wallets Archives

Tech Optimizer

May 23, 2025

Cloudflare, Microsoft & police disrupt global malware service

Cloudflare, in collaboration with Microsoft and international law enforcement, has dismantled the infrastructure of LummaC2, an information-stealing malware service. This initiative led to the seizure and blocking of malicious domains and disrupted digital marketplaces used by criminals. Lumma Stealer operates as a subscription service providing threat actors access to a central panel for customized malware builds and stolen data retrieval. The stolen information includes credentials, cryptocurrency wallets, and sensitive data, posing risks of identity theft and financial fraud. Lumma Stealer was first identified on Russian-language crime forums in early 2023 and has since migrated to Telegram for distribution. Its proliferation is facilitated by social engineering campaigns, including deceptive pop-ups and bundled malware in cracked software. Cloudflare implemented measures to block access to Lumma's command and control servers and collaborated with various authorities to prevent the criminals from regaining control. Mitigation strategies for users include restricting unknown scripts, limiting password storage in browsers, and using reputable endpoint protection tools. The operation has significantly hindered Lumma's operations and aims to undermine the infostealer-as-a-service model contributing to cybercrime.

Winsage

May 22, 2025

Microsoft says Lumma password stealer malware found on 394,000 Windows PCs

Microsoft, in collaboration with law enforcement, has taken legal action against the Lumma malware operation, which has affected over 394,000 Windows PCs globally, particularly in Brazil, Europe, and the United States. A federal court authorized the seizure of 2,300 domains used as command and control servers for Lumma, and the Justice Department confiscated five additional domains related to its infrastructure. Lumma is primarily spread through questionable games or cracked applications and extracts sensitive information such as logins, passwords, credit card details, and cryptocurrency wallets, which is then sold to other cybercriminals. Lumma also facilitates the deployment of additional malware, including ransomware, and has been linked to significant cyberattacks on major tech companies like PowerSchool and Snowflake, resulting in substantial data theft.

Winsage

May 22, 2025

Microsoft says 394,000 Windows computers infected by Lumma malware

Microsoft announced the dismantling of the Lumma Stealer malware project in collaboration with global law enforcement. Over 394,000 Windows computers were identified as infected by Lumma between March 16 and May 16. The malware is known for stealing sensitive information such as passwords and credit card details. Microsoft, with a court order, dismantled the web domains supporting Lumma's infrastructure, while the U.S. Department of Justice took control of its central command structure. More than 1,300 domains were seized or transferred to Microsoft, with 300 acted upon by law enforcement and Europol. Other tech firms like Cloudflare and Lumen assisted in this effort. Since 2022, hackers have been acquiring Lumma through underground forums, and it has been used in phishing campaigns and attacks on various sectors, including gaming, education, and critical infrastructure.

Tech Optimizer

May 21, 2025

Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer

Microsoft has monitored Lumma Stealer, an infostealer malware used by financially motivated threat actors. Lumma Stealer, also known as LummaC2, functions as a malware-as-a-service (MaaS) solution that extracts data from browsers and applications, including cryptocurrency wallets. The entity behind Lumma is identified as Storm-2477, which maintains the malware and its command-and-control (C2) infrastructure. Affiliates can create malware binaries and manage C2 communications through a panel provided by Storm-2477. Ransomware groups have integrated Lumma Stealer into their operations. Lumma Stealer employs various delivery techniques, including phishing emails, malvertising, drive-by downloads, Trojanized applications, and abuse of legitimate services. Specific campaigns have been identified, such as one in April 2025 that used EtherHiding and ClickFix techniques to deliver Lumma Stealer via compromised websites. Another campaign on April 7, 2025, targeted Canadian organizations with emails containing invoice lures that led to malicious downloads. The malware is developed using C++ and ASM, employing advanced obfuscation techniques to evade detection. It can extract a wide range of user data, including browser credentials, cryptocurrency wallet information, and user documents. Lumma Stealer maintains a robust C2 infrastructure with multiple hardcoded and fallback C2 servers, utilizing encryption methods to secure communications. Microsoft's Digital Crimes Unit has disrupted Lumma Stealer's infrastructure by blocking approximately 2,300 malicious domains. Recommendations to mitigate the impact of Lumma Stealer include strengthening Microsoft Defender configurations, implementing multifactor authentication, and utilizing phishing-resistant authentication methods. Microsoft Defender products can detect and block activities associated with Lumma Stealer, providing alerts and insights for incident response.

AppWizard

May 15, 2025

Going contactless? Here’s how to set up Google Wallet on Android

Google Wallet is a digital wallet application for Android users that stores payment cards, boarding passes, loyalty cards, and more in a secure interface. Setting it up involves downloading the app, adding payment cards, and enabling contactless payments, with a smooth transition for existing Google Pay users. The app also allows users to check battery health and manage personal data visibility in Google searches. For Pixel users, it integrates with the Google Pixel 9's Reimagine AI feature for enhanced photo editing.

AppWizard

May 14, 2025

16 Ubisoft Games can be purchased on the Xbox PC Store

Ubisoft and Xbox have announced that 16 popular Ubisoft PC titles are now available for purchase through the Xbox Store, requiring Ubisoft Connect for gameplay. These titles do not support the Play Anywhere feature. The initiative benefits users with Xbox gift card wallets and allows players in regions with Microsoft Rewards to redeem points for purchases. The available titles and their prices are as follows: - Assassin’s Creed Shadows - .99 - Tom Clancy’s The Division 2 - .99 - Far Cry® 6 - .99 - Assassin’s Creed® Odyssey - .99 - Assassin’s Creed Origins - .99 - Far Cry® 5 - .99 - Tom Clancy’s Ghost Recon Wildlands - .99 - Tom Clancy’s Ghost Recon® Breakpoint - .99 - Watch Dogs®2 - .99 - Far Cry New Dawn - .99 - South Park™: The Fractured but Whole™ - .99 - Assassin’s Creed® Valhalla - .99 - Immortals Fenyx Rising™ - .99 - Riders Republic™ - .99 - Watch Dogs®: Legion - .99 - Tom Clancy’s Rainbow Six® Extraction - .99 None of these titles are currently offered at a discounted price.

AppWizard

May 10, 2025

Weekend PC Game Deals: Paradox specials, Xbox and bullet hell bundles, and much more

Humble has released an updated Choice bundle for May, featuring eight titles: The Thaumaturge, Amnesia: The Bunker, Evil West, Shadow Gambit: The Cursed Crew, Eiyuden Chronicle: Hundred Heroes, STAR WARS: Bounty Hunter, Ultros, and Corpse Keeper, available until June 3. Humble has also partnered with Microsoft to offer a bundle with two tiers, including games like Sunset Overdrive and Wasteland 3. Additionally, there is a 9-game collection focused on bullet hell games, priced at . The Epic Games Store is offering Deadtime Defenders and Touch Type Tale for free until May 15. Various discounts are available from publishers like Paradox and the GOG store, featuring DRM-free games. Availability and pricing may vary by region.

AppWizard

May 8, 2025

Zomato on Android: Discover the most useful features

Zomato's Android app features an intuitive interface for browsing restaurant menus, allowing users to easily select items and add them to their cart. The checkout process supports various payment methods, including credit cards and digital wallets, ensuring a quick and tailored experience. Additionally, the app provides real-time order tracking, offering updates on the status of orders from the kitchen to the customer's doorstep.

AppWizard

May 8, 2025

Minecraft Franchise Pixelates on an International Scale

A Minecraft Movie made its theatrical debut last month, achieving a record-breaking release. The franchise has over 200 licensing partners worldwide, expanding its reach through various collaborations that enhance both the film and the gaming experience. Notable U.S. partnerships include Fossil, which launched a collection of luxury accessories; Woobles, offering crochet kits; Crocs, with Minecraft-licensed footwear and Jibbitz; and Home Chef, creating themed meal kits. Internationally, new tabletop games and pinball machines are set to launch in August 2025, along with pet and camping gear in Europe, bedding in Mexico, crafting supplies in Japan, and party essentials in Brazil. Bandai will debut its health and beauty line in Japan in September, with additional rollouts planned. Food and beverage initiatives include offerings from San Carlo in Italy, Marumiya in Japan, Finsbury Foods in the UK and France, and Norco in Australia and New Zealand, as well as new snacks and dairy products across Europe and Brazil. Dairy Farmers of America released Minecraft-inspired vanilla-flavored green milk in March.

AppWizard

May 5, 2025

Google makes it easier to share digital credentials on your Android phone

Android now supports OpenID standards for digital credential presentation and issuance, allowing users to securely store and send cryptographically verifiable digital documents across apps. Google has expanded access to its Digital ID capabilities via the Wallet app for U.K. residents, promoting interoperability among applications managing digital identities. The Android platform now includes native support for OpenID4VP and OpenID4VCI through the Credential Manager's DigitalCredential API, enabling apps to incorporate various digital documents like educational certifications and insurance policies. Users can share credentials securely between devices using CTAP protocols and select appropriate credentials without specifying a digital wallet app. Digital credentials will be usable for account recovery on platforms like Amazon, accessing health services through CVS and MyChart, and verifying identities on services like Uber and Bumble. Samsung Wallet and 1Password will also support the storage of digital credentials, enhancing the ecosystem of digital wallets adhering to OpenID standards.