Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Author Archive
July 11th, 2014

Six ways to secure your smartphone

AR AMSpost-enI bet you would be lost without your smartphone. It’s your lifeline to contacts, emails, and personal information, not to mention all those apps that you use for fun, entertainment, and business. You probably have bought something using your phone, so your credit card information is there, as well as your account log ins. In other words, it would be disastrous to lose it to a thief or be infected with a data-stealing app.

Keep reading for some solid tips that will help you secure your Android smartphones and tablets.

1. Install security software

Protect your smartphone or tablet from malicious attacks. Malware targeted at Android devices is increasing daily, and we project that it will be at PC levels in the next 4 years. Even though malware is not likely to affect you (yet), avast! Mobile Security & Anti-theft protects your device , plus it helps you locate your device if it is lost or stolen.

TIP: When you upgrade to avast! Mobile Premium you get a feature called Password Check. This feature keeps nosy people and data thieves from snooping around your messages or emails. After 3 wrong attempts to break in, your phone is locked.

2. Use trusted stores to install apps

Malware may not be a huge threat yet, but cybercrooks are using apps in subtle ways, so you need to be aware of what you’re downloading onto your device. The major app stores like Google Play and Amazon are the safest places to go for apps. These have rigorous vetting procedures, so they are reliable sources. The ones you need to watch out for are the unregulated third party app stores predominantly from the Asia or the Middle East.

TIP: For an extra safeguard on your Android device, stop the installation of apps from unknown sources. Go to Settings>Security and uncheck the Unknown Sources option. Check the Verify Apps option to block or warn you before installing apps that may cause harm.

3. Use a PIN or password and lock your apps

Your Android phone has its own security settings, so we recommend that you set a PIN number with a strong number code to the lock screen. To set your PIN go to Settings>Lock screen to set a pattern or passcode.

TIP: Use avast! Mobile Security App Lock to set a PIN for apps you want to keep private, like online shopping and banking apps. You can lock any two apps with a PIN/gesture using our free product; get unlimited app locking with the Premium product.

Read more…

July 1st, 2014

Avoid regrettable mistakes; proactively protect yourself

Even the most careful planning sometimes cannot mitigate human error. A week ago, a photograph of the World Cup Security Center showing the WiFi password on a whiteboard in the background was published on the internet and immediately retweeted numerous times.

Last February, during the Super Bowl XLVIII pre-game show, the Super Bowl security headquarters was shown on a television broadcast along with the stadium’s internal WiFi login credentials.

super-bowl-security-fail-620x463

These so-called “epic fails” are highly publicized examples of regrettable mistakes that every human on the planet is familiar with – because we all make them. Maybe not at that scale; but I dare say, that no one at FIFA or the NFL intentionally set out to expose themselves or their organization to danger.

It could happen to you

So let’s stop giggling at these public slip ups and talk about our collective failure at securing our own passwords and other data. Read more…

July 1st, 2014

TextSecure reclassified as a false positive

On occasion, even the most well thought-out systems can break down. In the antivirus business, we try hard to minimize something termed false positive. A false positive is merely a mistake or a false alarm. It happens when your antivirus software erroneously identifies a file or a download as being malicious.

The AVAST Virus Lab receives more than 50,000 samples of new potential viruses every single day. There are so many that we cannot look at each individually, so we use techniques with super-techie names like Malware Similarity Search and Evo-Gen.  (These techniques are explained in a previous blog post, New Toy in the Avast Research Lab.) When a file is confirmed as malicious, we add it to our virus database. With this amount of new samples, every now and then a false positive occurs. There is no way to avoid it completely, but we try to limit it and its impact.

Over the weekend, avast! Mobile Security erroneously detected the TextSecure app as a Trojan. TextSecure is an app developed by Open Whisper Systems that protects your privacy by encrypting your text and chat messages, which means that they can only be read by your intended recipients. The AVAST Virus Lab discovered the error, fixed it and sent out an update.

Unfortunately, wires got crossed between our Virus Lab analyst and our social media community manager, and the wrong message was sent to people on Twitter and Facebook who inquired about the detection. You see, at the same time as the TextSecure detection was being reported, another unrelated detection was made, and it was indeed a malicious file. It was a simple case of mistaken identity. Later in the day, we discovered the mistake and followed up by communicating it across AVAST social channels.

AVAST confirms that TextSecure Private Messenger is a genuine and safe application for Android, and contains no malicious scripts. We apologize for the inconvenience caused to TextSecure users and Open Whisper Systems.

Please be assured that AVAST does not intentionally recognize valid software as suspicious. The last thing we want to do is disrupt businesses or our customers. However, to provide maximum protection against genuine virus threats, false positive alerts sometimes arise.

howto2_enHow to report a suspected false positive

If you suspect that AVAST has incorrectly identified a file as suspicious, please submit a report to http://www.avast.com/contact-form.php?subject=VIRUS-FILE. This form will generate an email to our Virus Lab research team, and they will investigate it.

Before you do that, you may want to upload a file or a URL to online virus scanning service VirusTotal. This free online service scans the file against multiple antivirus engines and website scanners at the same time.

TextSecure protects your privacy

The fine developers of the TextSecure app deserve a happy ending, so we want to throw our support behind this innovative app. We developed avast! Mobile Security to protect Android users from malware and theft and have included numerous features to protect the privacy of our users. The TextSecure app takes that further by providing end-to-end encryption when you are communicating with other TextSecure users. It also keeps your messages away from prying eyes if your phone is lost or stolen.

Install TextSecure Private Messenger for free from Google Play. Don’t forget to leave a review and a 5-star rating!

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

 

 

June 25th, 2014

FNATIC talks to Avast about DDoS attacks targeting E-Sports

At the beginning of 2014, gaming platforms such as League of Legends and other video-game servers were brought down by distributed denial-of-service (DDoS) attacks. These attacks cost professional gamers thousands in advertising revenue. FNATIC Senior Features writer, Davor ‘Dendra’ Miljkovic, spoke to Jiri Sejtko, the Director of the AVAST Virus Lab, about how to handle DDoS attacks. Here is a reprint of the original article that appeared on the FNATIC website.

 avast! protects over 219 million active devices on all inhabited planets

avast! protects over 219 million active devices on all inhabited planets

The threat is real

The internet realm is becoming increasingly troublesome, as the encyclopedia of viruses, worms, trojans and other malicious creations only keeps growing. However, when it comes to gamers it seems that one particular annoyance tops that list nowadays – Distributed Denial-of-Service (DDoS) attacks. Whether it’s a TS server lagging for no apparent reason or an entire gaming server overloading, chances are you’ve experienced a DDoS attack before.

Dating back to 2000, DDoS attacks have been used to make a machine or network resource unavailable to its intended users and there are several methods to accomplish this. One of the more popular methods is to flood a targeted system with incoming traffic to the point it cannot respond to legitimate traffic or only respond very slowly. This very method is the premium choice among disgruntled gamers who aim to sabotage a server or one particular system of another gamer they dislike for whatever reason.

So what can you do if you find yourself targeted by one such disgruntled gamer?

What can be done?

To see what can be done to help you deal with a DDoS attack or a potential one, we spoke to Jiri Sejtko, the Director of Viruslab Operations at Avast Software:

Q: What kind of security measures are available to protect yourself from a DDoS attack?

A: Basically, there is no protection if an attack is well done, however you can always do some steps to defend your system once the attack has happened.When you know how the attack is done, it’s possible to tweak (setup) your system and to try to find out where the attack came from.

Q: Can you elaborate on these steps?

A: One of the steps would be to configure your router to filter IPs or even protocols used in the attack – this step will help if the attacker didn’t use the whole bandwith of the given Internet connection. Best ask your Internet Service Provider to do this for you.

Q: So which ISPs would you recommend?

Read this answer and the entire article on the FNATIC website.

 

avast! Internet Security is the official antivirus software of the FNATIC team

avast! Internet Security is the official antivirus software of the FNATIC team

 

avast! Internet Security is the official antivirus software of the FNATIC team. avast! offers a massive 40% discount to FNATIC fans! Purchase your discounted avast! Internet Security from the dedicated FNATIC page at avast.com.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

June 20th, 2014

Samsung Galaxy S5 and other popular phones vulnerable to “TowelRoot” Android exploit

avast! Mobile Security detects TowelRoot exploitsavast! Mobile Security protects from an Android flaw which leaves nearly all new smartphones and tablets vulnerable to attack.

Last week, a wave of articles about a newly discovered Android security flaw flooded the Internet. They sounded a warning, similar to this:

“A flaw in the Android operating system may leave many Android phones and tablets vulnerable to attack, including the Samsung Galaxy S5 and Google’s own Nexus 5,” reported Jill Scharr in a Tom’s Guide article.

Our Virus Lab did not waste  time and started preparing for the inevitable attacks. AVAST researchers dug into the subject looking for malware to make  sure that avast! Mobile Security is ready to protect our users. If you are an avast! user and your tablet or smartphone is protected by avast! Mobile Security, you are protected.

“Even though TowelRoot is not malicious itself, it may be misused as an exploit kit. Generally, TowelRoot can be used as a delivery package for malicious applications,” explained  Filip Chytry, an AVAST Virus Lab expert on mobile malware. “It’s capable of misusing a mistake in Android code which allows attackers to get full control over your Android device. TowelRoot itself is more a proof-of-concept, but in the hands of bad guys, it can be misused really quickly. For this reason we added it to our virus signatures, so Avast detects it as Android:TowelExploit.”

Android has not made an official statement on the security flaw, however our researchers confirm that even the latest versions of the operating system are exposed (version 4 and all higher). It is very likely that versions 3.0 can be attacked, too. For those who just purchased an Android device or don’t have protection yet, we strongly recommend that you install avast! Mobile Security, before taking any further actions. Despite the fact that some of the mobile providers claim that their devices are immune to this particular Android exploit, it is highly risky to leave your device unprotected.

What is the TowelRoot Android vulnerability?

Earlier this month a security flaw in Linux, the operating system which Android is based upon, was discovered by a young hacker known as “Pinkie Pie.” Soon afterwards, a gifted teenager, notable because he was the first to unlock the unlockable –  an iPhone at the age of 17, prepared a tool kit for potential hackers. Its instructions are available publicly to “purchase,” allowing even less advanced programmers to write a script that will use the exploit.

The potential exists for hackers to take full control; to simply root your device. So far the AVAST Virus Lab has not observed any massive attack, however knowing about the potential risk, our Virus Lab is ready for the attack. avast! Mobile Security is capable of discovering different variations of malware code required to exploit the bug.

Who is exposed and how to protect yourself?

Basically everyone who owns an Android device without proper antivirus protection, tablet or mobile phone, with any version of Android OS, including the newest one is at risk for malware.

In order to prevent this exploit, or any other malware attack, once you purchase your device, we advise to install antivirus first, before installing any apps, importing contacts, or starting to browse online. Our avast! Free Mobile security, as well as its Premium version are available to download and install from Google Play.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

June 17th, 2014

AVAST kills Android ransomware with new app

avast! Ransomware Removal app eliminates Android ransomware and unlocks encrypted files, for free!

ransomware-removal-suitcase

Ransomware, the terror of Windows that locks computers, encrypts the files, then demands a hefty payment to unlock them, has made its way to Android smartphones.

“The ransomware problem is growing like hell – and it’s no longer just threatening users – the new versions actually do encrypt your files,” said Ondrej Vlcek, Chief Operating Officer at AVAST Software.

AVAST Software just released a new app called avast! Ransomware Removal that will eliminate the malware from an infected device. Get it free for your Android smartphone and tablet from the Google Play Store.

avast! Ransomware Removal will tell you if your phone has ransomware on it. If you are infected, it will eliminate the malware. Android users who are clean, can use the free app to prevent an infection from happening.

This short video shows you what actually happens when ransomware infects your Android smartphone.

The next wave of attacks

Savvy malware writers know where the next round of victims can be found. With Android at a whopping 80% worldwide market share, as well as “billions” of remaining mobile subscribers ready to upgrade to smartphones, the targets are numerous.

After detecting the massive growth of ransomware on PCs, this spring AVAST Virus Lab researchers saw the malware migrating to the Android platform. Analysts identified fake government mobile malware, and early this month a new ransomware called SimplLocker proved to be successful. This proof-of-concept worked so well encrypting photos, videos, and documents stored on smartphones and tablets, that the Virus Lab immediately ordered a tool from our mobile development team to combat it - avast! Ransomware Removal.

SimplLocker blocks access to files contained on mobile devices. Without our free ransomware-removal tool, infected users have to pay $21 to regain access to their personal files,” said Vlcek. “SimplLocker is the first ransomware that actually encrypts these files, so we developed a free tool for people to restore them.”

Find. Kill. Prevent.

Install avast! Ransomware Removal to find out if your Android devices are infected and to get rid of an infection. Anyone infected by SimplLocker, Cryptolocker, or any other type of ransomware can download the free avast! Ransomware Removal tool, and then install the app remotely on the infected device. Once installed, you can easily launch the app to scan the device, remove the virus, and then decrypt your hijacked files.

To keep your devices protected from Cryptolocker, SimplLocker, and other ransomware, make sure to also install avast! Free Mobile Security & Antivirus from the Google Play store. It can detect and remove the malware before it is deployed.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

 

June 10th, 2014

Keep your phone safe from hackers and thieves while on vacation

Traveling to Brazil for the 2014 FIFA World Cup, or just headed out to your local beach for a daytrip? You remember to pack your sunglasses, a hat, and plenty of sunblock, but don’t forget that your mobile gadgets need protection too.

world-cup-hackers Here’s a couple more items for your packing list:

  • avast! SecureLine VPN to protect against dodgy public WiFi
  • avast! Mobile Security and Anti-Theft to protect against thieves

That free WiFi HotSpot could get you in hot water!

Spectators at the 2014 FIFA World Cup Brazil will have lots of choices of free WiFi. At least 6 of the 12 World Cup stadiums have access to free WiFi built in, and planners have created WiFi hotspots across 2,300 access points, including parks, squares, and public transit stations. Fans not watching in person will check scores on their phone or watch live streaming matches by connecting to free WiFi at hotels and bars.

“A WiFi attack on an open network can take less than 2 seconds,” tweeted @ExtremeNetworks recently. Cybercrooks can access and steal your personal data when you connect to these unprotected networks. Having your identity stolen and bank account emptied out while on vacation could ruin any trip – even one to paradise!

“Hackers target public hotspots, where it’s easy to follow every move that users of the WiFi connection make, allowing them to access emails, passwords, documents, and browsing behavior,” said Vincent Steckler, Chief Executive Officer of AVAST Software.

Use a VPN service to make sure that doesn’t happen. avast! SecureLine VPN protects your privacy by making your logins, emails, instant messages, and credit card details invisible to spying.

Read more…

Comments off
June 4th, 2014

How to protect yourself from the coming virus apocalypse

After the takedown of a major botnet, users have a “two-week window” to protect themselves against a powerful computer attack that ransoms people’s data and steals millions of dollars from unsuspecting victims. 

Zeus_Banner_blhd01
If you read our blog, you are familiar with the dangers of the Zeus Trojan and ransomware, and how people get infected. Here’s a quick review:

1. The victim opens a carefully crafted email which is designed to look like it came from their bank or a well-known company.
2. The victim clicks on and runs an email attachment.
3. Malicious software like the one making the news now, Gameover Zeus, releases a Trojan which searches the computer for passwords and financial data.
4. Once Gameover Zeus finds what it’s seeking, cybercrooks instruct CryptoLocker, ransomware software, to hijack the computer, encrypt the files, and demand payment for it to be unlocked. To get access to your computer again, you must pay a ransom within a set amount of time.
5. Once infected, the computer becomes part of the global botnet.

The good news

Led by the FBI, agents from Europol and the UK’s National Crime Agency (NCA) brought two computer networks that used the Gameover Zeus botnet and Cryptolocker ransomware to infect up to a million computers and cost people more than $100 million under control of the good guys.

The bad news

As we explained in our blog post yesterday, GameOver Zeus May not be as Over as You Think, cybercrooks could conceivably build another botnet to replace the ones that were shut down.

Why the two-week window?

This window is based on the amount of time the FBI thinks they can ”hold the upper-ground against the cybercriminals.” Two weeks should be enough time for computer users to update their operating system software and security software and disconnect infected computers.

Steps to take now to protect your computer

Read more…

Comments off
May 27th, 2014

How to wipe the data from my lost smartphone

howto2_enQuestion of the week: My phone was lost and there is no way to recover it. Thank goodness I had the data backed up. How do I use avast! Mobile Security to wipe all my information off of it?

We’re sorry that you lost your phone. You are not alone. Over one hundred smartphones are lost or stolen every minute of every day, but unfortunately 34% of smartphone owners haven’t protected their phone like you did. Congratulations on taking the initiative to back-up your data! We found out that half of smartphone owners don’t back up their data, even though they are concerned about losing it. (This seems to be theme – same thing happens with changing passwords.)

Many smartphone owners do not have anti-theft installed

Half of smartphone owners don't backup their data

If there’s no way to recover the device, then you are wise to use avast! Mobile Security to remotely wipe your phone of all your personal data.

Thorough wipe

Avast! Mobile Security and Anti-Theft has remote features that allow you to take certain actions. Wiping the phone can be carried out by SMS command. This is useful in your case when you do not expect to get your phone back and you do not want a thief to access your personal data. Read about how you can set up remote control on your Android phone.

Thorough wipe allows avast! to permanently and irreversibly delete the content of any SD card when wiping the phone. Wiping smartphones using up to Android 2.1 is somewhat restricted as a factory reset of the phone is not possible. However, avast! will try to delete as much as possible, for example contacts, call logs, SMS/MMS, browser history and SD card content, but not emails or apps.

From Android 2.2 onwards, a full factory reset is possible so you have full wipe capabilities. However, please be aware that this will also delete avast! Anti-Theft, unless it was installed as a rooted application.

The thorough wipe will take up to ten minutes, and will physically and irrecoverably delete the actual contents of your SD card. It is your choice whether to select the maximum level of security by using the thorough wipe option.

Protect your data with avast! Anti-Theft

To do a full wipe, avast! Anti-Theft needs to be configured in the advanced settings as a device administrator, otherwise applications, emails etc. will not be deleted. Download and install avast! Mobile Security and Anti-Theft from the Google Play store.

Don’t forget to backup your data with avast! Mobile Backup. It saves your contacts, call logs, SMS history, photos, and other irreplaceable data to your AVAST Account (and, optionally, Google Drive) to ensure that your priceless data is never lost. Download avast! Mobile Backup for free from Google Play.

All SMS commands, along with a short description how everything works is explained in our manual (PDF). It’s short and easy to understand.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

May 21st, 2014

eBay becomes victim of security breach

Auction giant eBay requests 128 million users to change their passwords after hack.

tweet ebay

In a blog post from the company, eBay Inc. said a cyberattack “compromised a database containing encrypted passwords and other non-financial data.” There is no evidence that the compromise resulted in users’ financial or credit card information being stolen, but the company is telling all users to change their passwords.

Users need to be alert even after their passwords have been changed. After a breach like this the risk that hackers will use their personal information to commit identity fraud and launch phishing attacks increases. As always, do not click on links in emails, or give personal information over the phone. If you need to discuss your account information, please contact eBay’s customer service by phone or via their website.

“The eBay breach is yet another password issue like Heartbleed. It is really important that people take this seriously, ” said Ondrej Vlcek, Chief Operating Officer of AVAST Software. “Data from our recent survey shows that nine out of ten people intended to change their passwords after Heartbleed, but only 40% took action. This careless attitude is completely irresponsible; people have to take the initiative to protect themselves.”

A password manager like avast! EasyPass helps encrypt and protect personal information online, with random, strong passwords. Learn about creating strong passwords by reading our blog, My password was stolen. What do I do now?

Two weeks ago, eBay discovered that cyberattackers broke into their corporate network through a small number of employee log in credentials. They revealed that the database was actually compromised in late February and early March, and included eBay customers’ name, encrypted password, email address, physical address, phone number and date of birth. However, the database did not contain financial information or other confidential personal information.

Another eBay compromise yesterday

Yesterday in an unrelated attack, eBay’s UK and French advertisement network was compromised and showed fake Java and Flash updates. This malicious advertising replaced the visited page and an installer offered a Potentially Unwanted Program (PUP).  As of last night, they were working to resolve the issue. avast! Antivirus detected the compromise and alerted users.

“Third party ad networks are useful to attackers because the number of connections delays taking malicious content down,” explained Honza Zika, malware analyst in the avast! Virus Lab. “Instead of a normal ad, the attacker deploys a code that redirects to the attacker’s page. It’s designed to look like an official Flash or Java page, but installs unwanted toolbars, addons, extensions or other PUPs. avast! detected this and protected our users.”

Thanks to independent researcher Malekal for his work on this compromise. Read more on his blog.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

Categories: General Tags: , , ,