperium’s zLabs researchers have analyzed a newly identified Android banking trojan named Rokarolla, which targets 217 distinct banking and cryptocurrency applications. It is distributed through malicious websites that impersonate popular platforms like TikTok and Google Chrome, with one identified distribution point being hxxps://infocontablidades[.]it[.]com/. The malware uses a dropper disguised as Google Play Protect to install a second-stage payload and gain Accessibility Services access, allowing it to simulate user interactions and manipulate on-screen elements. Rokarolla downloads counterfeit HTML login pages for targeted applications and overlays them to capture user credentials, including sensitive card information. It can also deploy a fraudulent PIN entry screen, read and send SMS messages, intercept one-time codes from banks, and block incoming calls. The malware rewrites the clipboard, operates a keylogger and screen content logger, and scrapes WhatsApp contact data. It captures screenshots without alerting users and has a resilient command-and-control infrastructure with multiple fallback domains. No product flaws are exploited, and defenses against it include installing apps only from Google Play and being cautious with Accessibility Services. Zimperium’s Mobile Threat Defense and zDefend products can detect Rokarolla, and a list of indicators of compromise is available on their GitHub repository.

AppWizard

June 16, 2026

New Rokarolla Android malware targets 217 banking, crypto apps

A new Android banking trojan named Rokarolla targets 217 banking and cryptocurrency applications and features 137 commands for malicious activities. It is distributed via deceptive websites posing as legitimate application sources and impersonates Google Play Protect to lure users into installing infected apps. Once installed, it seeks Accessibility service permissions and access to notifications, SMS, and calls. Rokarolla communicates with a command-and-control server, sending device profiles to generate unique identifiers for victims. Its primary goal is to steal financial information by using deceptive login overlays to capture sensitive data and maintain control over the device. The malware employs evasion tactics such as disabling Google Play Protect, hiding its icon, silencing notifications, and keeping the screen awake. It can steal SMS messages, extract contacts, capture keystrokes, record screen content, manipulate clipboard contents, block calls, and take screenshots. Zimperium confirms that Rokarolla is not found on Google Play, and users are advised to avoid downloading APK files from untrusted sources and to be cautious with Accessibility permissions.

AppWizard

June 16, 2026

New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds

Security researchers at Zimperium's zLabs have identified a new Android banking trojan named Rokarolla, which can target 217 banking and cryptocurrency applications and execute 137 remote commands. The malware spreads through deceptive websites that impersonate popular apps, installing a dropper that mimics Google Play Protect to gain Accessibility access. It uses overlay techniques to capture sensitive information by displaying counterfeit login pages and can intercept SMS messages, including one-time codes from banks. Rokarolla also features a keylogger, screen logger, and can rewrite clipboard contents to divert cryptocurrency payments. It employs advanced methods for discreet data capture and has multiple fallback command-and-control domains, making it resilient against takedowns. There is no patch available for this malware, and users are advised to install apps only from Google Play and remain cautious of unexpected Accessibility requests. Zimperium's products can detect this malware, and indicators of compromise are available on their GitHub repository.

Tech Optimizer

June 15, 2026

How to safely stay online while travelling

Traveling exposes individuals to potential cyber threats and scams. To enhance online security during travels, consider the following strategies: - Avoid using public Wi-Fi networks to protect sensitive information; instead, use mobile data or a global eSIM. - Use a Virtual Private Network (VPN) to conceal your IP address while browsing, but be aware of potential access restrictions on some websites. - Invest in a robust antivirus suite for all devices, including laptops and mobile phones. - Secure devices with login passwords and consider adding a password to your SIM card. - Enable two-factor authentication (2FA) for added security on accounts. - Research local scams and cybersecurity threats specific to your destination before traveling. - Keep apps and phone firmware updated to ensure the latest security enhancements.

AppWizard

June 13, 2026

YouTube Brings Back In-App Messaging Feature: Here’s How To Use It

YouTube has reintroduced its messaging feature, allowing users to share videos and engage in conversations directly within the app. This feature is currently available in the United States and select other regions, with plans for a wider rollout, including India. Users must be at least 18 years old to access the feature, which includes an age verification process. To enable it, users can create an invite link within the app to chat with known contacts. The feature is accessible in various countries, including the UK, Germany, France, and others. Users can share any YouTube video, but messages are not end-to-end encrypted and are subject to YouTube's Community Guidelines.

AppWizard

June 8, 2026

NFCShare Android malware spreads via fake banking app updates on GitHub

New variants of the NFCShare Android malware are disguised as fake updates for legitimate banking applications and are targeting customers of various banks in Europe through a phishing campaign to steal sensitive payment card data. The malware prompts victims to place their cards near the NFC chip of their mobile devices, using Android’s IsoDep interface to read card information, including card number, type, expiry date, and a 4-digit PIN. The stolen data is exfiltrated to the attacker’s command-and-control host via a WebSocket channel. Recent attacks began on May 14, with victims directed to a phishing site that impersonates a legitimate bank and then to a GitHub repository hosting a malicious APK file. The repository has hosted 56 unique APKs impersonating banking applications primarily from Italy and Spain. The malware has evolved from initially targeting Deutsche Bank in Germany to a broader range of banks. The latest version features malformed APK packaging to complicate automated analysis. Users are advised to download banking applications only from Google Play and to be cautious of verification requests that ask for NFC card scans.

BetaBeacon

June 3, 2026

Fake GTA 6, real malware: the new scam targeting Windows and Android

Attackers create fake GTA 6 beta scams that install trojans on machines, stealing credentials and mining cryptocurrency. Gamers' anticipation for highly anticipated games makes them vulnerable to these scams. NordVPN's antivirus can intercept these files and protect users from phishing sites impersonating gaming platforms. NordVPN's Premium plan includes VPN and antivirus for .85/month. NordVPN's antivirus works well on Windows and macOS, but is limited on mobile versions. The plan comes with a 30-day money-back guarantee.