Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Archive for October, 2012
October 31st, 2012

Double Trouble

Android is one of the fastest growing platforms in the world. In the second quarter of this year there were more than 300 million active Android devices. The increase is almost 900,000 of new devices per day and still rising. These days Android occupies more than 60% of the mobile devices market!  By the way there is around 300,000 newborn children a day all around the world, and this number constantly decreases.

Hand in hand with this trend goes the rise of applications and viruses for this platform. In the past week we noticed one of them that was especially tricky. At first look, it’s trying to act like a regular Google Play application, but that’s just an illusion. It is a fake application which not only downloads other fraudulent application, but it is also able to send premium text messages without user’s knowledge

After the installation it replaces the original Google Play from the menu and just waits for a first start from the user.

Immediately after the first start you are asked to update the program and there your troubles continue “Critical update, install new version, click the continue”.

After this step follows another nasty download from this link shows up:

After the installation of second aplication, your phone turns into a money sucking machine. Without your knowledge it starts sending premium messages on paid numbers. Luckily we caught this threat and Avast! detects both samples as Android:OpFake-BV.

This file is  easily accessible from more than thirty malware pages, which are made to resemble various markets and download pages! But no worries Avast! users are protected even if you accidentally visit these pages.

SHA:

8CA2E64E008BA4FC667809D4DD9FA2CE98F8AF248F1DE7B280636555EF09EF40

DCE5A75092996B4388644B1E56A0F07FCB05F4C069E14AE269075EC2A33DA3FF

October 30th, 2012

Windows 8 considered safer but few desire to buy a new Windows 8 PC

This past weekend, Microsoft splashed TV advertising for it’s new Windows 8 operating system during college football games in the U.S. and on TVs in 42 other countries. Despite the initial thrust, an AP survey of 1,200 adults in the U.S. showed over half hadn’t heard of the new OS, and those that had some knowledge of it showed little interest in buying a new laptop or desktop computer running on Windows 8.

We did our own survey of over 350,000 computer users across seven languages (English, French, German, Portuguese, Italian, Polish, and Czech) before the launch and found that most expect the new Microsoft Windows 8 operating system to be safer, but only 8% of respondents said they will buy a new computer any sooner because of it. Read more…

October 29th, 2012

High potential for Hurricane Sandy internet scams

http://www.weather.com

With Hurricane Sandy bearing down on the northeast United States, the potential is high for cybercrooks to release a wave of scams and malware related to the storm. If the past repeats itself, Facebook postings, tweets, emails, and websites claiming to have exclusive video or pleading for donations for disaster relief efforts will appear shortly after the storm hits. These messages often include malicious code that attempt to infect computers with viruses, spyware, or Trojan horses.

After hurricanes Katrina and Rita hit the Gulf Coast in 2005, the FBI, the Justice Department, and the Federal Trade Commission formed the Hurricane Katrina Fraud Task Force to battle the massive surge of scams that came with it. The American Red Cross reported at least 15 fake websites that were designed to look like legitimate Red Cross appeals for donations to relief efforts. These actually proved to be phishing attacks,  which directed users to a malicious server that collected credit card numbers, PayPal passwords and other personal information.

When donating, make sure you donate directly to reputable charitable organizations. Ask for a physical address and a phone number of the charity – if the charity is authentic, they will willingly give you this information. As always, do not respond to an unsolicited email of any sort.

Comments off
October 25th, 2012

How do I keep avast! updated?

Question of the week: I noticed you announced on Facebook that a brand new avast! program update is available. How do I get it?

Thanks for being our fan on Facebook. Indeed, we announced a new program update this week for avast! Free Antivirus, avast! Pro Antivirus, and avast! Internet Security to version number 7.0.1473. It’s the last program update before version 8 is released at the beginning of 2013. You can get the new version immediately by invoking the Program Update feature from within the avast! user interface. New users can get it by downloading from the avast! website.

Let me explain a little further: By default, avast! updates the engine and virus definitions automatically whenever a new version is available, but the program update is set to ask you first. You can choose to accept program updates automatically, just like the engine and virus definitions, by clicking on “Settings” then “Updates” and checking “Automatic update.”

Here’s what the Current Status of my avast! Internet Security looked like before I updated it. You can see there is a link to update on the right.

Another way to see it is in the Maintenance tab of your program. Click on “Update”, and you can check the current version of both the “Update engine and virus definitions” and the “Program.” You can manually update either by clicking on the green arrow. Normally, clicking on “Update Program” automatically updates both the program and the program engine and virus definitions.

We hope you enjoy the newest version of avast! Antivirus. If you have a question or comment about the new update, please visit our NEW PROGRAM UPDATE 7.0.1473 forum topic.

Categories: General Tags: ,
October 23rd, 2012

New avast! program update [7.0.1473] is here!

Today, we have released a brand new avast! program update, version number 7.0.1473. It’s the last program update we plan to do before version 8 (slated for Q1 2013). I’d like to take this opportunity and explain some of its new features.

First and foremost, the new version is fully compatible with Windows 8 – scheduled to finally hit the stores this Friday. The changes we have made went well beyond just making sure everything works. For example, we had to replace the internals of the Network and Web Shields to accommodate the new networking APIs in Windows 8. Also, we had to make sure avast! plays nicely with the new Windows Security Center and that it correctly handles certain scenarios that are new to Windows 8.

This version of avast! will shortly be officially certified with the Windows 8 Compatible logo, and will be included in the new Windows Store.

Read more…

Categories: Technology Tags:
October 19th, 2012

Is my online identity at risk? Use the Online Identity Risk Calculator to find out!

Question of the Week: I’m a gamer who also banks and shops online. Am I at risk for identity theft?

Your activities online can potentially make you more vulnerable to identity theft. How many times a month do you access your bank account online? How many email addresses do you have? Do you like to try previews of new games? These questions can help you determine your exposure to identity theft.

According to the Federal Trade Commission, it takes people an average of six months and 200 hours to recover from identity theft.

StaySafeOnline, the organization behind National Cyber Security Awareness Month, of which Avast is a proud champion, has an Online Identity Risk Calculator that can help you know if you’re at risk. Players answer some questions to find their personal identity risk score and get practical tips on keeping their online identity protected. Play now!

Cybersecurity begins with STOP. THINK. CONNECT. These three simple steps are the starting point for staying safer and more secure online.

  • STOP: Before you use the Internet, take time to understand the risks and learn how to spot potential problems. An obvious step is to install antivirus protection. For the risk averse, we suggest avast! Internet Security with SafeZone, an isolated environment that keeps your sensitive transactions private.
  • THINK:  Take a moment to be certain the digital path ahead is clear. Watch for warning signs and consider how your online actions could impact your safety or your family’s. 
  • CONNECT:  Enjoy the Internet with greater confidence, knowing you’ve taken the right steps to safeguard yourself and your computer.

Avast Software is proud to be a champion that supports National Cyber Security Awareness Month with news and tips on how, together, we can make a safer digital society.

Comments off
October 18th, 2012

avast! only Free Antivirus to receive “ADVANCED+” award for Performance and Detection

Avast! Free Antivirus won the top rating for malware removal from independent research organization AV-Comparatives last month, and this month is the only antivirus solution that also received the ADVANCED+ award for performance. The latest performance test measured the impact on system resources and speed of 19 antivirus products, and avast! Free Antivirus was the best scoring FREE product again.

AV-Comparatives performance testing is a series of real-world scenarios that includes downloading, extracting, copying, and encoding files, installing and launching applications, in addition to an automated testing suite. The ranking system is three-levels: “Standard,” “Advanced” and “Advanced+” awards. To receive the “Advanced+” award, avast! Free Antivirus was compared to mostly paid-for antivirus suites based on how much impact the product has on system resources, including protection against ‘real-world’ zero-day malware attacks, detection of a representative set of malware discovered in the last 2-3 months, false positive rates, and scanning speed. Avast was the highest scoring free product and out-shined a host of paid-for products and other free products.

These results are proof that it is not necessary to pay for excellent quality antivirus protection.  Avast! Free Antivirus provides award-winning high protection rates against malware without degrading the system performance or troubling users.

Get award-winning antivirus protection on your own PC, download avast! Free Antivirus. We also have award-winning protection for Mac and your Android devices.

October 16th, 2012

Facebook connects with AVAST to protect users

AVAST Software has teamed up with Facebook to help you and your friends stay safe. AVAST is sharing its Virus Lab data with Facebook in the combined attempt to prevent malware being shared unknowingly by Facebook users. Whenever someone clicks a link within Facebook, Facebook checks the URL in the AVAST cloud, in real time. If the URL is infected, the user sees a message warning of the potential threat.

Nearly half of the world’s Internet users log onto Facebook each month to share interesting things, play games, check in to shops and restaurants, tag photos, and most of all, connect with their friends. Facebook’s networks of more than a billion people make it attractive to cybercrooks who try to gain access to our accounts and passwords. Once in, crooks use our connections to spread hoax messages or malicious apps to our friends, attempting to trick them into sending money or sharing personal information. Who among us hasn’t been curious about celebrity death rumors, tempted by free gift cards, or concerned because our friend was mugged and stranded in a foreign country?

“We’ve seen that the most prominent way of spreading malware now is through links to infected websites, rather than the traditional method of emailing infected files,” said AVAST Software CEO Vince Steckler. “Our Virus Lab has tracked about 2 million infected websites just in the last 12 months and the best way to stop these infections is to prevent links to them being shared.”

Over 160 million people use avast! for their PCs, Macs and Android devices, and they work together in a vast network of anonymous security sensors called CommunityIQ. These sensors provide information about possible suspicious files which allow new threats to be detected and neutralized almost as soon as they appear.

“Nothing is more important to us than the safety of our users and their data. Beginning today, Facebook will be able to leverage Avast’s feed of malicious URLs to augment our existing site integrity systems and those in our community will be able to download Avast’s software to better protect themselves and their devices. We look forward to working with Avast to provide an even more secure experience for those who use our service,” said Joe Sullivan, CSO of Facebook.

Categories: General Tags: , , ,
October 15th, 2012

AVAST prepares to celebrate TWO MILLION fans on Facebook

Who will it be?

When Martin Zima of the Avast Marketing team established the avast! Facebook page on December 2nd, 2008, he could not imagine, that nearly four years later this page would have two million fans! That’s a 2 with six zeros – 2,000,000. None of us could imagine it. And now, we are waiting in anticipation to welcome our 2 millionth Facebook fan.

Who will it be?

Let me give you the bigger picture: avast! antivirus is a Czech product; AVAST Software has it’s HQ in Prague; Prague has less than 1.3 million inhabitants, and the entire Czech Republic struggles to reach 11,000,000 people. Having a Facebook page with 2,000,000 fans is an outstanding result, and we can say that we are likely the biggest Czech-founded page in the world.

This however is not our success alone, but YOURS too. Without your LIKES, we wouldn’t be getting ready for this celebration. Therefore we are preparing some nice surprises for you. Every celebration however requires some preparation. :)  This “for play” can sometimes be even more enjoyable than the actual party.  :)

What you can expect in the upcoming days?

We estimate that we will reach 2,000,000 fans around  October 27th. Maybe the 2 millionth fan will be one of your friends. YOU can help us speed this process up, so we can celebrate sooner. How? Every day we will have a little quiz, poll, or question for you. Every day you will get a chance to win a license for avast! Internet Security or avast! Pro for Mac. Every day you will get a chance to have your picture on our cover image along with your “FREEky Security Tip of the Day.”

Invite your friends to become avast! fans and participate as well, as the most active fans (check your position as avast! TOP FREEk here) will be awarded with… No, I don’t want to spoil the surprise. We will keep you posted.

Follow our Facebook page, answer our quizzes, invite your friends. Simply have fun celebrating 2,000,000 fans with avast!

 

Comments off
October 11th, 2012

Avast Virus Lab analysis of Dorkbot with Skype hijacker

Earlier this week, a new variant of the Dorkbot/Ruskill malware attacked users of the Skype video calling service. This malware can affect a huge amount of sites and online services and can attack almost all known web browsers such as Internet Explorer, Firefox, Chrome, Opera, Flock and other programs such as MSN, wlcomm.exe etc.

The avast! VirusLab analyzed this malware, which you can read about in articles published on the web, but none analyzed the new module that can hijack Skype messenger which is now the bigger threat to users. This module has a packed form around 70KB. After the removal of the custom packer / loader the pure size is 16 384b. The module is very small but includes 31 known language versions of phishing messages that appear in the Skype messenger window. This localization is based on OS language via GetLocaleInfo API. After bypass return value you can see different language mutations.

Phishing messages in various languages

Sample of phishing messages in various languages:

  • lol is this your new profile pic?
  • hey é essa sua foto de perfil? rsrsrsrsrsrsrs
  • hej je to vasa nova slika profila?
  • hey c’est votre nouvelle photo de profil?
  • ?hey esta es tu nueva foto de perfil?
  • hey ini foto profil?
  • hei er dette din nye profil bilde?
  • hej to jest twój nowy obraz profil?
  • hey ito sa iyong larawan sa profile?
  • ?aquesta és la teva nova foto de perfil?
  • hej detta är din nya profilbild?
  • hej jeli ovo vasa nova profil skila?
  • hey la anh tieucua ban?
  • sa k’vo profili lusankary
  • hey e la tua immagine del profilo nuovo? Read more…
Categories: analyses, Virus Lab Tags: , , ,