Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Author Archive
July 18th, 2014

Spearphishing scams hope you’ll take the bait

avast! Internet Security protects you from phishing and email scamsYesterday on our blog, avast! Virus Lab researcher Jaromir Horejsi, explained a banking Trojan called Tinba. The cybercrooks behind Tinba use a social engineering technique called spearfishing to target its victims.

You have probably heard about email scams that use phishing. This classic technique uses authentic-looking emails to lure the victims to fake websites, then trick them into revealing personal information. Also this week, we told you about an email that AVAST evangelist, Bob G. received claiming that he won money in a World Cup lottery. The cybercrooks behind that scam cast a wide net, hoping to catch a few people then ask them to provide banking information so they could deliver the prize.

Other high profile phishing attempts, like the DHL email scam that ran last Christmas, preyed on the anxiety of the holidays. An email that looks like the real thing was sent, offering all sorts of urgent and legitimate-sounding explanations as to why they need your personal data. It’s not hard to understand why busy people can be fooled.

Spearphishing is similar in every way except that the net is drawn in much tighter. The FBI says that cybercrooks target select groups of people with something in common—they work at the same company, bank at the same financial institution, attend the same college, order merchandise from the same website, etc. The emails are seemingly sent from organizations or individuals the potential victims would normally get emails from, making them even more deceptive. This is what is happening with the Tinba Trojan right now in Czech Republic.

In both social engineering schemes, once the victim clicks, they are led to a phony but realistic-looking website, where they are asked to provide passwords, account numbers, user IDs, access codes, PINs, etc.

How to avoid becoming a spear phishing victim

  • Most companies, banks, agencies, etc., don’t request personal information via e-mail.
  • If in doubt, give them a call (but don’t use the phone number contained in the e-mail—that’s usually phony as well).
  • Use a phishing filter. Both avast! Internet Security and avast! Premier include anti-spam filters to detect phishing and scam emails.
  • Never follow a link to a secure site from an email; always enter the URL manually.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

July 15th, 2014

AVAST evangelist allegedly wins World Cup 2014 Lottery

AVAST evangelist Bob G. received a notification in the mail yesterday from, of all organizations, FIFA! How nice! Only hours after Germany earned the title of World Cup 2014 champs and was awarded with a grand trophy, Bob was also promised a reward of prize money.

Too bad, it’s a scam.

Email scams like this are a form of social engineering designed to trick people into giving away vital personal information. The email generally informs the recipient that they have been selected as lottery prize winners and have won substantial sums of money. Recipients are then persuaded to submit personal information or to part with money as an upfront payment, or forward money to enable them to enter the tender process.

Since Bob is aware of these types of scams, instead of falling for it, he made a video to inform all avast! users. Here it is.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

July 14th, 2014

Common passwords inspire uncommon dress

password dress

Lorrie Cranor models her famous Password dress in front of the “Security Blanket” quilt.

Weak passwords make for creative design.

If you use 123456 or password as your password, you may as well wear it for all to see. It’s THAT easy to crack.

To illustrate this point, Lorrie Cranor, quilt artist, and oh yeah,  director of the CyLab Usable Privacy and Security Laboratory at Carnegie Mellon University, designed fabric based on the extensive research she and her students conducted on the weaknesses of text-based passwords. The quilt she made is aptly named “The Security Blanket,” and is designed from a word cloud of the 1,000 most commonly found passwords from the 2010 RockYou.com hack. Professor Cranor made a Password dress to go with the password quilt. The fabric is available for purchase from Spoonflower.

Iloveyou, you little monkey

The most popular password, 123456, forms a backdrop across the whole quilt. But what intrigued Cranor was not the “the obvious lazy choices,” but what else people choose as passwords. She went through the list and organized the passwords into themes. Many passwords fell into multiple themes, so she tried to think like a RockYou user and extract some meaning from their choices.

Love is a strong theme, and the research found that love-themed words make up the majority of non-numeric passwords. Iloveyou in English and other languages is common. The names of pets are common, and Princess showed up in the top 1,000 and simultaneously on lists of popular pet names. Chocolate is the most frequent of the food-related passwords, with chicken and banana(s) coming up often.

Chicken was a surprise to me, as was monkey, the 14th most popular password. Could RockYou users have an affinity for monkeys because of a game, or do they just like monkeys? Is it related to bananas? Do gamers eat more bananas?

Some things we’ll just have to speculate about…

Swear words, insults, and adult language showed up in the top 1000 passwords, “but impolite passwords are much less prevalent than the more tender love-related words,” wrote Cranor in her blog.

Numbers are even better. Three times as many people chose 123456 over password, and 12345 and 123456789 were also more popular choices. It seems that when required to use a number in a password, people overwhelmingly pick the same number, or always use the number in the same location in their passwords.

Top 10 worst passwords

Security developer SplashData published the Worst Passwords of 2013. Check the list to see if you use any of these:

Rank Password Change from 2012
1 123456 Up 1
2 password Down 1
3 12345678 Unchanged
4 qwerty Up 1
5 abc123 Down 1
6 123456789 New
7 111111 Up 2
8 1234567 Up 5
9 iloveyou Up 2
10 adobe123 New

Tips and tricks

1. Use a random collection of letters (uppercase and lowercase), numbers and symbols

2. Make it 8 characters or longer

3. Create a unique password for every account

Read more from the AVAST blog

Do you hate updating your passwords whenever there’s a new hack?

Are hackers’ passwords stronger than regular passwords?

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

July 11th, 2014

Six ways to secure your smartphone

AR AMSpost-enI bet you would be lost without your smartphone. It’s your lifeline to contacts, emails, and personal information, not to mention all those apps that you use for fun, entertainment, and business. You probably have bought something using your phone, so your credit card information is there, as well as your account log ins. In other words, it would be disastrous to lose it to a thief or be infected with a data-stealing app.

Keep reading for some solid tips that will help you secure your Android smartphones and tablets.

1. Install security software

Protect your smartphone or tablet from malicious attacks. Malware targeted at Android devices is increasing daily, and we project that it will be at PC levels in the next 4 years. Avast! Mobile Security stops malware, plus it help you locate your device if it is lost or stolen with avast! Anti-theft.   Install avast! Mobile Security and Anti-theft from the Google Play store, https://play.google.com/store/apps/details?id=com.avast.android.mobilesecurity

2. Use trusted stores to install apps

The major app stores like Google Play and Amazon are the safest places to go for apps. These have strict vetting procedures, so they are reliable sources most of the time. The ones you need to watch out for are the unregulated third party app stores, often originating from Asia or the Middle East.

For an extra safeguard on your Android device, disable the installation of apps from unknown sources by going to Settings>Security and unchecking the “Unknown Sources” option. Also check the “Verify Apps” option to block or warn you before installing apps that may cause harm.

3. Use a PIN or password and lock your apps

Your Android phone has its own security settings, so we recommend that you set a PIN number with a strong number code to lock the screen. To set your PIN or a pattern, go to Settings>Lock screen.

Read more…

July 1st, 2014

Avoid regrettable mistakes; proactively protect yourself

Even the most careful planning sometimes cannot mitigate human error. A week ago, a photograph of the World Cup Security Center showing the WiFi password on a whiteboard in the background was published on the internet and immediately retweeted numerous times.

Last February, during the Super Bowl XLVIII pre-game show, the Super Bowl security headquarters was shown on a television broadcast along with the stadium’s internal WiFi login credentials.

super-bowl-security-fail-620x463

These so-called “epic fails” are highly publicized examples of regrettable mistakes that every human on the planet is familiar with – because we all make them. Maybe not at that scale; but I dare say, that no one at FIFA or the NFL intentionally set out to expose themselves or their organization to danger.

It could happen to you

So let’s stop giggling at these public slip ups and talk about our collective failure at securing our own passwords and other data. Read more…

July 1st, 2014

TextSecure reclassified as a false positive

On occasion, even the most well thought-out systems can break down. In the antivirus business, we try hard to minimize something termed false positive. A false positive is merely a mistake or a false alarm. It happens when your antivirus software erroneously identifies a file or a download as being malicious.

The AVAST Virus Lab receives more than 50,000 samples of new potential viruses every single day. There are so many that we cannot look at each individually, so we use techniques with super-techie names like Malware Similarity Search and Evo-Gen.  (These techniques are explained in a previous blog post, New Toy in the Avast Research Lab.) When a file is confirmed as malicious, we add it to our virus database. With this amount of new samples, every now and then a false positive occurs. There is no way to avoid it completely, but we try to limit it and its impact.

Over the weekend, avast! Mobile Security erroneously detected the TextSecure app as a Trojan. TextSecure is an app developed by Open Whisper Systems that protects your privacy by encrypting your text and chat messages, which means that they can only be read by your intended recipients. The AVAST Virus Lab discovered the error, fixed it and sent out an update.

Unfortunately, wires got crossed between our Virus Lab analyst and our social media community manager, and the wrong message was sent to people on Twitter and Facebook who inquired about the detection. You see, at the same time as the TextSecure detection was being reported, another unrelated detection was made, and it was indeed a malicious file. It was a simple case of mistaken identity. Later in the day, we discovered the mistake and followed up by communicating it across AVAST social channels.

AVAST confirms that TextSecure Private Messenger is a genuine and safe application for Android, and contains no malicious scripts. We apologize for the inconvenience caused to TextSecure users and Open Whisper Systems.

Please be assured that AVAST does not intentionally recognize valid software as suspicious. The last thing we want to do is disrupt businesses or our customers. However, to provide maximum protection against genuine virus threats, false positive alerts sometimes arise.

howto2_enHow to report a suspected false positive

If you suspect that AVAST has incorrectly identified a file as suspicious, please submit a report to http://www.avast.com/contact-form.php?subject=VIRUS-FILE. This form will generate an email to our Virus Lab research team, and they will investigate it.

Before you do that, you may want to upload a file or a URL to online virus scanning service VirusTotal. This free online service scans the file against multiple antivirus engines and website scanners at the same time.

TextSecure protects your privacy

The fine developers of the TextSecure app deserve a happy ending, so we want to throw our support behind this innovative app. We developed avast! Mobile Security to protect Android users from malware and theft and have included numerous features to protect the privacy of our users. The TextSecure app takes that further by providing end-to-end encryption when you are communicating with other TextSecure users. It also keeps your messages away from prying eyes if your phone is lost or stolen.

Install TextSecure Private Messenger for free from Google Play. Don’t forget to leave a review and a 5-star rating!

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

 

 

June 25th, 2014

FNATIC talks to Avast about DDoS attacks targeting E-Sports

At the beginning of 2014, gaming platforms such as League of Legends and other video-game servers were brought down by distributed denial-of-service (DDoS) attacks. These attacks cost professional gamers thousands in advertising revenue. FNATIC Senior Features writer, Davor ‘Dendra’ Miljkovic, spoke to Jiri Sejtko, the Director of the AVAST Virus Lab, about how to handle DDoS attacks. Here is a reprint of the original article that appeared on the FNATIC website.

 avast! protects over 219 million active devices on all inhabited planets

avast! protects over 219 million active devices on all inhabited planets

The threat is real

The internet realm is becoming increasingly troublesome, as the encyclopedia of viruses, worms, trojans and other malicious creations only keeps growing. However, when it comes to gamers it seems that one particular annoyance tops that list nowadays – Distributed Denial-of-Service (DDoS) attacks. Whether it’s a TS server lagging for no apparent reason or an entire gaming server overloading, chances are you’ve experienced a DDoS attack before.

Dating back to 2000, DDoS attacks have been used to make a machine or network resource unavailable to its intended users and there are several methods to accomplish this. One of the more popular methods is to flood a targeted system with incoming traffic to the point it cannot respond to legitimate traffic or only respond very slowly. This very method is the premium choice among disgruntled gamers who aim to sabotage a server or one particular system of another gamer they dislike for whatever reason.

So what can you do if you find yourself targeted by one such disgruntled gamer?

What can be done?

To see what can be done to help you deal with a DDoS attack or a potential one, we spoke to Jiri Sejtko, the Director of Viruslab Operations at Avast Software:

Q: What kind of security measures are available to protect yourself from a DDoS attack?

A: Basically, there is no protection if an attack is well done, however you can always do some steps to defend your system once the attack has happened.When you know how the attack is done, it’s possible to tweak (setup) your system and to try to find out where the attack came from.

Q: Can you elaborate on these steps?

A: One of the steps would be to configure your router to filter IPs or even protocols used in the attack – this step will help if the attacker didn’t use the whole bandwith of the given Internet connection. Best ask your Internet Service Provider to do this for you.

Q: So which ISPs would you recommend?

Read this answer and the entire article on the FNATIC website.

 

avast! Internet Security is the official antivirus software of the FNATIC team

avast! Internet Security is the official antivirus software of the FNATIC team

 

avast! Internet Security is the official antivirus software of the FNATIC team. avast! offers a massive 40% discount to FNATIC fans! Purchase your discounted avast! Internet Security from the dedicated FNATIC page at avast.com.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

June 20th, 2014

Samsung Galaxy S5 and other popular phones vulnerable to “TowelRoot” Android exploit

avast! Mobile Security detects TowelRoot exploitsavast! Mobile Security protects from an Android flaw which leaves nearly all new smartphones and tablets vulnerable to attack.

Last week, a wave of articles about a newly discovered Android security flaw flooded the Internet. They sounded a warning, similar to this:

“A flaw in the Android operating system may leave many Android phones and tablets vulnerable to attack, including the Samsung Galaxy S5 and Google’s own Nexus 5,” reported Jill Scharr in a Tom’s Guide article.

Our Virus Lab did not waste  time and started preparing for the inevitable attacks. AVAST researchers dug into the subject looking for malware to make  sure that avast! Mobile Security is ready to protect our users. If you are an avast! user and your tablet or smartphone is protected by avast! Mobile Security, you are protected.

“Even though TowelRoot is not malicious itself, it may be misused as an exploit kit. Generally, TowelRoot can be used as a delivery package for malicious applications,” explained  Filip Chytry, an AVAST Virus Lab expert on mobile malware. “It’s capable of misusing a mistake in Android code which allows attackers to get full control over your Android device. TowelRoot itself is more a proof-of-concept, but in the hands of bad guys, it can be misused really quickly. For this reason we added it to our virus signatures, so Avast detects it as Android:TowelExploit.”

Android has not made an official statement on the security flaw, however our researchers confirm that even the latest versions of the operating system are exposed (version 4 and all higher). It is very likely that versions 3.0 can be attacked, too. For those who just purchased an Android device or don’t have protection yet, we strongly recommend that you install avast! Mobile Security, before taking any further actions. Despite the fact that some of the mobile providers claim that their devices are immune to this particular Android exploit, it is highly risky to leave your device unprotected.

What is the TowelRoot Android vulnerability?

Earlier this month a security flaw in Linux, the operating system which Android is based upon, was discovered by a young hacker known as “Pinkie Pie.” Soon afterwards, a gifted teenager, notable because he was the first to unlock the unlockable –  an iPhone at the age of 17, prepared a tool kit for potential hackers. Its instructions are available publicly to “purchase,” allowing even less advanced programmers to write a script that will use the exploit.

The potential exists for hackers to take full control; to simply root your device. So far the AVAST Virus Lab has not observed any massive attack, however knowing about the potential risk, our Virus Lab is ready for the attack. avast! Mobile Security is capable of discovering different variations of malware code required to exploit the bug.

Who is exposed and how to protect yourself?

Basically everyone who owns an Android device without proper antivirus protection, tablet or mobile phone, with any version of Android OS, including the newest one is at risk for malware.

In order to prevent this exploit, or any other malware attack, once you purchase your device, we advise to install antivirus first, before installing any apps, importing contacts, or starting to browse online. Our avast! Free Mobile security, as well as its Premium version are available to download and install from Google Play.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

June 17th, 2014

AVAST kills Android ransomware with new app

avast! Ransomware Removal app eliminates Android ransomware and unlocks encrypted files, for free!

ransomware-removal-suitcase

Ransomware, the terror of Windows that locks computers, encrypts the files, then demands a hefty payment to unlock them, has made its way to Android smartphones.

“The ransomware problem is growing like hell – and it’s no longer just threatening users – the new versions actually do encrypt your files,” said Ondrej Vlcek, Chief Operating Officer at AVAST Software.

AVAST Software just released a new app called avast! Ransomware Removal that will eliminate the malware from an infected device. Get it free for your Android smartphone and tablet from the Google Play Store.

avast! Ransomware Removal will tell you if your phone has ransomware on it. If you are infected, it will eliminate the malware. Android users who are clean, can use the free app to prevent an infection from happening.

This short video shows you what actually happens when ransomware infects your Android smartphone.

The next wave of attacks

Savvy malware writers know where the next round of victims can be found. With Android at a whopping 80% worldwide market share, as well as “billions” of remaining mobile subscribers ready to upgrade to smartphones, the targets are numerous.

After detecting the massive growth of ransomware on PCs, this spring AVAST Virus Lab researchers saw the malware migrating to the Android platform. Analysts identified fake government mobile malware, and early this month a new ransomware called SimplLocker proved to be successful. This proof-of-concept worked so well encrypting photos, videos, and documents stored on smartphones and tablets, that the Virus Lab immediately ordered a tool from our mobile development team to combat it - avast! Ransomware Removal.

SimplLocker blocks access to files contained on mobile devices. Without our free ransomware-removal tool, infected users have to pay $21 to regain access to their personal files,” said Vlcek. “SimplLocker is the first ransomware that actually encrypts these files, so we developed a free tool for people to restore them.”

Find. Kill. Prevent.

Install avast! Ransomware Removal to find out if your Android devices are infected and to get rid of an infection. Anyone infected by SimplLocker, Cryptolocker, or any other type of ransomware can download the free avast! Ransomware Removal tool, and then install the app remotely on the infected device. Once installed, you can easily launch the app to scan the device, remove the virus, and then decrypt your hijacked files.

To keep your devices protected from Cryptolocker, SimplLocker, and other ransomware, make sure to also install avast! Free Mobile Security & Antivirus from the Google Play store. It can detect and remove the malware before it is deployed.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

 

June 10th, 2014

Keep your phone safe from hackers and thieves while on vacation

Traveling to Brazil for the 2014 FIFA World Cup, or just headed out to your local beach for a daytrip? You remember to pack your sunglasses, a hat, and plenty of sunblock, but don’t forget that your mobile gadgets need protection too.

world-cup-hackers Here’s a couple more items for your packing list:

  • avast! SecureLine VPN to protect against dodgy public WiFi
  • avast! Mobile Security and Anti-Theft to protect against thieves

That free WiFi HotSpot could get you in hot water!

Spectators at the 2014 FIFA World Cup Brazil will have lots of choices of free WiFi. At least 6 of the 12 World Cup stadiums have access to free WiFi built in, and planners have created WiFi hotspots across 2,300 access points, including parks, squares, and public transit stations. Fans not watching in person will check scores on their phone or watch live streaming matches by connecting to free WiFi at hotels and bars.

“A WiFi attack on an open network can take less than 2 seconds,” tweeted @ExtremeNetworks recently. Cybercrooks can access and steal your personal data when you connect to these unprotected networks. Having your identity stolen and bank account emptied out while on vacation could ruin any trip – even one to paradise!

“Hackers target public hotspots, where it’s easy to follow every move that users of the WiFi connection make, allowing them to access emails, passwords, documents, and browsing behavior,” said Vincent Steckler, Chief Executive Officer of AVAST Software.

Use a VPN service to make sure that doesn’t happen. avast! SecureLine VPN protects your privacy by making your logins, emails, instant messages, and credit card details invisible to spying.

Read more…

Comments off