wallets Archives

BetaBeacon

March 19, 2026

Best Mobile RPG Games 2026: Quest for Glory in Android RPG Realms And iPhone

The most popular mobile RPG games in 2026 are "Genshin Impact" and "Honkai: Star Rail," which dominate the app store charts and offer deep stories, smooth controls, and regular updates on Android and iPhone.

AppWizard

March 13, 2026

FBI Investigating After Malware Found Lurking in Steam PC Games

The FBI is investigating malware hidden in several video games on the Steam platform, targeting users from May 2024 to January 2026. The investigation includes games like BlockBlasters, Chemia, Dashverse, DashFPS, Lampy, Lunara, PirateFi, and Tokenova, with some previously removed from Steam for malicious content. Steam had over 132 million monthly active users and more than 117,000 games in 2025. The FBI is reaching out to affected gamers, ensuring victim confidentiality and potential eligibility for services under federal and state law. This incident is part of a broader trend of malware targeting gamers, with previous cases involving fan games and cheat software affecting millions of accounts.

TrendTechie

March 12, 2026

Хакер уничтожил крупнейший французский торрент-трекер и обвинил владельцев в хранении данных кредитных карт миллионов пользователей

YggTorrent, a prominent French private torrent tracker launched in 2017, was reportedly destroyed by a hacker known as Gr0lum in early March, leaving 6.6 million users affected. Gr0lum accused the YggTorrent administration of engaging in DDoS attacks against competitors, purging dissenting uploaders, and sabotaging their own API. In 2025, YggTorrent introduced a Turbo subscription model that hampered downloads, leading to user criticism. Following its downfall, YggTorrent has made a tentative return as a countdown website, with the administration denying all allegations and asserting that databases and backups were not destroyed. The French piracy community remains skeptical of these claims.

AppWizard

March 12, 2026

Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets

Cybersecurity researchers have identified six new families of Android malware designed to extract sensitive data and facilitate financial fraud. Notable threats include: - PixRevolution: Targets Brazil's Pix payment platform, activates during Pix transfers, and uses real-time monitoring to intervene in transactions. Victims are tricked into installing malicious apps from counterfeit Google Play Store listings, which enable accessibility services for the malware to capture screens and overlay fake interfaces to reroute funds. - BeatBanker: Spreads through phishing attacks disguised as legitimate Google Play Store pages. It uses an inaudible audio loop for persistence, functions as a banking trojan, and includes a cryptocurrency miner. It creates deceptive overlays for platforms like Binance and Trust Wallet to divert funds and can monitor web browsers and execute remote commands. - TaxiSpy RAT: Exploits accessibility services to gather sensitive information such as SMS messages and call logs, targeting banking and cryptocurrency applications with overlays for credential theft. It employs advanced evasion techniques like native library encryption and real-time remote control. - Mirax: A private malware-as-a-service (MaaS) offering with a subscription model that provides tools for banking overlays and information gathering, including keystrokes and SMS. - Oblivion: Another Android RAT available at a competitive price, featuring capabilities to bypass security measures on various devices. - SURXRAT: Distributed through a Telegram-based MaaS ecosystem, it uses accessibility permissions for persistent control and communicates with a Firebase-based command-and-control infrastructure. Some samples incorporate a large language model component, indicating experimentation with AI by threat actors.

AppWizard

March 2, 2026

12 Free PC Games to Play in March 2026, Thank You Steam

In March 2026, a selection of free PC games includes: - Novel Haven: A management simulation where players transform a lighthouse into a bookshop and engage with villagers. - DJ Bunny: A 2D music-puzzle adventure where players craft tunes to help DJ Bunny perform at a music festival. - Metal Goose: A retro first-person shooter where players battle robotic birds as the MG-1 super soldier. - Vampire’s Fall 2: A 2D RPG where players rise as a vampire amid a civil war between humans and vampires. - Snowbot: A third-person adventure featuring a robot navigating snowy mountains and solving puzzles. - Witch You Want: A game where players create a witch character, engage in potion-making, and explore romance. - Another Day With You: An adventure game filled with mini-games set in a quaint city corner. - Where Winds Meet: A game that launched in November, returning with a free expansion titled Hexi, adding new maps, enemies, and quests. - D1AL-ogue: A cyberpunk game where players repair androids using a circular puzzle mechanic. - Hackinal: A browser-based hacking game with various difficulty levels for cracking passcodes. - Faehnor Online: An MMORPG developed by a solo creator, encouraging exploration with real paper maps. - A Date With Chester 2: A standalone story reflecting on memories while celebrating an anniversary with Chester.

Winsage

March 2, 2026

RAT Malware Via Windows Explorer Puts Crypto at Risk

Cofense Intelligence reported that threat actors are exploiting Windows File Explorer and WebDAV servers to deliver Remote Access Trojans (RATs) to corporate systems, bypassing browser security measures. This method allows attackers to infiltrate machines without using web browsers, taking advantage of File Explorer's ability to connect to remote WebDAV servers. Despite WebDAV being deprecated by Microsoft in November 2023, it is still supported in Windows, creating a vulnerability. The campaigns began in February 2024, with a significant increase in September 2024, and 87% of these campaigns deliver multiple RATs, including XWorm, Async RAT, and DcRAT. Victims typically receive phishing emails disguised as invoices, containing URL or LNK shortcut files that initiate a WebDAV connection. The attacks often utilize Cloudflare Tunnel for hosting malicious WebDAV servers, making the traffic appear legitimate. Notably, 50% of affected campaigns are in German, while 30% are in English. The report emphasizes the risks posed to individuals holding digital assets, as RATs can access sensitive information, including crypto wallet files. Organizations are advised to monitor network traffic for Cloudflare Tunnel instances and educate users about the risks associated with File Explorer's capabilities.

AppWizard

February 25, 2026

Numo Launches Bitcoin Tap-to-Pay App For Merchants

Numo has introduced a tap-to-pay point-of-sale app that allows merchants to accept Bitcoin payments without additional hardware, utilizing the Cashu open-source ecash protocol. The app is available for free as an open-source Android download, with plans for a Google Play Store release. It uses NFC technology for quick transactions, enabling customers to pay via a Cashu wallet interacting with an NFC tag on the merchant's device. Payments are settled in Cashu ecash, which can be automatically transferred to a merchant's Lightning address once a specified balance is reached. Numo also supports Lightning invoices and offers features like inventory management, payment history tracking, offline payment support, and tipping options. The app has no platform fees and is developed under the MIT license, aiming to simplify Bitcoin payments for merchants. Cashu employs blind signatures for privacy-preserving custodial payments and connects independent mints over the Lightning Network.

Tech Optimizer

February 24, 2026

Hackers Are Using Fake Invitations to Take Over Your PC

Cybercriminals are sending counterfeit email invitations that, when clicked, install a backdoor on the victim's computer, allowing hackers full control. The scam often involves downloading a file named “invites.msi,” which is a Windows Installer package. This file can install ScreenConnect, a legitimate remote support tool that can be exploited by attackers to monitor screens, access files, and deploy additional malware. Many security engines fail to flag this software as malicious, making it difficult to detect. If someone suspects they have fallen victim to this scam, they should disconnect from the internet, check for and uninstall any remote management software, run a comprehensive antivirus scan, change passwords for critical accounts, enable two-factor authentication, inform their IT department if applicable, and consider performing a full Windows reset. The scam originated from a compromised email account, which was used to send the malicious link to contacts. Implementing two-factor authentication and using a password manager can help prevent such incidents. Users should be cautious of any email invitations that require downloading and running installer files.

AppWizard

February 22, 2026

Google Blocked 1.75M Policy-Violating Apps From Google Play in 2025

Google successfully prevented the publication of over 1.75 million policy-violating applications in 2025 and banned more than 80,000 developer accounts identified as harmful. The company blocked over 255,000 apps from accessing sensitive user information and prevented 160 million spam ratings and reviews. Google integrated generative AI systems into its review process to enhance detection of malicious patterns. The European Commission is investigating Google's consumer safety practices in the Play Store, particularly regarding financial scams. Independent researchers found 20 Android apps on the Play Store designed to steal cryptocurrency.

Winsage

February 20, 2026

Facebook ads spread fake Windows 11 downloads that steal passwords and crypto wallets

Attackers are using social media advertising, specifically paid Facebook ads, to promote a malware campaign disguised as legitimate Microsoft promotions. They create near-exact replicas of the official Windows 11 download page to lure users into downloading malicious software. The deceptive domains used include ms-25h2-download[.]pro and ms-25h2-update[.]pro. The malware campaign employs geofencing to selectively target victims, redirecting security researchers to benign sites while delivering malware to unsuspecting users. The malicious file, named ms-update32.exe, is hosted on GitHub and mimics the size of a legitimate Windows installer. Once executed, it checks for monitoring tools and, if none are detected, installs an application named "Lunar" that collects sensitive data, including cryptocurrency wallet information. The malware maintains persistence by writing data to the Windows registry and employs various obfuscation techniques to evade detection. The attackers run parallel ad campaigns with different Facebook Pixel IDs to ensure continued operation even if one is suspended. Indicators of compromise include specific file hashes, domains, file system artifacts, and registry keys associated with the malware.