transactions Archives

AppWizard

March 19, 2026

New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data

Cybersecurity researchers have identified a new family of Android malware called Perseus, designed for device takeovers and financial fraud. It utilizes Accessibility-based remote sessions for real-time monitoring and interaction with infected devices, particularly targeting Turkey and Italy. Perseus monitors user notes to extract personal or financial information and is distributed through dropper applications via phishing websites. It expands on the codebase of previous malware like Phoenix and employs disguises as IPTV services to reduce user suspicion. Once operational, it performs overlay attacks and captures keystrokes to steal credentials from financial applications. The malware allows operators to issue commands through a command-and-control panel, enabling various malicious actions, including capturing note content and initiating remote visual streams. Perseus also conducts environment checks to evade detection and ensure it operates on legitimate devices.

Tech Optimizer

March 18, 2026

Stop! These 5 Antivirus Misconceptions Could Leave You Unprotected

Engaging with a computer exposes it to potential threats like trojans, ransomware, and malware. Antivirus software is essential for protection, but misconceptions exist about its use. 1. Antivirus subscriptions typically expire after a trial period of three to six months, requiring renewal, which can be checked in the software's 'About' section or 'Account' tab. Users should renew or install antivirus software if they haven't done so. 2. Setting antivirus subscriptions to auto-renew is advisable to prevent lapses in protection, with notifications sent before renewal dates. Some providers offer additional benefits with auto-renewal. 3. Disabling antivirus while gaming is risky; instead, users should look for a "game mode" feature that minimizes interruptions. 4. Antivirus alerts should not be dismissed as nuisances; they may contain important information regarding defenses or necessary actions. 5. Antivirus software alone does not ensure complete safety; additional tools like password managers and VPNs are recommended for enhanced security and privacy.

Tech Optimizer

March 17, 2026

How PostgreSQL on Azure helps modernize legacy databases

Microsoft is enhancing PostgreSQL to establish it as a high-performance, scalable, and enterprise-ready open database platform, addressing the limitations of legacy systems like Oracle. Many Oracle customers face rising licensing costs, performance bottlenecks, and scalability issues, prompting them to consider migration. Apollo Hospitals successfully migrated from Oracle to Azure Database for PostgreSQL, achieving a 60% reduction in operational costs and a threefold improvement in system performance. Microsoft has introduced an AI-assisted migration tool to simplify the transition from Oracle to PostgreSQL, automating the conversion of schemas and application code. Azure Database for PostgreSQL offers high performance, scalability, and security, with features like v6-series compute SKUs and SSD v2 storage. Azure HorizonDB, a new cloud-native PostgreSQL service, supports extreme performance demands and is designed for real-time analytics. Microsoft is committed to enhancing PostgreSQL as an open-source database for enterprise workloads, enabling organizations to innovate and become more agile.

AppWizard

March 14, 2026

Africa’s monetisation debate: founders weigh in on mobile, PC, and the realities of game revenue

African founders view the continent's mobile gaming market as facing significant constraints, including challenges related to payments, purchasing power, and infrastructure, rather than being fundamentally broken. Industry leaders like Hugo Obi and Abdallah Elshabrawy highlight that while monetization is a global challenge, it is particularly exacerbated in Africa due to economic realities. Advertising, especially rewarded video ads, is currently the most reliable revenue model, though lower advertising rates necessitate a larger user base for sustainable revenue. Mobile gaming accounts for about 87% of African gamers and 90% of gaming revenue, emphasizing its reach despite higher spending in PC gaming. Founders stress the importance of targeting global audiences and adapting monetization strategies to the diverse payment ecosystems and cultural dynamics across the continent. A hybrid approach to monetization, combining mobile and PC gaming, is seen as a potential future direction for the industry.

AppWizard

March 12, 2026

Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets

Cybersecurity researchers have identified six new families of Android malware designed to extract sensitive data and facilitate financial fraud. Notable threats include: - PixRevolution: Targets Brazil's Pix payment platform, activates during Pix transfers, and uses real-time monitoring to intervene in transactions. Victims are tricked into installing malicious apps from counterfeit Google Play Store listings, which enable accessibility services for the malware to capture screens and overlay fake interfaces to reroute funds. - BeatBanker: Spreads through phishing attacks disguised as legitimate Google Play Store pages. It uses an inaudible audio loop for persistence, functions as a banking trojan, and includes a cryptocurrency miner. It creates deceptive overlays for platforms like Binance and Trust Wallet to divert funds and can monitor web browsers and execute remote commands. - TaxiSpy RAT: Exploits accessibility services to gather sensitive information such as SMS messages and call logs, targeting banking and cryptocurrency applications with overlays for credential theft. It employs advanced evasion techniques like native library encryption and real-time remote control. - Mirax: A private malware-as-a-service (MaaS) offering with a subscription model that provides tools for banking overlays and information gathering, including keystrokes and SMS. - Oblivion: Another Android RAT available at a competitive price, featuring capabilities to bypass security measures on various devices. - SURXRAT: Distributed through a Telegram-based MaaS ecosystem, it uses accessibility permissions for persistent control and communicates with a Firebase-based command-and-control infrastructure. Some samples incorporate a large language model component, indicating experimentation with AI by threat actors.

AppWizard

March 12, 2026

Meta Rolls Out Scam Warnings on Facebook, Messenger, and WhatsApp

Meta is implementing measures to combat scams on its platforms, including Facebook, Messenger, and WhatsApp, by using artificial intelligence and forming enforcement partnerships. Users will receive real-time alerts on Facebook for suspicious friend requests, and Messenger will enhance scam detection by analyzing conversation patterns. WhatsApp will notify users of unusual device-linking attempts to secure accounts. Meta has removed over 159 million scam ads and disabled 10.9 million fraudulent accounts, collaborating with law enforcement to disable more than 150,000 accounts and effect 21 arrests. The company plans to mandate advertiser verification for high-risk categories to reduce fraudulent ads and aims for verified advertisers to account for 90% of ad revenue. The success of these initiatives will be measured by reductions in reported losses and chargebacks.

AppWizard

March 11, 2026

Meta Adds Scam Detection to Facebook, WhatsApp, and Messenger

Meta is introducing new scam detection tools for its platforms—Facebook, WhatsApp, and Messenger—to enhance security. Facebook users will receive alerts for suspicious friend requests, while WhatsApp will issue device-linking warnings to prevent unauthorized access. Advanced algorithms will analyze conversation patterns for signs of fraud, prompting users to report suspicious messages for AI analysis. Users can choose to block or report accounts based on these alerts, ensuring privacy through opt-in sharing of messages. The initiative responds to rising fraud statistics, with the FTC noting significant consumer losses and increased phishing attempts. Key metrics for success will include the interception of suspicious interactions and user engagement with reporting features. Users are advised to maintain skepticism toward unsolicited communications and enable two-step verification for added security.

Tech Optimizer

March 11, 2026

Netflix Automates RDS PostgreSQL to Aurora PostgreSQL Migration Across 400 Production Clusters

Netflix has developed an internal automation platform to migrate Amazon RDS for PostgreSQL databases to Amazon Aurora PostgreSQL, reducing operational risks and downtime for nearly 400 production clusters. The platform allows service teams to perform migrations through a self-service workflow while ensuring processes like replication validation and rollback safeguards are maintained. Database access is managed through a platform-managed layer using Envoy, which standardizes mutual TLS and abstracts database endpoints, enhancing security and efficiency. The migration process starts with creating an Aurora PostgreSQL cluster as a read replica of the source RDS instance, initialized from a storage snapshot and continuously replaying write-ahead log (WAL) records. Validation checks are performed to ensure the replica can handle peak write throughput before cutover. For change data capture workloads, the system coordinates the state of replication slots and pauses CDC consumers to prevent excessive WAL retention. The Enablement Applications team at Netflix successfully migrated databases for device certification and partner billing workflows, addressing issues like elevated replication lag due to inactive logical replication slots. As replication lag decreases, the system enters a controlled quiescence phase, adjusts security rules, and reboots the source RDS instance. Once all transactions are processed and the Aurora replica is ready, it is promoted to a writable cluster, and traffic is rerouted. Rollback capabilities are prioritized, allowing redirection back to the original RDS instance if validation checks fail or anomalies are detected post-promotion. This setup enables seamless restoration without redeployment, and CDC consumers can resume from recorded slot positions if needed.

AppWizard

March 11, 2026

New BeatBanker Android malware poses as Starlink app to hijack devices

A newly identified Android malware called BeatBanker disguises itself as a Starlink application on fake Google Play Store websites. It functions as a banking trojan and includes Monero mining capabilities, allowing it to steal credentials and manipulate cryptocurrency transactions. Researchers at Kaspersky traced BeatBanker to campaigns targeting users in Brazil. The latest version uses the BTMOB RAT for remote access, enabling keylogging, screen recording, camera access, GPS tracking, and credential capture. BeatBanker is distributed as an APK file that decrypts and loads hidden code into memory, conducting environment checks before activation. It presents a fake Play Store update screen to trick users into granting permissions for additional payloads. To avoid detection, it delays malicious operations and plays a nearly inaudible MP3 file to maintain persistent activity. The malware uses a modified version of the XMRig miner to mine Monero on Android devices, connecting to mining pools through encrypted TLS connections. It can start or stop mining based on device conditions and uses Firebase Cloud Messaging to relay device information to its command-and-control server. Currently, BeatBanker infections have only been observed in Brazil, but there are concerns about its potential spread. Users are advised to avoid side-loading APKs from untrusted sources and to review app permissions regularly.

BetaBeacon

March 6, 2026

Google isn’t waiting for a settlement — the 30 percent Android app store fee is dead

Google plans to reduce app store fees in the US, UK, and European Economic Area to 20 percent or less by June 30th.