Win32:Allaple was a succesful worm few years ago. There are some instances of the worm in the wild also now, but the first boom was notably higher. The payload is a nice piece of polymorphic code, let’s look how it looks and how it works.

Read more…

Few Avast viruslab guys & developers attended 3rd CARO workshop in Budapest/Hungary. We found a bit of time to make a short visit of the historical center. Here are some pictures caught by my “faithful friend” Canon EOS 400D.

Nowadays the internet is full of hacked websites that redirect browsing users to various malware distribution networks. Website hacking consists basically of adding an iframe, script tag or some more sophisticated javascript to the clean code. These methods are dependent only on the reputation of infected domains. Last week (2009-05-13) we released the detection signatures of one interesting redirector – Its name is JS:Redirector-I [Trj]. The source is a type of Rogue malware which is comonly known to use social engineering to spread. Now we can talk about ’search engine related’ social engineering. The redirector itself doesn’t look particularly sophisticated – simple code is hidden as shown in next image:

Read more…

Welcome to the avast! blog

avast! antivirus represents the range of popular antivirus products developed by ALWIL Software a.s., a technology company based in Prague, Czech Republic. First released back in 1988, avast! antivirus is now protecting more than 80 million users worldwide against the ever increasing threat from computer viruses and other forms of malware. The Home Edition of avast! antivirus can be downloaded and used completely free of charge, while the paid Professional Edition provides additional features to those users and businesses that need them. Here you can find interesting information about avast! and computer security in general, which has been posted by avast! staff. We hope you find it useful.