Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Author Archive
October 7th, 2013

Beware of poisoned apples

loginEverybody knows the story of the beautiful Snow White. An evil queen with a bad temper gives a young girl a poisoned apple, because she apparently thinks that it would just make her day. Poor Snow White. All she wanted was a bite of this juicy apple. I guess this one particular bite didn’t make her very happy. Anyway, she apparently made some mistakes, that I can tell. For example, if she wanted an apple, she should have just picked one from a “genuine” tree. Or she could have had someone taste the apple first, like a brave knight that’s always there for her, protecting her every second.

Yes, it’s been a while since that famous apple incident happened. Nowadays, a girl wouldn’t just accept an apple from a stranger and take a bite right away. She would at least wash it first! If she’s smart enough, she’s going to have something that tells her more about the apple.

With the magic of fairy dust and special effects, let’s transform this story into the world of mobile security.

Poisoned APPles

The Snow White fairy tale came to life a few days ago, when we found a fake Apple iMessage app for Android. There are lot of apps for Apple iOS that are not released for other platforms. For example, when two people have an iPhone, they can send each other messages for free via Apple’s iMessage service. The Android alternative for that service would probably be Google’s Hangouts app. The problem occurs when you want to send a free text message from iOS to Android. Yes, there’s WhatsApp, Viber, and similar apps, but there’s no way to send an iMessage to Android, nor iMessage from Android. That problem seems to bother some people, so they are eagerly waiting for a solution. The evil queen is aware of the need, so she makes poisoned apples and hands them out for free, telling others that they are sweet, juicy, and absolutely free from poison. Yes, I’m talking about fake apps that are trying to look like official Apple apps for Android. Read more…

Comments off
June 17th, 2013

Android:Obad – malware gets smarter – so does AVAST

det

If you had the privilege to meet Android:Obad, which Kaspersky earlier reported to be the “most sophisticated android malware,” you are in a real bad situation and this will probably be the moment to which you’ll be referring to in the future as “The time I learned the hard way what better-safe-than-sorry means.” A few days ago we identified a new variant of that threat. There is a chance you bumped into this bad guy before we started detecting it, because if our generic detections don’t catch the malware there is always a short delay before it gets to us. In most cases, it isn’t a problem to get rid of a malicious app – you just uninstall it after you find it. This time, that won’t work.

The problem we are facing here is called “Device administrator.” After you launch an app infected with Android:Obad, you will be asked to make the app the current device administrator, which will be only a few buttons away so it isn’t hard to do. After you do so, there is no way back because this piece of malware uses a previously unknown vulnerability which allows it to get deeper into the system and hide itself from the device administrator list – the only place you can manage device administrators. You won’t be also able to uninstall the app via Settings, because all the buttons will be grayed out and will not function.

scr

Lucky for you, avast! Mobile Security will save you from doing a factory reset and losing your data, which certainly is one of the solutions. But don’t worry, you are safe with us. Read more…

June 4th, 2013

For Your Satisfaction – Android:Satfi-A [Trj]

We all have our favorite apps for all the things we do. I use Shazam when I don’t know what song is playing, Maps when I’m lost, FlightRadar24 when I’m curious about the plane flying over my head. These apps are there for my satisfaction; they meet some need.

main_x

Each of us have different needs and desires. Apps like SatsFiU Player take advantage of that.  Wherever you got this app from, it’s not from the Google Play Store. This app will try to satisfy both your and its developer’s desires.

SafsFiU Player is an app that might come in handy, when you need to be entertained, in an “adult way,” if you know what I mean. For the ones that don’t get it or don’t believe what I’m talking about it, I’ll be clear -  it’s an app that plays pornographic movies. There is the standard “catch” which almost every malicious app for android has. In this case, the catch most visible is that it allows the developer to remotely control your phone, in a particular way. The most distressing part is that he can tell your phone to send an SMS to a given number, potentially premium-rated.

Yes, it’s a win-win situation. Kindof. You’ll be pleased by what you see, he’ll be pleased by the money he gets and the information sent from your phone. Read more…

November 20th, 2012

Android PUP Detections – Oh, Not That One Again!

Potentially Unwanted Program – that’s what PUP stands for. You probably already had a chance to meet some PUPs on a Windows PC, but how does a PUP look on an Android phone? How will you know how to handle it?  All of this will be explained here.

When a PUP alert attacks you, don’t panic.

For starters, it’s just a warning. It’s not a standard virus and, no, your life is not in danger. PUP detections were made to warn people when a suspicious component or ability is detected within the application.

Let’s say you downloaded an app that’s called “Christmas Carols” (don’t panic about that, either; it’s still a month and a half till Christmas) and a PUP warning hits you. The detection name reads “Android:SpyPhone-E [PUP]”. What should you do? Well, what I would do is to sing Silent Night to that app and wave goodbye while uninstalling it. Why? Well, it’s an app that’s supposed to play Christmas carols and not “SpyMyPhone” or whatever that PUP warning says.

Read more…

Comments off
August 15th, 2012

Oh wait, that’s not what I wanted!

Got a brand new smartphone and want to be protected from all the dangerous malware that’s out there? So you go and get some Android antivirus software. But, what you don’t know is that you just got tricked. And, it’s going to cost you some money. Yes, even if you downloaded if for free.

The latest trend in Android malware is to hide behind something that seems to be legit. Guys at GFI Labs pointed that out, so let’s take a closer look behind the scenes and add some interesting info from the AVAST Virus Lab’s perspective. Imagine yourself as a virus maker. You create an app that will do something evil like steal or delete people’s texts (you’re a nice virus maker), or you want to milk the cow even more and you create an app that’s going to get you some money from the victim by making it silently send text messages to premium-rate phone numbers.

But, how do you spread your evil milking machine among Android users? Just take a look at the apps that are already popular and trusted, like Angry Birds, Opera Browser, or even better, an antivirus app! What can feel safer than installing antivirus on your phone, right? So you take your evil app and make it look, for example, like avast! Mobile Security or any other antivirus suite. Then you make it available for free download, easy to find, placed on a web page that is not guarded like the Play Store, Amazon App Store, or any other genuine Android market. Most of the people only download apps from these genuine stores, but there are always some of them that somehow get tricked or that are just unlucky and run into some fraudulent apps like the one I’m talking about.

Let’s take a closer look at one of the cases. Android:FakeInst-AB Read more…

Comments off