surveillance Archives

AppWizard

June 23, 2026

Telegram’s ad business: How the messaging app makes money

Telegram has established an advertising model that focuses on monetizing public channels, selling ads based on channel topics rather than user identity. Revenue generated from ads is split evenly between Telegram and the channel owner, with no data-mining or behavioral targeting involved. The primary ad format is Sponsored Messages, which appear in public channels with at least 1,000 subscribers and consist of a text block and optional call-to-action button. Advertisers can purchase these ads through a self-serve portal without demographic targeting, ensuring no personal data is used for placements. Public channels are treated as independent units, with 50% of ad revenue going to channel owners, paid in Toncoin. Telegram's ad system has become more accessible by lowering minimum spend requirements. In addition to Sponsored Messages, Telegram is developing Mini Apps funded by its in-app currency, Stars. Regulatory scrutiny has increased, with various countries imposing bans or restrictions on Telegram for reasons related to content moderation and compliance, such as a temporary ban in India in June 2026 due to exam fraud investigations.

Tech Optimizer

June 22, 2026

Your Mac isn’t immune to viruses & surveillance tools, Intego One is here to help

Intego One is an antivirus solution for Macs that integrates four security tools into one package and is currently offered at a 50% discount. It includes an antivirus feature providing real-time protection, a firewall to prevent unwanted intrusions, and SmartClean for decluttering storage. The Complete Tier adds a VPN for secure browsing. Intego One is compatible with macOS 12 Monterey and later, requiring at least 8GB of RAM and 2GB of storage. It is available in three subscription tiers: Essential, Advanced, and Complete, with varying features and pricing based on the number of devices and plan duration.

AppWizard

June 22, 2026

Free Software Foundation Europe pushes EU to force Google to allow AI uninstalls on Android

The Free Software Foundation Europe (FSFE) has raised concerns with the European Commission regarding AI features in Android devices, specifically that Google installs AI models without user consent and that these models can automatically reinstall after being deleted, violating the Digital Markets Act (DMA). The FSFE advocates for users to fully uninstall pre-loaded AI components without silent reinstallation and for access to interoperability features to be independent of registration with Google. Google plans to implement an Android Developer Certification by September 2026, requiring developers to register with the company to publish apps on certified devices, which has raised concerns for Free Software developers and those in regions where revealing identity could lead to surveillance. The FSFE warns that unchanged draft measures could allow Google to enforce identity verification for developers, contradicting the DMA's intent.

AppWizard

June 17, 2026

New Rokarolla Android Trojan Targets 217 Banking and Crypto Apps

Zimperium’s zLabs researchers have analyzed a newly identified Android banking trojan named Rokarolla, which targets 217 distinct banking and cryptocurrency applications. It is distributed through malicious websites that impersonate popular platforms like TikTok and Google Chrome, with one identified distribution point being hxxps://infocontablidades[.]it[.]com/. The malware uses a dropper disguised as Google Play Protect to install a second-stage payload and gain Accessibility Services access, allowing it to simulate user interactions and manipulate on-screen elements. Rokarolla downloads counterfeit HTML login pages for targeted applications and overlays them to capture user credentials, including sensitive card information. It can also deploy a fraudulent PIN entry screen, read and send SMS messages, intercept one-time codes from banks, and block incoming calls. The malware rewrites the clipboard, operates a keylogger and screen content logger, and scrapes WhatsApp contact data. It captures screenshots without alerting users and has a resilient command-and-control infrastructure with multiple fallback domains. No product flaws are exploited, and defenses against it include installing apps only from Google Play and being cautious with Accessibility Services. Zimperium’s Mobile Threat Defense and zDefend products can detect Rokarolla, and a list of indicators of compromise is available on their GitHub repository.

AppWizard

June 16, 2026

New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds

Security researchers at Zimperium's zLabs have identified a new Android banking trojan named Rokarolla, which can target 217 banking and cryptocurrency applications and execute 137 remote commands. The malware spreads through deceptive websites that impersonate popular apps, installing a dropper that mimics Google Play Protect to gain Accessibility access. It uses overlay techniques to capture sensitive information by displaying counterfeit login pages and can intercept SMS messages, including one-time codes from banks. Rokarolla also features a keylogger, screen logger, and can rewrite clipboard contents to divert cryptocurrency payments. It employs advanced methods for discreet data capture and has multiple fallback command-and-control domains, making it resilient against takedowns. There is no patch available for this malware, and users are advised to install apps only from Google Play and remain cautious of unexpected Accessibility requests. Zimperium's products can detect this malware, and indicators of compromise are available on their GitHub repository.

Winsage

June 16, 2026

Microsoft Teams will auto-detect when you’re at the office via Wi-Fi, roll out confirmed, but you can opt-out

Microsoft is rolling out a feature called "Workplace check-in" that allows organizations to track employee presence in the office through Wi-Fi connectivity, integrated with Microsoft Teams and configured via Microsoft Places. This feature, first noted in September 2025, will not be enabled by default. It logs an employee's location when they connect to the company’s Wi-Fi, such as when they arrive at the office. The rollout was delayed due to privacy concerns, but Microsoft is moving forward, ensuring users can control their participation. The feature does not provide real-time tracking like mapping services but indicates presence based on Wi-Fi connection. Users must grant location access through their operating system, and if they decline, IT policies cannot override this choice. Teams’ Workplace check-in is disabled by default and can be activated by IT administrators with two options: Inform mode, which notifies users of the feature and allows opting out, and Ask mode, which requests permission to share location data. Microsoft clarifies that the feature is not intended for surveillance and does not track movements over time. Employees can choose whether their presence is visible to others while on-site. The initial rollout is tied to organizations using the Microsoft Places directory, and as organizations set up the feature, more users will likely be affected. Additionally, Microsoft is enhancing Teams with improvements for speed and a new user interface for meetings.

Winsage

June 15, 2026

Microsoft’s controversial Wi‑Fi tracking in Teams is back — but this time with better privacy controls

A feature within Microsoft Teams, initially perceived as a surveillance tool for tracking employees' locations via Wi-Fi, has been officially launched after delays from mid-March to April 2026. Microsoft clarified that the feature, now rebranded from Automatic Update of Work Location to Workplace Check-In via Wi-Fi, is intended to enhance collaboration and facilitate employee coordination rather than serve as a monitoring mechanism. The feature will also be integrated into Microsoft Places later this year.

AppWizard

June 7, 2026

‘Tactical radio action’ game Burn-9 announced for PC

14 Hours Productions is developing a political spy thriller game titled Burn-9, set to launch for PC on Steam, GOG, and the Humble Store in 2026. Players take on the role of an unseen operator assisting the last survivor of a black-ops team in a chaotic mission. A demo is currently available. The game involves navigating espionage and making pivotal choices based on gathered intelligence while using advanced surveillance systems. Players can disable security measures and extract sensitive information, facing moral complexities and ethical dilemmas throughout the mission.

AppWizard

June 7, 2026

Apple removed the Russian messenger Max and deprived 20 million users of access

Russian officials and propaganda outlets have expressed discontent with Apple's decision to remove the state-sponsored messenger app, Max, from its App Store without prior notice. Apple cited compliance with sanctions legislation as the reason for its action, leading to backlash in Russia where the company is labeled as "enemies." The Max messenger, developed in Russia, is used for disseminating propaganda and maintaining control over internet access, and its removal has made it inaccessible to over 20 million users in Russia, reducing the effectiveness of state-sponsored propaganda. The Russian government is attempting to create a "digital iron curtain" for surveillance and internet restriction, while propaganda narratives portray the country as technologically advanced, despite reliance on foreign companies. Russia has become a global leader in the number of app removals from the App Store, and reports indicate that schools in occupied territories are being forced to use the Max messenger for communication.

TrendTechie

June 6, 2026

The Pirate Bay остается жизнеспособным спустя 20 лет после рейда на платформу

The Pirate Bay was raided by Swedish police on May 31, 2006, resulting in the seizure of servers as part of a criminal investigation influenced by the U.S. government. Co-founders Gottfrid Svartholm and Fredrik Neij anticipated the raid and took steps to protect the site, with Fredrik creating a backup that allowed The Pirate Bay to be restored within three days. Following the raid, the site was temporarily rebranded as "Police Bay," gaining media attention and public support. The raid led to criminal prosecutions against the founders, while control of the site shifted to a more anonymous group. A second raid occurred in 2014, but The Pirate Bay managed to return online. In 2021, co-founder Peter Sunde claimed that only the site's administrators could shut it down, indicating its resilience and potential future expansion into the dark web.