Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus


August 22nd, 2014

How to look like an idiot on Facebook and Twitter

Looking like an idiot on social networks like Facebook and Twitter is not too difficult. Many people have achieved this state of being without much thought at all. So c’mon! With a little effort and commitment you can lose your job, get arrested, or alienate your friends! ;)

Facebook idiot

Here are the top 3 ways you can look like a total nincompoop on social media.

  1. 1. Post rants and other fun messages. Anger is a completely natural, healthy emotion. Some people think it’s a good idea to try to control it so they won’t, for example, drive their fist through the wall or punch their co-worker in the nose. But now, you can release all that pent up emotion by communicating your feelings on social media!

Like this woman: After being passed over for a promotion at work, an Arizona woman posted an angry Facebook message in reaction. How good it must have felt to let her frustration out. Since she was friends with her co-workers, they all saw it. It said,

This place is a joke!!! I wonder if I passed up a good opportunity by being at this place. I absolutely hate fake and lazy ppl!!! Ugh, the ones who actually work are the ones to blame??? WTF? #TwistedMinds.”

Those co-workers of hers, not the fake or lazy ones,  were sure to surround her with support and encouragement after reading how distressed she was.

Oh. Oops. They couldn’t encourage her. She was fired shortly after that rant.

Here’s an example of a proud daughter bragging about her father. That’s really sweet, isn’t it? Most teenagers complain about their parents, but this Florida girl took to Facebook right away to express her joy about an $80,000 age-discrimination lawsuit her father won from a former employer, a posh private school. She had plenty of classmates at the school who saw the post. She wrote,

 Mama and Papa Snay won the case against Gulliver. Gulliver is now officially paying for my vacation to Europe this summer. SUCK IT.

It’s so nice that a young girl wants to travel in Europe for the summer…all that history and culture…and the food…

Oh. Oops. The school’s administrators and lawyers also got to see her message. The lawyers were not amused, so they invoked the confidentiality order and voided her father’s settlement.

Read more on our blog about dumb things people post.

TIPS

  • Before posting, take a moment to rethink what you just entered in the newsfeed. Re-read what you wrote before hitting the publish button.
  • Take advantage of Facebook Groups or Google+ circles to make sure your messages get to the right people.
  1. 2. Let it all hang out: Ignore your privacy settings. In the excitement of daily life, it’s easy to forget how many people can read your posts. From co-workers to your mom, even strangers; virtually anyone can read your angry rant, your drunken Tweet, or see Selfies of your trip to the mall when you were supposed to be home sick in bed. When I read about this guy, I knew you’d like it too – it’s so cute.

Read more…


August 21st, 2014

Employees using public Wi-Fi put sensitive business data at risk – VPN services provide proper protection

travel tipsJohn Smith works for a small business with ten employees. The company is sending John abroad to meet with potential investors. Being the productive employee that John is, he connects to the public Wi-Fi provided by the airport to do some work. He visits the investors’ websites and sends a few emails to his colleagues. On the flight, John continues to surf the web using the in-flight Wi-Fi. Once John lands he goes to a café before his first meeting. At the café he connects to the Wi-Fi to download a revised version of his presentation. After his meetings, John goes to his hotel for the night. There, John connects to the hotel’s Wi-Fi to send his boss a summary of the meetings and to catch up on some news from home. To John’s disappointment, local news videos are blocked due to geographic restrictions.

This sequence of events is typical for traveling business professionals. Connecting to public Wi-Fi frequently while on the go may be a great way to get work done, but it can be dangerous if employees don’t use a VPN (Virtual Private Network) connection.

During John’s journey he connects to four different hotspots. John works for a small business, so they do not have an IT administrator who set up a secure VPN for John to use. John therefore transferred valuable information, entered log in credentials, and browsed websites that reveal his business’ intentions without any protection. Anyone could observe which websites John visited, read messages he sent, and access files he transferred via unsecured sites with tools readily available online.

Unless you are visiting sites beginning with HTTPS, your communication is unencrypted. This means all your communication is out in the open for anyone to see, including log in credentials. Sharing information, such as files, via file transfer protocol (FTP) while connected to public Wi-Fi is also never a good idea. Like visiting non-HTTPS sites, files and data transferred via FTP are up for grabs.

Don't forgetSmall businesses, without a VPN network, should turn to VPN services, like avast! SecureLine VPN to protect their data. A VPN creates a virtual shield and tunnels traffic to a proxy server. The proxy server protects business data, thus preventing hackers from accessing files and other sensitive information stored on the device. VPNs also anonymize location; an added plus for when business professionals who need access to content from home that may be blocked while traveling.

REMEMBER THIS!

With a VPN connection you can:

  • Protect your business data by preventing hackers from accessing files and other sensitive information stored on the device
  • Anonymize your location (IP address) online so you can access restricted content from home that might be blocked while traveling (Netflix, anyone?)
  • Hide your login details from snoops on public Wi-Fi. Avast encrypts all of your web use, including log ins and passwords.

avast! SecureLine VPN is available in packages of three, five or ten licenses and can be purchased from authorized AVAST resellers. avast! SecureLine VPN can also be purchased directly from the AVAST online shop.

Read more about VPN and avast! SecureLine from these blog posts:

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.


August 19th, 2014

Reveton ransomware has dangerously evolved

The old ransomware business model is no longer enough for malware authors. New additions have made Reveton into something even more powerful.

Reveton

The latest generation of Reveton, the infamous “police” lock screen/ransomware, targets new black market business. The authors upped the ante of the despised malware from a LockScreen-only version to a dangerously powerful password and credentials stealer by adding the last version of Pony Stealer.  This addition affects more than 110 applications and turns your computer to a botnet client.

Reveton also steals passwords from 5 crypto currency wallets. The banking module targets 17 German banks and depends on geolocation. In all cases, Reveton contains a link to download an additional password stealer. The most common infection is via the well-known exploit kits, FiestaEK, NuclearEK, SweetOrangeEK, etc.

Pony stealer module

Reveton use one of the best password/credentials stealer on the malware scene today. Pony authors conduct deep reverse engineering work which results in almost every password decrypted to plain text form. The malware can crack or decrypt quite complex passwords stored in various forms.

The stealer includes 17 main modules like OS credentials, FTP clients, browsers, email clients, instant messaging clients, online poker clients, etc and over 140 submodules.
Reveton modules

Read more…


August 18th, 2014

A look into the future of mobile hacks

crystal ball 1

Mobile malware is maturing quicker than PC threats did.

Mobile malware analyst Filip Chytry looks into his crystal ball and predicts where cybercrooks are headed next.

The majority of mobile malware AVAST has in its database comes from unofficial app stores. As we wrote about in The Fine Line between Malicious and Innocent Apps, infiltrating official app markets like Google Play is rather difficult. Therefore, it is very likely that mobile malware authors will look for other ways to hack mobile devices, which contain a plethora of valuable and sensitive information.

App servers and base transceiver stations (BTS), which enable communication between mobile networks and devices, will most likely be targeted next by mobile hackers. Man-in-the-middle attacks via app servers mean that mobile hackers may redirect communication between mobile app users and the app’s server or infect app users’ by pushing malware onto user devices via the apps on their devices.

Mobile operators should be prepared for a BTS attack, as this may be possible in the near future. Not only would hackers be able to spread malware to mobile users via a BTS attack, but infected BTS could re-route all incoming mobile data.

Another possibility is that hackers could intercept communication between mobile users and app servers. Hackers could retrieve banking details if they intercept the communication between a user completing a transaction using a mobile banking app.

Mobile malware is in its infancy; at the moment comparable to a toddler. Mobile users, security providers, app markets, and mobile operators should brace themselves for the teenage version of mobile attacks.

AVAST will continue to be one step ahead of mobile malware authors, protecting avast! Mobile Security users from malware and other mobile security risks. Download avast! Mobile Security for free.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.


August 16th, 2014

Facebook Messenger app stirs privacy pot

Lately, you may have noticed that when you try to send messages through Facebook’s mobile app on your phone and tablet, you are prompted to download the standalone Facebook Messenger app. It’s a cool app which allows you to message your Facebook friends, send picture and video messages, and call any of your Facebook friends for free using your Wi-Fi connection. It has also stirred up some controversy about all the permissions it requires.

avast! Mobile Security protects your Android device

Messenger needs permission to take pictures and videos using your camera, record audio, directly call phone numbers, receive/send/read/edit your text messages, access the internet, look into your address book, and keep track of your precise location. When we take a look at the permissions listed on the Google Play store, there are other creepy, but not really threatening, things like preventing your phone from sleeping and controlling the vibration.

The privacy controversy that is stirring is around the question of what Facebook may do with all that data. For example, do they really need to see your address book? Don’t they already know who your friends are on Facebook?

The thing is – nothing has changed about Facebook Messenger permissions. The previous version required the same access as the standalone app. You can read Facebook’s explanation about the permissions here.

We wrote about the changes in the way Google Play manages permissions earlier this summer, pointing out that most people blindly accept whatever app developers want without question. Each of us needs to decide how much we are willing to give in order to get. But please be aware, dear avast! users, that your smartphone combined with social media is a mecca for hackers. Our lives in data are stored on our mobile devices and without strong security and some common sense, cybercrooks can harvest it and use it as they please.

Make sure you protect your devices with the proper security. avast! Mobile Security is for Android phones and tablets, and it’s free. The Application Shield keeps you safe from malicious apps by scanning them on two levels – on installation and on execution. With App manager you can see your running apps, check their permissions, and if they display ads. Download avast! Mobile Security & Anti-theft from the Google Play store.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitterGoogle+ andInstagram. Business owners – check out our business products.

 

 

 

 

 


August 14th, 2014

The Fine Line between Malicious and Innocent Apps: Part 2

Malware has increased on mobile devices 900% since 2011. As dramatic as that number is, as we explained in part 1 of this post, your Android device is unlikely to become infected with malicious malware.

Nowadays, cybercrooks use more subtle and insidious techniques to steal money and personal data from you.

hungry-ads

We explained about PUPs and snoopy apps that want too much information from you. Here are a few more sneaky methods that you should be aware of:

Information hungry ads

App developers are not the only information hungry players in the app game. Ad kits can be found in 80% of free apps. Ads are used to monetize free apps, just like websites display ads to monetize. Unfortunately, not all ad networks play fair. Some ad networks collect and share your personal data.

At the beginning of the year Rovio, maker of Angry Birds, came under fire for allegedly sharing user information with the NSA. They, however, denied this and stated that Ad Networks used by “millions of commercial websites and mobile applications” leaked information to the U.S. intelligence agency.

avast! Mobile Premium, the premium version of avast! Mobile Security, includes an Ad Detector feature. This feature provides full details of an ad network’s capabilities. Ad network permissions are mixed in with the app’s permissions, so it is difficult to differentiate where certain information is being sent and who is accessing your device. App downloaders should therefore always review app permissions thoroughly, as app developers are not the only players on the app’s field.

Empty promise apps

There are apps on the market that are not after your personal data, but are more interested in deceiving you for financial gain. These apps trick people into downloading something different than what they advertised. There are various ways this can be done with various levels of severity.

The most innocent of them being seemingly normal apps that when downloaded only display ads, not even offering the service they advertised. We found apps like this around the time of the World Cup. Games like Corner Kick World Cup 2014 displayed a white screen with ads popping up now and then. This is not necessarily malicious, but frustrating and annoying for the user. If the app had been called Ad Roulette it would be acceptable, but app developers gain a small profit from advertisers when users click on ads displayed within their app. Displaying ads continuously boosts the likelihood that users will click on the ads, thus increasing the app developer’s profit.

More malicious and misleading apps warn people that their device is infected, deceiving them into downloading either an app to remove the “virus” on their device or in some cases downloading actual malware. AVAST discovered an adult app, available on an underground app market that forced users to “scan their device for viruses.”. Subsequently, the app displayed a fake version of avast! Mobile Security, which in reality was ransomware that locked victim’s out of their devices until they paid up.

Apps that gain users by offering a solution to remove non-existent infections, on the other hand, may offer a legitimate app, like a security or other category of app, but the tactic they use to gain users is deceitful and unethical.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitterGoogle+ andInstagram. Business owners – check out our business products.


August 14th, 2014

Calling advanced Android users: Join the avast! Mobile Security Beta test!

Would you like a sneak-peek into our new version of avast! Mobile Security before the official product release? The opportunity is here.  We are looking for advanced Android users to participate in the avast! Mobile Security Beta test. This Beta test will run until August 31, so you have plenty of time to test everything. Your valuable feedback will be incorporated into our product before going public to millions of users, so your participation is vital.

Help our development team by being  part of the beta testing team. We need your input! :)

avast! Mobile Security beta testing

Android beta testers are vital to the success of avast! Mobile Security. Join the team!


Here’s how to join the avast! Mobile Security Beta test:

What we expect from you?

  • Provide us with your feedback on the new interface, with a special focus on graphical issues and issues with translations
  • Report all potential bugs you find, preferably with print screens
  • Give us your suggestions for improvements, additional features, and solutions

Where you can submit your feedback?

Every active participant who provides feedback will receive a 1-year avast! Mobile Premium license.

The new interface has already received praised from beta testers. We want to hear from you. Join the Google+ Mobile Security beta testers community now.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitterGoogle+ andInstagram. Business owners – check out our business products.


August 13th, 2014

avast! Mobile Security named Tabby Awards Winner and Users’ Choice

Tabby users_choice-2014 (2)The public has spoken! One hundred thousand votes were cast and avast! Mobile Security & Antivirus was declared the Winner and Users’ Choice pick for the best Utilities and Tools for Android devices.

The international panel of independent judges wrote about avast! Mobile Security, “One of the best security apps for tablets. Setup is quick and easy. UI is refreshing and simple yet functional. Capabilities and ease of use are outstanding. Very solid. This application is the complete mobile security package.”

The crowning achievement for the developers of avast! Mobile Security is the Users’ Choice award, given by real app users. In June and July, app users voted on the TabbyAwards.com site for their favorite app among panel-selected finalists in each category. The full list of Winners, Users’ Choice and Finalists, with links to download them, is available at TabbyAwards.com.

You ain’t seen nothing yet

The judges and users thought that the current version of avast! Mobile Security has a “refreshing” and “simple yet functional” user interface.  Well, it’s about to get even better!

Android Power Users: Join us as a beta tester and provide feedback on the new, improved avast! Mobile Security user interface. Visit the avast! Google+ page to join the beta community and learn how you can earn a free 1-year license for avast! Mobile Premium.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitterGoogle+ andInstagram. Business owners – check out our business products.


August 13th, 2014

The Fine Line between Malicious and Innocent Mobile Apps: Part 1

AVAST has more than 1 million mobile malware samples in its database, up 900,000 from 2011.

Yet the majority of mobile users seemingly have never been affected by mobile malware. Have you ever wondered why that is?

Unmistakably malicious malware, like ransomware or malware that is designed to send premium SMS behind users’ backs, is available on underground hacker forums. Yet truly malicious malware rarely hits the mass market, because they get blocked by security apps like avast! Mobile Security and are not tolerated on the Google Play Store. This protection saves the majority of mobile users from encountering malware, which is why mobile malware seems like a myth to many.

Android

While it may take time for mobile malware authors to successfully circumvent official app market policies, there are less malicious ways app developers are taking advantage of app users. These app developers are taking advantage of the fine line between malicious and innocent apps, using sly tactics to go behind users’ backs.

PUPs – Potentially Unwanted Programs (not as in puppies) 

Apps whose behavior blurs between malicious and innocent are classified by avast! Mobile Security as Potentially Unwanted Programs (PUPs). Apps classified as PUPs act innocently enough to be considered as not malicious, but contain undesirable characteristics, which can be boarder line malicious. Their features can be used maliciously, if the app developer chooses to do so.

Information hungry apps

App developers are allowed to request access to certain functionalities and data on your phone so their app can function properly. For example, a map app can request permission to access your location, to provide you with directions from your current location to your desired destination. Some app developers, however, take advantage of permissions by either requesting additional information or completely irrelevant access from what their app requires.

In March, I found an app that did just this, and at the time of its discovery, it was available on the Google Play Store. The app was called Camera Nocturna, a night vision app that requested much more than access to the phone’s camera. By accepting Camera Nocturna’s permissions, the app also gained access to contacts and the permission to write SMS, which it used to send premium SMS behind users’ backs. The app has since been removed from the Google Play Store.

Always use caution when downloading apps, and pay careful attention to the permissions the app requests. If the permissions don’t seem to match the app’s functionalities, don’t accept them. Google has recently changed the Android permissions section in the hopes of making app permission requests simpler. Despite this, app downloaders should remain cautious. The change by Google groups permissions into categories. This allows apps to receive new permissions automatically, without being explicitly granted permission by the user if the permission falls under the same category as a permission that was previously granted by the user.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitterGoogle+ andInstagram. Business owners – check out our business products.

Categories: Uncategorized Tags:

August 9th, 2014

Our pressing need for ‘now’ does not translate to a want for security breaches

instant-gratificationRecode is running a series leading from its “I want it now” piece about people who have grown accustomed to having their desires met on a whim through the aid of savvy entrepreneurs and tech innovators eager to cash in.

We can all relate to “I want it now”.

I feel myself growing impatient in coffee shops when someone has found a spot to connect their laptops or mobile devices to power points – and I have not. As we often spend hours in the one coffee shop sipping from the same latte we ordered more than an hour ago, it’s inevitable from time to time that we’ll want to check our personal affairs.

What’s happening on facebook? I should message my friend. Let’s browse my favorite news and music sites – that concert looks good, I think I’ll buy a ticket. What, my credit card has been rejected? Best do some online banking.

This type of activity in public spaces can be open playing field for the ill-intentioned: The hacker or the “steal your data” money or identity thief.

We would all agree the “I want it now” mentality does not include: ‘I want’ cyber snoops and criminals ‘now’.

We’ve heard the warnings about our mobile devices – the smartphone is a walking computer in your back pocket, and yet one that can easily be lost or stolen. The plethora of text messages, contact lists, photos, online search history – all this information can be found and used against us if it falls into the wrong hands – even when wiped (as our recent blogpost shows).

Hackers are also targeting our mobile devices with malicious malware. Read more…