theft Archives

AppWizard

August 11, 2025

Fake Android Banking Apps Are Hijacking Devices and Draining Accounts in Malware Campaign

A wave of mobile malware is targeting Android users in India, posing as legitimate banking applications. This malware can fully compromise infected devices, stealing sensitive data, intercepting communications, and conducting unauthorized financial transactions. It typically spreads through deceptive "dropper" apps via phishing messages on platforms like WhatsApp, SMS, or email, often disguised as system updates or official banking apps. The malware requests extensive Android permissions, allowing it to read and send SMS messages and intercept two-factor authentication codes. It operates stealthily, bypassing Android’s battery optimization features, and can manipulate notification content. All captured data is transmitted to attackers, enabling potential financial fraud and identity theft. Users are advised to install apps only from trusted sources, be skeptical of unexpected installation prompts, and review permission requests carefully.

Tech Optimizer

August 9, 2025

No firewalls or antivirus software—this new quantum technology using magnets promises to protect your information at the subatomic level

A team from Kyoto University has developed a light source that emits single photons, enhanced in brightness by a small magnetic field, which can be used for secure quantum communications. This technology relies on the principles of quantum mechanics, making it difficult for eavesdroppers to replicate or measure the quantum states without detection. The researchers used a one-atom-thick semiconductor sheet, WSe₂, creating traps for excitons that emit photons when relaxed. Current limitations include the need for cryogenic temperatures for operation, but advancements in materials may allow for room-temperature single-photon emission. The technology has potential applications in secure communications for sensitive transactions and could evolve into compact modules for practical use. Recent studies have demonstrated successful quantum key distribution (QKD) using true single-photon sources, indicating progress in integrating quantum technology into real-world networking.

AppWizard

August 8, 2025

Net bookings up 17% for Take-Two

Take-Two reported a 17 percent increase in net bookings for the first quarter of its financial year, totaling .42 billion, up from .22 billion the previous year. Recurrent consumer spending also rose by 17 percent, accounting for 83 percent of net bookings. Key titles contributing to this growth include Grand Theft Auto 5, NBA 2K25, Red Dead Redemption 2, and mobile games. The company has adjusted its Fiscal Year 2026 Net Bookings outlook to between .05 billion and .15 billion.

AppWizard

August 8, 2025

Scammers targeting kids and teens Minecraft gamers, security expert warns

Cybersecurity experts have raised concerns about potential threats targeting young players in Minecraft, particularly within its modding community. Mods can enhance gameplay but may also serve as vehicles for malware deployment. The Java Edition of Minecraft, which allows downloads from third-party websites, poses a higher risk compared to the Bedrock Edition, which features a built-in marketplace with safety reviews. Scammers can use mods to install malware that operates like a Trojan horse, potentially leading to the theft of sensitive information, including financial details. Although children may not have sensitive data, they often use shared devices, making cybersecurity education important. Experts recommend parental guidance, antivirus protection, and open discussions about internet safety. Microsoft has emphasized its commitment to player safety, implementing features such as abuse reporting, parental controls, and proactive moderation to create a safer gaming environment.

AppWizard

August 5, 2025

New Android Malware Poses as SBI Card and Axis Bank Apps to Steal Financial Data

McAfee’s Mobile Research Team has identified a malware campaign targeting Android users in India, specifically Hindi speakers. The malware disguises itself as legitimate financial applications from banks like SBI Card, Axis Bank, and IndusInd Bank. It is distributed through phishing websites that mimic official banking portals and uses authentic assets to appear credible. The malware has dual functionality: it exfiltrates personal and financial data and mines Monero cryptocurrency using the XMRig tool, activated remotely via Firebase Cloud Messaging (FCM). It masquerades as a Google Play update, prompting users to install it, which leads to data theft. Upon installation, the malware presents a fake Google Play interface and requests sensitive information, which is sent to a command-and-control server. After data submission, users see a misleading confirmation page. The malware employs a multi-stage dropper to evade detection, with remote activation capabilities that keep it dormant until triggered. Phishing sites promote the malicious APK through SMS, WhatsApp, or social media. McAfee has reported these threats to Google, resulting in the blocking of the associated FCM account. All variants are classified as high-risk, with infections primarily in India but some in other regions. Users are advised to download apps only from Google Play and to be cautious with unsolicited links. Indicators of Compromise (IOCs) include specific APKs for various credit cards and phishing site URLs related to the campaign.

AppWizard

August 4, 2025

Another game store threatened with de-listing, says “no plans to remove any titles” but warns games like GTA at risk

Zoom Platform is facing scrutiny over adult content in gaming, similar to issues experienced by Steam and itch.io. The platform has engaged in discussions with payment processors PayPal and Stripe due to concerns raised by advocacy groups. Iconic games such as Grand Theft Auto, Duke Nukem, and Saints Row are considered potentially at risk of de-listing. In response, Zoom Platform is implementing measures like Two-Factor Authentication and a new wallet system to enhance security and manage funds. The platform aims to support artistic freedom and prevent de-listings, while currently partnering with major payment processors. Grand Theft Auto 2 was recently removed from Steam, but it remains available as abandonware. Zoom Platform offers classic Duke Nukem games, which fans hope will stay accessible.

Tech Optimizer

August 4, 2025

Zero-Day Flaw in PostgreSQL Exploited to Target BeyondTrust Systems

A significant PostgreSQL vulnerability, CVE-2025–1094, was identified during the investigation of another vulnerability, CVE-2024–12356, which was exploited in the BeyondTrust breach in December 2024. The breach involved unauthorized access to BeyondTrust's systems and was linked to the state-sponsored hacking group Silk Typhoon from China. The U.S. Treasury Department confirmed its network was compromised through a stolen BeyondTrust API key. CVE-2025–1094 is an SQL injection vulnerability that allows attackers to execute arbitrary SQL commands due to improper handling of invalid UTF-8 byte sequences. Rapid7 found that CVE-2024–12356's exploitation relied on CVE-2025–1094, and that CVE-2025–1094 could be exploited independently. BeyondTrust issued patches for these vulnerabilities, but the patch for CVE-2024–12356 did not directly address the underlying cause of CVE-2025–1094. The exploitation of these vulnerabilities underscores the need for timely patching and proactive security measures in organizations using PostgreSQL.

AppWizard

August 3, 2025

Rhythm games use a lot of classical music, huh?

Classical music has significantly influenced video game soundtracks, with examples including Philippe Vachey’s incorporation of Johann Strauss and Saint-Saëns, and games like Catherine and Grand Theft Auto 3 featuring classical pieces. The rhythm game Pump it Up Rise includes classical remixes, a hallmark of the series since 1999, with remixes by BanYa such as Take The Devil and Turkey March. BanYa's adaptations, like Winter and Beethoven Virus, showcase a blend of classical and modern elements. Other rhythm games, including Audition Online and Taiko no Tatsujin, also feature classical music. The use of classical compositions in games is partly due to their emotional resonance and copyright advantages, as works by composers like Beethoven and Mozart are in the public domain.

AppWizard

August 3, 2025

The Guild: Europa 1410 announced for PC

The Guild: Europa 1410 allows players to lead a dynasty, starting with a small business and expanding their family's influence while navigating a complex political landscape. Players can choose from various professions, such as blacksmith or alchemist, affecting their business success. The game includes options for engaging in crime, like theft and robbery, or upholding the law. Politics play a crucial role, with opportunities for blackmail to gain power, though such actions carry risks. The game features advanced graphics for an immersive experience, showcasing a realistic historical city that evolves based on player actions. Additionally, it offers multiplayer sessions for up to 12 players, allowing for competition and collaboration in various activities.

Tech Optimizer

August 2, 2025

Gamers at risk as scammers are using malware-infected cheats and mods to steal passwords and crypto — here’s how to stay safe

Recent research from Dr.Web has identified a malware family called Trojan.Scavenger that targets Windows users by disguising itself as game performance boosters or enhancements. This malware exploits vulnerabilities in games like Grand Theft Auto 5 and Oblivion Remastered, typically arriving as modified dynamic libraries with extensions like .ASI. When installed, it can automatically load if the game does not validate its libraries properly. Once activated, it connects to a command-and-control server using encrypted communication and can deploy additional trojans that infiltrate Chromium-based browsers, disrupting their security features and replacing legitimate extensions with malicious ones. This puts applications at risk, including crypto wallets like MetaMask and Phantom, and password managers like Bitwarden and LastPass, as the malware captures sensitive information and sends it to attackers. Exodus wallet is also targeted, with the malware extracting critical JSON entries for private key generation. To mitigate these risks, users are advised to avoid downloading unofficial content from unverified sources, keep antivirus software updated, manage social media interactions carefully, and verify file paths and digital signatures.