The AVAST forum is currently offline and will remain so for a brief period. It was hacked over this past weekend and user nicknames, user names, email addresses and hashed (one-way encrypted) passwords were compromised. Even though the passwords were hashed, it could be possible for a sophisticated thief to derive many of the passwords. If you use the same password and user names to log into any other sites, please change those passwords immediately. Once our forum is back online, all users will be required to set new passwords as the compromised passwords will no longer work.
This issue only affects our community-support forum. Less than 0.2% of our 200 million users were affected. No payment, license, or financial systems or other data was compromised.
We are now rebuilding the forum and moving it to a different software platform. When it returns, it will be faster and more secure. This forum for many years has been hosted on a third-party software platform and how the attacker breached the forum is not yet known. However, we do believe that the attack just occurred and we detected it essentially immediately.
We realize that it is serious to have these usernames stolen and regret the concern and inconvenience it causes you. However, this is an isolated third-party system and your sensitive data remains secure.
CEO AVAST Software
Starting this week, we have made most of our Avast antivirus products and solutions free for use by schools and libraries in the US. This is just the first step and if it is successful, we will extend it worldwide. We are doing this for a couple of reasons. First, even though schools need security products, in these tough budget times, they need the ability to focus their spending on teaching. A couple of us here at Avast used to run the government and education sales at Symantec some years ago. We know that schools spend a lot on security—money that could be better spent on teaching.
In a survey of 100,000 Avast users this past weekend, Avast users have shown just how close the upcoming Presidential Election is. The survey shows a narrow preference for Romney in the popular vote resulting in a large advantage for Romney in the Electoral College Vote. At the same time though, a clear majority believe that Obama will actually win:
- 48.9% of users who are registered voters said they will definitely vote for Romney, compared to 46.1% who will vote for Obama. Interpreted by electoral votes, this is 290 votes for Romney and 230 for Obama.
- As to who they think will actually win the election, however, 47.6% think Obama compared to 39.6% in Romney’s favor. Interpreted electorally, this gives 349 to Obama and only 189 to Romney.
- New Mexico and Virginia are dead heats—46.9% for each candidate in New Mexico and 47.6% in Virginia.
- The other tightly contested states in the survey are Florida with 49.2% for Romney and 47.5% for Obama; Ohio with 48.8% for Romney and 46.3% for Obama; and New Hampshire with 48.2% for Obama and 45.3% for Romney.
Of course, this has nothing to do with security, we don’t mix politics with business, and we have not taken any position on the election. Furthermore, we are based in the Czech Republic so any position we took would be meaningless anyways. But still, we have a large base of users in the USA—about 11 million—and we thought it could be insightful if their collective opinion could predict the election results as well as the professional polling firms. Read more…
For nearly the past two years Avast has used iYogi to provide free phone support to our users, primarily our free users. With over 150 million users around the world, we naturally have some users that desire phone support. Delivering free phone support to the users of free products is obviously a challenge. As such, the freemium support model used by iYogi and others was very useful. With this support, Avast users received free phone support for any issue to do with Avast. Then, after helping the user, the user would be offered an opportunity to upgrade to an annual iYogi remote support package for any issue with their computer.
In general this model worked very well and provided free phone support to 20,000 – 30,000 Avast users a month. Customer satisfaction levels were also very high with just sporadic complaints. However, as Krebsonsecurity.com, a well-known blog on cybercrime and security issues, highlighted yesterday, at times this model did not work correctly. Instead, iYogi service representatives appear to have attempted to increase sales of iYogi’s premium support packages by representing that user computers had issues that they did not have.
Avast is a very non-traditional company in that positive referrals and recommendations from our user base drive our product usage. We do not distribute our products in retail, via computer manufacturers, or other similar channels. This model has served us well and has made us the most popular antivirus product in the world. Last year we added over 30M new users on top of almost 30M new users in the previous year. As such, any behavior that erodes the confidence our users have with Avast is unacceptable. In particular, we find the behavior that Mr. Krebs describes as unacceptable.
We had initial reports of this behavior a few weeks ago and met with iYogi’s senior executives to ensure the behavior was being corrected. Thus, we were shocked to find out about Mr. Krebs’ experience. As a consequence, we have removed the iYogi support service from our website and shortly it will be removed from our products. We believe that this type of service, when performed in a correct manner, provides immense value to users. As such, over the next weeks, we will work with iYogi to determine whether the service can be re-launched.
In the meantime, users can receive support via the other support options provided on our website. We will also work to ensure that any users that feel they have been misled into purchasing a premium support receive a full refund. We ask that users send any complaints or concerns to firstname.lastname@example.org or even to myself, the CEO, if desired, email@example.com.
Having over 100 million users has its downside—it means that users searching for Avast are also a prime target of scammers as well as legitimate companies trying to piggy-back on our name recognition. Every day we receive complaints from people that have been scammed. Some have been scammed into paying to download a free copy of Avast. Others have been tricked into buying a product they thought was Avast but was not. This happens in many different ways but at the core is the greatest scourge of the internet—socially engineered scams and deceptions. Thieves and even legitimate companies are masters at taking advantage of people’s natural penchant to trust others. Some scams are quite blatant and most of us would consider them theft or cheating. Others are much less obvious and may even be considered zealous marketing and selling. One finds such deceptions in search results, on download sites, and even in internet domain names. Read more…
If you have seen the new Avast website (available only in English and French right now) or products, you have surely seen our new logo:
Today is the big day—the day we (and many of you) have been waiting for—we are starting the release of the Version 5.0 products today. This is a pretty complicated roll-out so we are staging it. Today we will be releasing the new products (and the new website) in English and French. Over the next 10 days or so, we will be releasing the products and website in additional languages (German, French, Spanish, Portuguese, Czech, Russian, Polish, Chinese, Japanese, and possibly Korean, and Arabic). Other languages will then be added as we have them available.
Three products (Free Antivirus, Pro Antivirus, and Internet Security) and a new website are being released today. Even though we have expanded our product portfolio, our philosophy of having and promoting a top-notch free antivirus is paramount. This philosophy has enabled us to achieve 100 million users and we are continuing it. As you read through our new website and launch information, you will see that not only is the new free product easier to use and more visually appealing than the old product, it provides even more security protection. And it is still free and free from annoying pop-ups and requests for money.
These products are not minor updates from the existing products. They are all new. Some of the changes—such as the new user interface—are obvious. Some are not obvious at all (such as the new scanning engine). All-in-all we think they are a vast improvement from the current products—modern, light, fast, and very effective. For details, see the product detail pages on the new website. Read more…
Virus Bulletin, one of the most respected reviewers of security products, wrote a very detailed review of the Avast 5.0 beta products in their January issue (http://www.virusbtn.com/files/Avast-Jan2010.pdf). This is a lengthy review but to me the best line was their summation of the new free product: “the free version being available to all without charge is nothing short of a miracle”. There was also a review of it in the recent AV-Comparatives test of performance/system impact. The product scored the highest rating: A+.
With the new Free Version 5.0, we attempted (and we think succeeded) to raise the bar on free security products. We decided that our new free product needed to be the best antivirus product in the world—not just the best free product. We think we have succeeded, or come darn close. Now you the users (and of course the reviewers) can let us know…. Read more…
As we get ready to launch our new Avast! Free Antivirus Version 5, we are proud to announce that Google has chosen this product for inclusion in Google Pack. Google Pack is a package of free software that Google assembles and distributes to its users around the world. Google Pack includes Avast for the following languages: French, German, Italian, Czech, Spanish, Russian, Portuguese, and Polish. Read more…
We did it. We reached the 100 million user milestone at 10:59 Tuesday morning. We have been anticipating this event all year. We started the year with about 70 million users. We had a little celebration and promotion for 75 million users. Then we watched 80 million and 90 million go by. By October it was clear that we would cross 100 million in December. So, on the morning of 8 December all of our staff crowded around a large monitor to watch the registration counter tick upwards to 100 million. We had a little self-induced tension in the event—just 30 seconds before the 100 million mark, someone hit a button on a remote control that switched the display away from the count—some seconds of mad scramble restored the picture. Read more…