Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Author Archive
April 16th, 2014

Are software “Easter eggs” safe?

eggs02Easter egg hunts are a favorite activity for kids and adults alike, and on Easter Sunday, backyards, church grounds and even the White House will host their own competitions. Cyberspace has its own Easter eggs (a hidden message in software applications), and the hunt for them is just as fun as for real eggs. I asked Filip Chytrý, a researcher in the avast! Virus Lab specializing in mobile malware, about his favorite Easter eggs.

“I hate boiled eggs,” Chytrý joked, “but revealing Easter eggs in applications is pretty fun especially if you just have a clue, but don’t have any idea where to start.”

Can Easter eggs be malicious?

We’re not too keen on hidden code that no one knows about here at AVAST, so I thought it was a good question. Filip explained that to successfully make an Easter egg, the programmer has to hide the surprise from his fellow team mates and his employer, as well as the end user. It occurred to me that if programmers can hide fun things, it’s not a huge leap to hiding malicious things. Backdoors, for instance?

“We have not seen an Easter egg that might be considered as malware. There are plenty of original apps for Android which are modified to distribute malware by adding some kind of a downloader, but it’s without the user’s interaction. Easter eggs have remained harmless; Android apps – not so much,” said Chytrý.

Are there Easter eggs in mobile software?

Android developers have hidden Easter eggs within Android OS.

Easter eggs found in older version of Android OS

“There are Easter eggs in the latest versions of Android,” said Chytrý. “To access the Easter egg in your device, open the settings screen and tap About phone at the bottom of the screen. Locate Android’s version number on the about screen and quickly tap it several times.”

It worked with Android KitKat on my Nexus 4, but may not work in the modified OS of some device distributors. Find out how to access older Android OS Easter eggs.

Read more…

April 15th, 2014

AVAST helps user recover stolen phone; brother gets shot fighting thieves

Shahrukh Humayun's smartphone was stolen

Shahrukh Humayun’s smartphone was stolen

Two brave brothers fight off mobile phone thieves in Pakistan market.

We have heard stories about how avast! Mobile Security’s anti-theft feature has helped people recover their lost or stolen phones, but nothing as dramatic as Shahrukh Humayun’s tale of bravery.

Twenty year old Shahrukh and his 17-year old brother, Shoaib, live in Rawalpindi, Pakistan, the “twin city” to the capital, Islamabad. “Pindi” is a thriving urban area with good hotels, restaurants, museums, parks, and numerous markets and bazaars. It’s in one of those busy marketplaces that their story begins.

Shahrukh and Shoaib went to the market one day and were held up at gunpoint by thieves that demanded Shahruck’s HTC EVO smartphone.  Acting bravely to defend the expensive and precious device, Shoaib fought back against the bandits. They shot the teenager in the leg, stole the phone and fled the scene.

In his own words, Shahrukh described what happened:

Respected Avast! Team

I love the avast! android application as it helped me in catching the thieves who stole my mobile when I was in the market.

The story of the incident is that I visited market with my brother and I had a HTC EVO 3D X515m at that time. The thieves called me on the gun point while the area was empty. They asked me for the mobile and when my brother tried to take action they shot him on the leg.

Well, eventually I received an sms from avast that the sim have been changed. I checked my mobile as the GPS was active. I told the police about the incident on the same day and they found the thieves after 8 hours through the Google GPS connected with avast map.

Thank you avast!. Love you

1044816_478380138915077_764014148_n

Shoaib Humayun fought theives

All of us at AVAST were touched by the courage of these two young men when faced with danger. We are happy that our anti-theft product proved to be so useful in finding and recovering the phone. More than that, we were concerned about Shoaib. How has he fared since the incident?

Shahrukh gave us an update:

My brother is braver than me. As a result of that bravery he showed his best loyalty to me by fighting with those bandits and got shot on his leg. This event have passed 8 months and he got no sign of bruises on his leg. But thank God he is fine.

Thank you avast for helping me fight these bandits against their unlawful behavior for the country.

 

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

April 10th, 2014

Do you hate updating your passwords whenever there’s a new hack?

Advice about changing passwords from AVAST.

Change your passwords as a precaution against the Heartbleed bug.

We reported yesterday about the serious Heartbleed  bug which allows hackers to steal encryption keys from nearly two-thirds of all websites.

“This is probably the worst bug discovered this year. We believed in the security of SSL/TLS, and now discover that it comes with a hole that allows anyone to read our personal information such as passwords, cookies or even server’s private keys,” said Jiri Sejtko, Director of the AVAST Virus Lab. “We, as end users, simply can’t do anything, but make sure we are as secure as possible.”

That means changing your passwords. Again.

If just thinking about changing all your passwords makes you want to jump out the window, then here are a few tricks to help make it a little less painful. At the end of this post, we’ll share a tip on how to make password creation, as well as remembering them all, as easy-as-pie. So go all the way to the end. ;)

Why do cybercrooks want your password?

It takes serious effort to hijack accounts, so there must be some payoff at the end for cybercrooks.  Obviously, it’s not to get your vacation photos. Money is the most common motivation. Your money.

There are many ways of turning stolen data into money, but one of them is worth highlighting. Research shows that 55% of us reuse passwords on different sites. It is likely that you use the same password for Facebook  that you use for your bank account.  This means that cybercrooks can steal your money much easier. Never use the same passwords on different sites, especially for really important services.

Password basics

1. Use a random collection of letters (uppercase and lowercase), numbers and symbols

2. Make it 8 characters or longer

3. Create a unique password for every account

Tricks and tips

Maximum password security requires at least seven characters, a mix of upper and lower case, a few symbols, and a sense of humor.

Create an acronym using a meaningful, easy-to-remember piece of information. Use a sentence like My wedding anniversary is 28 December, 2001. That phrase turns into this password, Mwai28/Dec.01.

Many sites require a special symbol like ` ~ ! @ # $ % ^ & * ( ) _ – + = { } [ ] \ | : ; ” ‘ < > , . ? /. Use some of those to replace letters. Your password can be this, M<>ai28/Dec.0!.

Read more…

Categories: General, How to Tags: , ,
April 9th, 2014

Heartbleed affects much of internet. Time to change your passwords again.

Heartbleed security threat scares internetThe security community is buzzing with news of a threat called Heartbleed. The bug reportedly affects nearly two-thirds of all websites, including Yahoo Mail, OKCupid, WeTransfer, and others. The bug takes advantage of a vulnerability in OpenSSL, an open-source protocol used to encrypt vast portions of the web. It allows cybercrooks to steal encryption keys, usernames and passwords, financial data and other sensitive data they have no right to.

In a blog post to their users, Tumblr described it this way,

…that the little lock icon (HTTPS) we all trusted to keep our passwords, personal emails, and credit cards safe, was actually making all that private information accessible to anyone who knew about the exploit.

The latest version of OpenSSL fixes the problem and websites are already upgrading.

However, your popular social site, your company’s site, commerce site, hobby site, sites you download software from or even sites run by your government might be using vulnerable OpenSSL, warns Codenomicon on their site about Heartbleed. GitHub compiled a list of sites that are vulnerable, but some may have already been updated. AVAST’s website is safe from the Heartbleed threat.

You can check a site’s vulnerability status at the Heartbleed test site which enables users to enter domains. If a site comes back as an “uh-oh” but doesn’t say “heartbleed” then there may be something else wrong, but it’s not Heartbleed. Update: AVAST’s COO, Ondrek Vlcek recommends this checker, https://www.ssllabs.com/ssltest/analyze.html.

What can you do?

The best advice is to stay away from affected sites for a while. In their report on Heartbleed, Tor advises, “If you need strong anonymity or privacy on the Internet, you might want to stay away from the Internet entirely for the next few days while things settle.”

You need to change your passwords for any vulnerable sites as well. Once affected sites start making the updates, they will most likely advise their customers to change their passwords. Earlier today, Tumblr sent their users a note encouraging them to change passwords to all their online accounts immediately.

“This might be a good day to call in sick and take some time to change your passwords everywhere — especially your high-security services like email, file storage, and banking, which may have been compromised by this bug,” Tumblr said on their blog.

We have written tips about creating strong passwords in the avast! blog. Read My password was stolen. What do I do now? as a reminder.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

Categories: General Tags: , ,
April 5th, 2014

How do I fix an incorrect Microsoft Action Center warning?

howto2_enQuestion of the week: After the latest avast! update, I got a warning from the Microsoft Action Center that my antivirus is not working. It is working fine. How can I get this warning to go away?

The Microsoft Action Center is a central place to view important messages about security and maintenance and take actions that can help your Windows machine run smoothly. If an item is red, that indicates a significant issue that should be addressed soon, such as an outdated antivirus program that needs updating.

Windows regularly checks to see if an antivirus program is installed on your computer, that it’s running, and that it’s up to date. The status of your antivirus program is displayed in Windows Action Center or Security Center. However, Windows does not detect all antivirus programs.

AVAST Evangelist, Bob G., created a new video that shows an easy fix when you get the Microsoft Action Center message that there is a problem with your antivirus protection.

Microsoft also has instructions to specify that you are using an antivirus program that Windows doesn’t find.

Check out other tutorial videos that Bob has created on YouTube.

Ask a question

If you have a question about any of AVAST’s products, please send them to wannabesocial@avast.com. If we answer your question, we will send you an avast! Teddy Bear.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

March 31st, 2014

Backup your phones and PCs on World BackUp Day!

Your world is on your mobile devices and PC: Your family photos, home videos, documents and emails. Unfortunately, you can lose it in an instance. For those folks who haven’t backed up their files, that means disaster. Today is World BackUp Day. Be prepared. Backup your files on March 31st.
backup_img

Did you know?

  • 113 cellphones are lost or stolen every minute of every day
  • More men (60%) than women (47%) frequently back up their data
  • Women are more at risk than men if their smartphone is stolen or lost, because they do not protect their personal data and information as well as men do.

back-up men_women
Back up your Android phone or tablet

Malware is a growing threat to the Android platform, but because of the small size of our devices, loss and theft is still the bigger threat. Men are more careful about the safety and security of their cellphones than women. We learned that curious fact from an avast! survey conducted last summer,  Lost or Stolen Smartphone: The Consequences are Bigger for Women Than for Men.

avast! Mobile BackUp is available for Android phones and tablets and comes in two different versions.

  1. 1. The standalone free version provides you with basic backup options: Contacts, text messages, pictures, and call logs.
  2. 2. If you would like to backup music, video, and apps, then you need to buy the Premium version. This can be done later, from within the free version.

Get free avast! Mobile BackUp from Google Play. After you install avast! Mobile BackUp, your current data will be backed up to your AVAST Account and Google Drive.

Back up your PC

avast! BackUp is an online backup and recovery service that allows you to backup your entire computer or select sets of data or individual files you want to back up. You can choose the storage capacity you need, and for a few bucks a month, rest assured that your files are safe in case disaster strikes.

Try avast! BackUp free for 30 days. During that time, you’ll get 25 GB for your files.

March 31st is World Backup Day. Take the pledge now, then take action:

I solemnly swear to backup my important documents and precious memories on March 31st.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

March 28th, 2014

How to watch American TV when traveling overseas

Question of the week: I don’t want to miss my team play basketball in the March Madness tournament, but I have to go on a business trip to Europe next week. How can I watch US TV when I am traveling overseas?

AVAST_March Madness

This is a great question. TV has never been better, so it’s hard to miss an episode of The Walking Dead or House of Cards when traveling. As for sports – OMG! when you’re team is doing great (Go Gators!), it’s not enough to just read about it online. For our friends outside the USA, March Madness, the annual NCAA college basketball tournament, is in full swing and fans are following closely (think the UEFA Champions League or World Cup.) College basketball fans eagerly follow as 64 teams progress through the rounds to the Sweet Sixteen, the Elite Eight, the Final Four, and at last, the championship game known as “The Big Dance.”

IMG-georestrictionsmWhen in the U.S., you can watch on CBS, TNT, TBS, and truTV, as well as live stream current games and replays through the NCAA March Madness Live web site and downloadable app for mobile devices. But when you’re out of the country, you often don’t have access because of geo-restricted content. You may have seen messages similar to this one from YouTube, that says, “This video is not available in your country.”

20140326_avast_secureline_securely connected via USUse a VPN service to access geo-restricted content

Many expats and travelers use a VPN service to access streaming services while living or traveling in foreign countries.  The VPN (Virtual Private Network) allows you to securely connect to a server of your choice, so that it acts as a “proxy” from a different location than where you are.

avast! SecureLine VPN is one of those services. If you are traveling in Europe, then select a server in the U.S. to access geo-restricted sites. When you log on to CBS, Netflix, Hulu, etc, the service will identify the server as coming from the correct location, and allow you to log on.

VPN adds security when using free WiFi

Another benefit of VPN when traveling is the security you get when using free WiFi at hotels and airports. The VPN creates a private ‘tunnel’ through the internet for your data to travel through, and everything – your web browsing history, your email, your IMs, your VOIP, everything –  inbound and outbound through the tunnel is encrypted. Even if your data is intercepted, your identity is protected, since the VPN masks your IP address. Read more about the security aspect in our previous blog, avast! SecureLine protects your Android or iPhone from cybercriminal surveillance.

How to get avast! SecureLine VPN

avast! SecureLine VPN is completely integrated into all of AVAST’s free and premium products and is available for Android and iOS devices and PCs.

avast! SecureLine VPN is available as a monthly or yearly subscription for Android on Google Play, PCs on the avast! website, and an annual subscription for iOS in the Apple App Store.

Ask a question

If you have a question about any of AVAST’s products, please send them to wannabesocial@avast.com. If we answer your question, we will send you an avast! Teddy Bear.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

March 26th, 2014

Cute, but deadly. AVAST minions fight Grime!

minionsThey might look like funny characters from an animated movie, but the avast! GrimeFighter minions are a deadly force against the grime that accumulates in your computer over time. This crack team of animated minions brings AVAST users new technology that speeds, tunes up, and extends the lifespans of PCs. avast! GrimeFighter is being launched officially today in 14 languages.

“With avast! GrimeFighter we’ve integrated exceptional technology into our product that will help users benefit from their valuable PCs longer, as the minions decontaminate them from unnecessary bloatware,” said AVAST Chief Executive Officer Vince Steckler. “We are glad to offer this new product to our users to optimize their PC performance and are sure our diligent minions will put a smile on their faces.”

The Minion Team

Officer Pete, a police officer with an over-sized mustache leads the team. Other minions with names like Zilch, Torque and Dale Jumpshot, Jr. wipe browser caches, look for hardware problems, analyze your Internet speed, and disable bloatware, such as unnecessary programs and software that may have been pre-installed.

Collaboratively, the other minions examine security settings of popular applications and wireless networks, analyze the PC’s memory, hard drive, CPU and files to provide the user with a report at the end of the scan. The report is straightforward, with an option of viewing more detailed results.

Spring clean your PC

grimefighter resultsYou can scan your PC for free using avast! GrimeFighter, then pay for removal of the Grime reported. avast! GrimeFighter is available as a feature in avast! Antivirus 2014 and also as a standalone application. If you don’t have avast! Antivirus 2014, you can download it for free or purchase it from the AVAST website.

People investing in avast! GrimeFighter to make their PCs run like new again will see instant performance increases that prolong the life of their computers.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.

 

March 20th, 2014

How to remove nuisance browser toolbars?

cleanup infographicQuestion of the week: “How do I get this stupid Sweetpacks off my computer?! It’s driving me crazy!”

This question didn’t come from an AVAST email, a support ticket, or even our Facebook page. It came directly from my mother as we were talking on the phone one day. Believe me, when you work for a security software company, you better have an answer for your mother! Thankfully, I do.

avast! Browser Cleanup.

Since the avast! Browser Cleanup tool was launched in February 2013, it has removed 125 million unwanted toolbars from AVAST users’ computers. That’s more than 10 million toolbars zapped each month.

Toolbars typically inhabit the horizontal space below your browser and include buttons, icons, and menus that give you an easy way to select functions on the desktop, in applications or the browser. In some cases, they can be quite useful, but avast! users have rated only 4.2% of toolbars as “good” or “useful.”

avast! Browser Cleanup has identified 10 million different toolbars in the database, and avast! users have rated most of those as “bad.” The Sweetpacks toolbar, and millions like it, received that rating because they change your home page and search engine into their own. Toolbars often install a hidden background program for “updates,” but it really prevents you from resetting your homepage and search engine back to the ones of your choice. Worse yet, this service makes sure that the toolbar gets reinstalled if you try to remove it.

Our infographic shows you which toolbars avast! users have rated the top “bad” ones and the  companies that supply them. You may notice that some vendors show up more than once with a different product. Renaming products is a shady practice used to trick people.

“Roughly 7 million out of the 10.2 million toolbars in our database are polymorphic – which means they have a varying and almost unreadable name,” said Thomas Salomon, head of AVAST Software ‘s German Software Development team. “Companies use this naming strategy to confuse people, and make it difficult to remove the annoying toolbars.”

You can see some of the variants in a previous blog post.

Another dirty trick vendors use is to name a toolbar after a well-known and respected product – kind of a smoke-and-mirrors approach.

“For a couple of months now, the vendors of annoying toolbars have been using another dirty trick: They name their own bad add-ons with the good name of well-rated and useful add-ons and thus use this good reputation to ‘hide’ their own crap,” explains Salomon.

avast! Browser Cleanup  removes unwanted toolbars from Google Chrome, Mozilla Firefox ,and Internet Explorer. It is integrated in all avast! antivirus security products, and is also available as a stand-alone product on various download portals for use by friends without avast! installed.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

March 18th, 2014

Cyber-hijack unlikely cause of missing Malaysian jetliner

missing_malaysia_airlines_flight-465126An unknown hacker taking control of a plane using an Android phone’s screen sounds like a frightening, but fictional, scenario from the next international spy movie. But, it’s one of many theories being bandied about to explain what happened to missing Malaysian Airways Flight MH370.

This theory, advanced by a British anti-terror expert on Sunday, says that hackers can get into the main computer network of the plane through the inflight, onboard entertainment system. Ondrej Vlcek, Chief Operating Officer at AVAST, believes this theory is highly unlikely.

“The theory is extremely wild and unlikely,” said Vlcek. “The entertainment systems on most airline carriers are relatively old and independent from the main computer systems of the aircraft such as position, temperature, etc. There is no feedback communication from the entertainment system to the main computer. It is basically only one-way information for passengers.”

Long before the mystery of Flight MH370, we shared a different rogue-hacker-with-Android-scenario. It was based on a presentation given at The Hack In The Box security conference in April 2013 called ‘Aircraft Hacking: Practical Aero Series’ by Hugo Teso.  Using PC simulation software, Teso was able to manipulate the steering of a Boeing jet in ‘autopilot’ mode, and said he could make oxygen masks drop down, and even cause the plane to crash by setting it on a collision course with another plane, stated a Forbes’ article about the presentation.

After reviewing the results of his tests, aviation safety groups disputed the findings saying, “The described technique cannot engage or control the aircraft’s autopilot system using the FMS or prevent a pilot from overriding the autopilot. Therefore, a hacker cannot obtain “full control of an aircraft” as the technology consultant has claimed.”

For an up-to-date list of all the theories – from the realistic to the really wild – about what has happened to the plane, please see The Telegraph, Malaysian Airlines MH370: live.

Photo source: Express

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.