Telegram channel Archives

AppWizard

February 11, 2026

Telegram is one of the last messaging apps in Russia that the state doesn’t control. Did the Kremlin just block it for good?

Telegram has experienced significant disruptions in Russia over the past two days due to interventions by the federal censorship agency, Roskomnadzor, which aims to “protect” citizens. Reports indicate that Russian authorities have initiated partial restrictions on Telegram, actively slowing the service. Telegram has faced multiple misdemeanor cases for not removing prohibited content, and Roskomnadzor has accused it of not complying with Russian legislation. For two consecutive days, users reported outages, with issues such as media files failing to load and messages not being sent or received. A poll revealed that about 21 percent of respondents experienced problems with the app, while 38 percent noted no issues, and 23 percent used a VPN to remain unaffected by restrictions. Over the past six months, Telegram and WhatsApp have faced numerous limitations from Roskomnadzor, including the blocking of audio and video calls. Reports in January 2026 indicated that Telegram was being deliberately slowed down, linking the restrictions to alleged legal violations. The Kremlin's actions to limit independent messaging platforms coincide with the promotion of Max, a state-controlled alternative, which has struggled to gain a comparable user base. Despite denials of plans to fully ban Telegram or WhatsApp, experts suggest that gradual tightening of restrictions may render these apps effectively unusable. The popularity of Telegram's channels may prevent a complete ban, as government officials continue to rely on the platform for communication.

AppWizard

December 1, 2025

Android malware Albiriox abuses 400+ financial apps in on-device fraud and screen manipulation attacks

A new malware-as-a-service (MaaS) called Albiriox has emerged, targeting banking and cryptocurrency applications, particularly focusing on Austrian users. It is marketed on the dark web and employs deceptive tactics, such as mimicking legitimate businesses and creating fake landing pages and app listings on the Google Play Store. Victims are tricked into providing their phone numbers, leading to the delivery of a malicious APK file via SMS or WhatsApp. This APK acts as a dropper, designed to bypass detection methods and requests permissions under the guise of a “software update” to download the actual malicious payload. Once installed, it can take control of the device or function as an infostealer, extracting sensitive information like phone numbers and passwords, which is sent to a Telegram channel. Cleafy researchers suggest that the Albiriox campaign is linked to Russian cyber actors based on their activities on cybercrime forums and communication style.

AppWizard

October 24, 2025

New Python-Based RAT Disguised as Minecraft App Steals Sensitive User Data

Threat researchers at Netskope have identified a new Remote Access Trojan (RAT) named “Nursultan Client,” disguised as a legitimate application for Minecraft enthusiasts. This malware, developed in Python, uses the Telegram Bot API for command-and-control operations, enabling data exfiltration and persistent access to compromised systems. It was first detected as a 68.5 MB executable compiled with PyInstaller, which is often used for legitimate software but can also bundle malicious scripts. Upon execution, the RAT misleads users with a fake installation progress bar. Its core functionalities operate across Windows, Linux, and macOS platforms, targeting the gaming community through social engineering tactics. The malware contains hardcoded Telegram credentials, allowing attackers to issue commands to infected machines while obscuring their communications. The RAT can execute various commands, including stealing Discord authentication tokens and conducting system reconnaissance. It also offers surveillance capabilities, such as capturing screenshots and webcam images, and has adware functionalities that can open URLs or display pop-up messages. The operation appears to be aimed at lower-tier threat actors, lacking advanced anti-analysis techniques and sophisticated tradecraft. Organizations are advised to monitor encrypted traffic and educate users on software authenticity to mitigate risks.

AppWizard

October 11, 2025

Google blocks Android hack that let Pixel users enable VoLTE anywhere

In October 2025, Google updated its software, rendering the Pixel IMS app inoperative for users of imported Pixel phones in unsupported regions. This app had previously allowed users to enable VoLTE and VoWiFi by bypassing carrier restrictions. The update closed a loophole in Android's telephony framework, classified as a high-severity issue (CVE-2025-48617), leading to crashes when users attempted to toggle these features. While a new workaround exists for enabling VoLTE, it does not support VoWiFi and requires navigating instructions in Chinese. Users needing VoWiFi must either root their devices or wait for Google's official expansion of carrier support.

AppWizard

October 3, 2025

The Must-Have Android Apps for October 2025 (Don’t Miss These!)

The Android ecosystem in October 2025 features a variety of applications designed to enhance convenience, productivity, and creativity. Notable apps include: - Co-Reply: An AI messaging app with context-aware reply suggestions. - Panda: A hands-free navigation tool for multitasking. - Audio Output Switcher: A quick settings tile for switching audio sources. - TMPAD: An app that optimizes older devices for gaming. - Hackne: A ride-hailing price comparison tool for Uber and Lyft. - LTE Cleaner Foss: An open-source app for clearing cache and junk files. - Nora: A social media aggregator for consolidating platforms. - Floating Notes: Customizable sticky notes for reminders. - Shap Key: A battery optimization tool for managing background processes. - Weather Master: A visually appealing weather app with detailed forecasts. - Pixel Play: An offline music player with advanced playback options. - Virtual Shuffle: A tool for randomizing Spotify playlists. - Androidify Update: An AI-enhanced app for creating personalized avatars. - Taii: An AI text editor for refining grammar and generating content. A controversy in the app review community involves accusations of plagiarism against a well-known reviewer, highlighting ethical dilemmas and the need for integrity and collaboration among reviewers. Additional tools mentioned include Network Switch for toggling between 4G and 5G networks and Shizuku Dependency for unlocking advanced app functionalities. The importance of user involvement and support for indie developers is emphasized in fostering a vibrant Android community.

TrendTechie

July 18, 2025

Индийская Torrent Pharmaceuticals привлекла $2.3 млрд в рамках сделки с JB Chemicals

Torrent Pharmaceuticals Ltd. has secured a credit line of .3 billion to acquire a controlling stake in JB Chemicals & Pharmaceuticals Ltd. The credit facility is supported by banks including Barclays Plc, HSBC Holdings Plc, and Standard Chartered Plc, with a maturity period of up to four years. Torrent plans to purchase 53.8% of JB Chemicals from KKR & Co. for approximately .4 billion and has made a mandatory offer for an additional 26% of shares at 1,639 rupees per share. JB Chemicals' market valuation reached .6 billion in 2024, with a 20% increase in stock price. The Indian M&A landscape has seen an 18% increase in activity in 2025, despite an 8% decline in the Asia-Pacific region. JB Chemicals focuses on pharmaceutical products for various disorders and is headquartered in Mumbai, while Torrent Pharmaceuticals is based in Ahmedabad.

AppWizard

July 7, 2025

Malware Surge Hits Android: Adware, Trojans and Crypto Theft Lead Q2 Threats

A concerning trend in mobile security shows that malicious applications and spyware are increasingly targeting Android users. Adware, particularly the Android.HiddenAds family, remains the most prevalent threat, despite a decrease in detections. The Android.MobiDash adware trojans have increased by over 11%. The Android.FakeApp malware, which disguises itself as legitimate applications, has seen a 25% decline in activity, primarily targeting Turkish and French-speaking users. The Android.Banker variant has surged by over 70%, indicating a rise in banking trojans. A large-scale crypto theft operation involved the Android.Clipper.31 trojan embedded in a modified WhatsApp version and low-cost Android firmware, which replaces cryptocurrency wallet addresses. Spyware named Android.Spy.1292.origin targets Russian military personnel through a counterfeit mapping application. Malicious applications continue to be found on Google Play, including adware disguised as cryptocurrency news apps and fake finance applications. The open nature of Android poses ongoing cybersecurity risks, even within official app stores.

AppWizard

April 25, 2025

Russian military personnel on the front lines targeted with new Android spyware

A sophisticated Android malware, identified as Android.Spy.1292.origin, targets Russian military personnel by disguising itself within a modified version of the Alpine Quest mapping application. This malware is designed to steal contacts and monitor locations, evading detection while collecting sensitive data such as the user's mobile phone number, contacts, current date, geolocation, information about files on the device, and the app's version. It is distributed through a dedicated Telegram channel and unofficial Android app repositories. The malware's modular architecture allows for updates that enhance its capabilities, particularly in extracting confidential documents exchanged via Telegram and WhatsApp.

AppWizard

April 24, 2025

Trojanized Alpine Quest app geolocates Russian soldiers

Russian soldiers are facing a digital threat from a modified Android application, Alpine Quest, which has been tampered with to track their locations and extract sensitive information. The malware, known as Android.Spy.1292.origin, was embedded in an older version of the app and distributed as a free upgrade to Alpine Quest Pro via a fraudulent Telegram channel. Once installed, the trojan collects various types of information, including geolocation, downloaded files, phone numbers, and app versions, and can download additional modules to exfiltrate specific files. Additionally, researchers at Kaspersky discovered a backdoor hidden in counterfeit software updates for ViPNet, a secure networking suite. The malware, disguised as msinfo32.exe, connects to a command-and-control server to steal files and deploy more malicious components. On the Ukrainian side, Russian operatives are conducting a phishing campaign targeting Ukrainian officials and allies, using social engineering tactics to hijack Microsoft 365 accounts. Attackers contact victims via messaging apps, invite them to video calls, and trick them into providing OAuth codes, granting access to their accounts.

Tech Optimizer

April 24, 2025

Meet Xata Agent: An Open Source Agent for Proactive PostgreSQL Monitoring, Automated Troubleshooting, and Seamless DevOps Integration

Xata Agent is an open-source AI assistant designed for PostgreSQL database site reliability engineering. It monitors logs and performance metrics to identify issues like slow queries and unusual connection counts, helping to maintain database integrity and performance. The tool automates tasks such as vacuuming and indexing and provides actionable recommendations through diagnostic playbooks and read-only SQL routines. The architecture is built as a Next.js application using TypeScript, organized in a monorepo structure. Developers can set up their environment using Node, install dependencies, and configure a local PostgreSQL instance with Docker Compose. Production deployment involves using Docker images and configuring environment variables in a production file. Key functionalities include proactive monitoring, configuration tuning, performance troubleshooting, safe diagnostics, cloud integration, alerting, LLM flexibility, and playbook customization. Developers can create new tools and integrate them into playbooks for cohesive workflows. Future plans include custom playbooks, support for Model Context Protocol, evaluation harnesses, approval workflows, and a managed cloud edition. The architecture promotes extensibility and community contributions, standardizing incident response and reducing human error in database management.