Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Archive for May, 2011
May 30th, 2011

How to create a secure password (the not-boring way)

You’ve probably seen applications for generating passwords. For those who have not, this is how the process actually works:

  • application for generating passwords is downloaded
  • user runs the application and presses the “generate” button
  • a string appears that looks something like this: I8kjH9s&ER1()G
  • this string is used as a password for his Mail / Facebook / Twitter / …

And now, the user has two options:

  1. he’ll forget his new password immediately
  2. to ensure that the new password is not forgotten, he’ll write it down on a sticker and put it on the computer monitor. If the user has other computer-generated passwords, he will place this “my email” sticker  on top of the existing stickers.

So what’s the deal? Why am I telling you this? Because in a moment, we’re going to learn how to create secure passwords – and you’ll see that you are going to change passwords more often than you have previously. Because creating passwords can be fun.

Read more…

May 27th, 2011

Friendship and an immortal virus

Yes, an immortal virus seems to exist … at least in comparison to the usual life cycle of malware. While there are lots of malware families with very short half-life, there are only few with a long life. Parite (aka Pinfi) – a real long-playing evergreen – is one of them. Parite will reach the 10-year milestone this October. Gosh! Ten years! Can you remember what your computer looked like ten years ago? Ten years is an eternity in the world of IT. Just try to list what has changed and evolved during this period. There’s the obvious evolution of Windows and antivirus software for starters. But, despite all these changes, Parite is still with us.

Read more…

May 20th, 2011

Mac malware – a short history

There’s a groovy discussion in the world of Apple about the security of Mac OS. I’ve seen this kind of discussion many times and in most cases it had a quite similar scenario. We won’t go through this entire scenario (although it could be fun), we’ll just summarize the core of it with one phrase that pops up in all these debates: “There are no viruses for Mac OS.”

Let’s take a short excursion through the history of Mac infections.

Read more…

May 19th, 2011

Early warning may save your bacon :-)

Another day, another entry in the avast! Virus Lab submission system for reporting false positives:

just another groovy submission?

Processing hundreds of possible false positives each day is usually routine work, but a submission from a live internet link is always interesting and needs more individual attention. The reason is obvious – it can do more harm to potential site visitors than a file on a local system which isn’t linked anywhere. Considering the fact that we detect this bit of malware with two different detection systems (regular detection for Sality along with a heuristic detection) is a clear hint – there’s definitely something fishy here.

Read more…

May 18th, 2011

Phishing email: The friend needing help

An example of a phishing email I received today, which at first glance appeared to be a legitimate email from a friend, except for a Gmail warning at the top:

Read more…

Categories: General Tags: ,
May 17th, 2011

Google-images poisoning stats

I think most of you have probably heard about Google-images poisoning, but what is it?

When a user performs a Google Image search, images from an attacker’s page can be shown at a certain position in the results page. The exploit happens when a user clicks on the image. Google displays an iframe to a legitimate site. The  browser will  then send a request to the page running the attacker’s script. This script checks the referrer and, if it is Google, the script starts new JavaScript. This causes the browser to be redirected to another site that is serving a fake antivirus.

More thorough technical  information about this attack could be found on the Unmask Parasites blog or the ISC site. In this blog, we only tried to focus on the data from the avast! Community IQ database to show how big this attack was, and to look at how many domains are still infected — with their admins either unknowing or not paying much attention to their websites. Read more…

May 13th, 2011

Why we love specifications (not)!

A few days ago we blogged about another trick in PDF parsing. We got there a comment from a person recommending that we read specifications, which we (as AV guys, not pdf-reader-writing guys) usually don’t do to the full extent, because most of the specifications we’ve seen have been misleading at best. Read more…

Categories: analyses, Virus Lab Tags:
May 10th, 2011

5 Questions with Christian Cantoro (Channel Sales Manager)

My first couple times meeting Chris Cantoro, I didn’t know what to think of him but, compared to the Czech personalities I most often work with, I initially thought he was ‘arrogant’. After a few months, however, I had the opportunity to work with him more on various projects,  and I discovered that what I’d initially (mis)perceived about him was actually more of an extroverted confidence. As a ‘foreigner’ myself in Czech lands, I started to suspect that his native Italy was somehow involved. ;-) The more I’ve gotten to know Chris, the more I’ve appreciated the worldly humor and relaxed energy he brings to our work environment. (BTW, the name ‘Cantoro’ means ‘Singer’ in English, and he can sing in five languages.) – Jason Mashak

Christian Cantoro (Channel Sales Manager)

1. The general public is often confused about how AVAST remains stable with a ‘freemium‘ model as our flagship product – can you explain how that works?

Everybody has a PC at home, in most cases more than one. We offer a FREE solution for domestic users as we believe everybody has the right to enjoy Internet and at the same time to be protected. If people are happy with our FREE product, then they will consider it also for their business, and they will buy it. Our key marketing strategy has been that the best way to show people we have the best product… is to offer it for free. Read more…

May 9th, 2011

avast! TEAM in the Prague International Marathon

avast! Running Team (L-R: Martin Zima, Jitka Spackova, Milos Korenko, Kristyna Salatova)

 

According to the Prague International Marathon (PIM) website, “If you like discovering the undiscovered, running alongside a river and meandering through the heart of a medieval capital city, then the Volkswagen Prague Marathon is for you.”

Several AVAST Software team members apparently like those sorts of things enough that they ran 42km in the 2011 Volkswagen Prague Marathon, which began and ended at Prague’s historic Old Town Square on May 8, 2011. Read more…

May 5th, 2011

CARO: Half of all computers running vulnerable versions of Adobe PDF Reader

Half of all avast! users are running an older versions of Adobe Reader on their computers that are vulnerable to a variety of malware attacks.

The avast! Virus Lab found that 49.41% of avast users were using the older Adobe Reader versions as of end-April. The number was also surprisingly stable, dropping by around five percentage points from the early March level of 55.71%.

“The numbers were a surprise to us,” said Jiri Sejtko, head virus analyst. Read more…