SMS Archives

Tech Optimizer

March 16, 2026

How to Avoid Getting Scammed Online in 2026

The Qantas data breach highlights vulnerabilities in online information security. Regularly changing passwords every few months is recommended, and tools like Bitdefender’s Password Manager can help manage complex passwords. Users should be cautious of suspicious links and attachments, as hackers often use phishing tactics. Implementing two-factor authentication (2FA) adds an extra layer of security to accounts. Keeping devices updated is crucial for protecting against vulnerabilities. Investing in reliable antivirus software, such as Bitdefender Antivirus Plus or Bitdefender Ultimate Security, is essential for safeguarding personal data. Staying informed about cybersecurity measures is important to prevent data breaches.

AppWizard

March 12, 2026

Fake Red Alert app used in Android spyware smishing

Acronis' Threat Research Unit has discovered a targeted campaign against Android users involving a counterfeit version of Israel's Red Alert rocket warning app that distributes spyware. The malicious software is spread through SMS messages that appear to be official communications from the Home Front Command, prompting users to download an "update." The fraudulent app mimics the legitimate safety tool, maintaining its rocket alert functionality to avoid detection. Once installed, the spyware collects sensitive data such as SMS messages, contacts, location information, device accounts, and a list of installed applications. This tactic, termed "smishing," combines SMS and phishing techniques. The malware uses sophisticated methods like certificate spoofing and runtime manipulation to bypass Android's signature checks, and it consists of a loader and a secondary component that executes the real alert application while the spyware operates in the background. The spyware monitors user permissions and can harvest SMS messages, contacts, and location data, adjusting its behavior based on the user's geographical position. It sends collected data to a remote command-and-control server, with the exfiltration endpoint identified as ra-backup[.]com. Acronis suggests this campaign may be linked to the group Arid Viper (APT-C-23), known for targeting Israeli interests with trojanized Android applications. Researchers recommend users only download apps from official sources, avoid sideloading packages from SMS links, and review app permissions carefully. They advise checking for the package name com.red.alertx on devices and performing a factory reset if found, along with changing credentials for any accessed accounts.

AppWizard

March 12, 2026

Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets

Cybersecurity researchers have identified six new families of Android malware designed to extract sensitive data and facilitate financial fraud. Notable threats include: - PixRevolution: Targets Brazil's Pix payment platform, activates during Pix transfers, and uses real-time monitoring to intervene in transactions. Victims are tricked into installing malicious apps from counterfeit Google Play Store listings, which enable accessibility services for the malware to capture screens and overlay fake interfaces to reroute funds. - BeatBanker: Spreads through phishing attacks disguised as legitimate Google Play Store pages. It uses an inaudible audio loop for persistence, functions as a banking trojan, and includes a cryptocurrency miner. It creates deceptive overlays for platforms like Binance and Trust Wallet to divert funds and can monitor web browsers and execute remote commands. - TaxiSpy RAT: Exploits accessibility services to gather sensitive information such as SMS messages and call logs, targeting banking and cryptocurrency applications with overlays for credential theft. It employs advanced evasion techniques like native library encryption and real-time remote control. - Mirax: A private malware-as-a-service (MaaS) offering with a subscription model that provides tools for banking overlays and information gathering, including keystrokes and SMS. - Oblivion: Another Android RAT available at a competitive price, featuring capabilities to bypass security measures on various devices. - SURXRAT: Distributed through a Telegram-based MaaS ecosystem, it uses accessibility permissions for persistent control and communicates with a Firebase-based command-and-control infrastructure. Some samples incorporate a large language model component, indicating experimentation with AI by threat actors.

AppWizard

March 11, 2026

Meta Taps AI to Combat Fraud Across WhatsApp and Facebook

Meta has launched a suite of AI-driven tools to combat scams on WhatsApp, Facebook, and Messenger, announced on March 11. These tools include a device linking warning on WhatsApp for suspicious linking requests, alerts on Facebook for dubious friend requests, and expanded scam detection capabilities on Messenger to additional countries. A report indicates that email and social media account for 19% of initial scam interactions, while users on Facebook, Instagram, and WhatsApp faced around 15 billion high-risk scam ads daily, with total exposure, including organic fraud, reaching 22 billion instances.

AppWizard

March 6, 2026

Research company claims spyware posing as Israel’s Red Alert Android app targeting users

Acronis Threat Research Unit (TRU) has uncovered a cyber espionage campaign targeting Israeli civilians through a fake version of the Red Alert app. The attack begins with a deceptive text message claiming to be from Israel's Home Front Command, urging users to download an updated app due to a malfunction. The fraudulent app closely resembles the legitimate Red Alert app but contains malware that collects sensitive personal information, including messages, contacts, location data, and device account details. This data is stored locally and then transmitted to a remote server controlled by the attackers. The hackers use certificate spoofing and other techniques to bypass Android's security measures, making the malicious app appear legitimate. Cybersecurity experts recommend that Israeli users take precautions to protect their personal information.

AppWizard

March 2, 2026

Best Secure and Encrypted Messaging Apps in 2026

Your text messages and calls can be intercepted by hackers, corporations, and government entities, putting your private information at risk. Corporations may use your messages for targeted advertising or sell your data, while hackers may exploit it for identity theft or fraud. Governments may monitor communications under the guise of national security. Secure messaging apps are essential to protect your communications, as many default options expose sensitive information through metadata or lack proper security. Signal is recognized as the most secure messaging app, offering end-to-end encryption, being open-source, and free of charge, though it requires a phone number for registration. Threema allows complete anonymity without data collection but has no free version. Telegram, while popular, has security concerns as not all communications are end-to-end encrypted by default. WhatsApp and Keybase are discouraged due to ownership issues affecting privacy. Characteristics to look for in a secure messaging app include end-to-end encryption, third-party testing, open-source code, self-destructing messages, and minimal user data collection.

AppWizard

February 27, 2026

Android 17 beta 2 brings a new multitasking trick and cross-device handoff

Android 17 Beta 2 is now available for developers, introducing new features and bug fixes, including solutions for spontaneous reboots and interface freezes. Key features include the ability to create floating app bubbles, Cross-device app Handoff for seamless task continuation across devices, a new system-level contact picker for temporary read-only access to contacts, expanded SMS OTP protection, and enhanced local network privacy. The update also includes an EyeDropper API for color requests without needing screen capture permissions. Enrollment in the Android Beta Program is required for Pixel device users to access the update, which is rolling out via OTA, with options for sideloading or manual flashing. The stable release of Android 17 is expected in mid-2026.

AppWizard

February 22, 2026

Google Blocks Millions of Risky Android Apps: Biggest Play Store Cleanup Yet

Google blocked approximately 1.75 million dangerous or policy-violating apps from reaching users in 2025 and shut down over 80,000 developer accounts associated with fraud, malware, and repeated policy violations. Play Protect identified millions of risky apps installed from external sources, and it scans apps in real-time, even after installation. Key reasons for app rejections include malware behavior, financial fraud, misuse of permissions, and deceptive advertisements. The crackdown results in safer app downloads, reduced risk of data theft, improved privacy enforcement, and lower exposure to counterfeit applications.

AppWizard

February 19, 2026

Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users

Cybersecurity researchers have identified a new Android trojan named Massiv, designed for device takeover attacks targeting financial theft. It disguises itself as IPTV applications and poses risks to mobile banking users by allowing operators to remotely control infected devices for fraudulent transactions. The malware was first detected in campaigns targeting users in Portugal and Greece, with features including screen streaming, keylogging, SMS interception, and fake overlays for credential theft. One campaign specifically targeted the gov.pt application to deceive users into providing sensitive information. Massiv can execute various malicious actions, such as altering device settings, sending device information, and downloading malicious files. It is distributed through dropper applications that mimic IPTV services, often via SMS phishing. The malware operates in the background while the dropper appears as a legitimate app. Recent campaigns have focused on regions like Spain, Portugal, France, and Turkey, indicating a growing threat landscape. The operators of Massiv are developing it further, suggesting intentions to offer it as a Malware-as-a-Service.

AppWizard

February 19, 2026

Massiv: When your IPTV app terminates your savings

Massiv is an Android banking Trojan that disguises itself as legitimate applications, primarily targeting users in southern Europe. It is distributed through side-loading and is capable of remote control over infected devices, enabling Device Takeover attacks that can lead to unauthorized banking transactions. Massiv often masquerades as IPTV applications to attract users seeking online television services. The malware employs overlay functionality to create deceptive screens, keylogging to capture sensitive information, and SMS/Push message interception. It can monitor applications on infected devices and present fake overlays to prompt users for sensitive data. Notably, it has targeted the Portuguese government application gov.pt and connects with Chave Móvel Digital, a digital authentication system, to access victims' banking accounts. Once it captures sensitive data, Massiv allows operators remote access to the device using Android’s AccessibilityService, facilitating real-time observation and manipulation of the user interface. It communicates over a WebSocket channel and supports screen streaming and UI-tree modes for enhanced control. Massiv's distribution includes malware droppers that initially do not contain malicious code but open a WebView to an IPTV website while the actual malware operates in the background. This tactic has increased in recent months, particularly in Spain, Portugal, France, and Turkey. Indicators of compromise include specific SHA-256 hashes and package names associated with the malware. The bot commands allow operators to perform various actions on the infected device, such as clicking coordinates, installing APKs, and showing overlays.