warnings Archives

AppWizard

March 9, 2025

New Android Spyware Warning—Do Not Play This Video

A new malware targeting Android users on Telegram has been discovered, involving videos that conceal malicious code activated upon download. The malware, named EvilLoader, exploits how Telegram processes media files, misclassifying '.htm' files as videos, which allows HTML code to execute in a browser. This malware can lead to credential theft, private data loss, and the installation of banking trojans. It can bypass security measures by redirecting users to their browsers or prompting them to open files as HTML documents, executing malicious JavaScript that sends IP information to attackers. EvilLoader has evolved to check for sandbox environments and generate fake security warnings. Users are advised to update their Telegram app and be cautious with unfamiliar video files. Telegram has stated that the exploit does not indicate a flaw in their platform and has implemented a server-side fix for enhanced protection.

Tech Optimizer

March 6, 2025

All about CCI’s Dismissal of Antitrust Plaint against Microsoft

The Competition Commission of India (CCI) concluded its examination of a complaint against Microsoft regarding the bundling of antivirus software with its Windows operating system. The CCI found that users can choose antivirus solutions beyond Microsoft Defender and that there was no substantial evidence of market foreclosure in the antivirus sector. The complaint alleged that Microsoft forces OEMs to include Microsoft Security Essentials, limiting competition for third-party antivirus vendors. Microsoft has bundled Microsoft Defender with Windows since 2015 and argued that it aligns with industry standards. The CCI determined that Microsoft holds a dominant position in the antivirus software market for Windows OS in India but found no coercion compelling users to use both products together. The CCI also noted that multiple antivirus vendors continue to operate in the market without significant barriers. The case highlighted issues of consumer inertia and the implications of default settings in digital markets, suggesting that pre-installed options may restrict consumer choice.

AppWizard

March 4, 2025

Google’s ‘consent-less’ Android tracking probed by academics

Research by Doug Leith, a professor at Trinity College Dublin, shows that Android users are subjected to advertising cookies and tracking mechanisms that start collecting data before any app is launched, without user consent or the option to opt out. The study identifies systems within Android that send user data to Google via pre-installed apps like Google Play Services and the Google Play Store. One such mechanism is the "DSID" cookie, which is created shortly after logging into a Google account and is used for personalized advertising, lasting two weeks. Another tracker, the Google Android ID, is generated upon first interaction with Google Play Services and continues to transmit data even after the user logs out, with removal only possible through a factory reset. Leith's findings raise concerns about potential violations of data protection laws, particularly regarding the classification of the Android ID as personally identifiable information under GDPR. Google responded to the findings, emphasizing user privacy and compliance with privacy laws, while also stating disagreement with Leith's legal analysis. Additionally, the introduction of the Android System SafetyCore feature, which scans photo libraries for explicit content without user consent, has sparked user discontent, with many reviews criticizing the lack of consent during its installation.

Tech Optimizer

March 2, 2025

5 things you may already be doing that compromise your Windows security

Many individuals compromise their computer security through everyday habits, which cybercriminals exploit, leading to data theft and unauthorized access. Common missteps include: 1. Downloading software from untrusted sources, which can harbor malware. To mitigate this risk, always download from official websites and consider using a sandbox for testing. 2. Using weak or reused passwords, making accounts vulnerable if one site is breached. To enhance security, use a password manager, enable multi-factor authentication, and create unique, complex passwords. 3. Clicking on phishing emails and links, which can lead to credential theft. To defend against phishing, scrutinize emails and links, and visit official websites directly for verification. 4. Disabling or ignoring antivirus and firewall protection, which exposes PCs to risks. Ensure these protections remain active and trustworthy before bypassing any warnings. 5. Ignoring software and OS security updates, which are crucial for addressing vulnerabilities. Regularly installing updates helps maintain security, as neglecting them can leave systems exposed.

AppWizard

February 28, 2025

Pro-ISIS Outlet Warns Against Using Encrypted Messaging App Ciphera

On February 14, 2025, a pro-ISIS Telegram channel warned its followers against using Ciphera Private Messenger, alleging it was created by foreign intelligence agencies to compromise user privacy. The channel claimed that downloading the app could expose sensitive information, enable surveillance through the device's microphone and camera, and urged caution with unfamiliar links or files.