Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Archive for the ‘Android corner’ Category
July 24th, 2014

Mobile development start-up Inmite joins AVAST team!

logo Inmite

Inmite acquisition adds 40 mobile developers to AVAST’s growing mobile business

Our 220 million AVAST users are moving many of their online activities to mobile devices, just like the rest of the world. Cybercriminals are well aware of the shift and are increasing their activities as well. In order to better protect our current and new mobile users, we are pleased to announce that we brought Inmite, a mobile application development firm, into the AVAST family.

Through this acquisition, we are adding 40 very talented and experienced mobile developers to our growing mobile business.

“Inmite’s team consists of great mobile developers and by joining AVAST, they’re going to further accelerate our growth and expand our capabilities across mobile platforms,” said Vince Steckler, CEO at AVAST.

Inmite has built more than 150 mobile iOS, Android and Windows Phone apps for the automotive, banking, media and telecommunications industries since 2008. The company is recognized as a Top Developer on Google Play, and also developed the world’s first Google Glass banking prototype, and other ‘internet of things’ devices.

“In order to make a greater impact worldwide, we wanted to go big with a global mobile leader who believes in technologies for the future. AVAST shares this vision and is the ideal partner for us,” said Barbora Petrová, spokesperson of Inmite.

Read more on VentureBeat, Avast acquires Czech mobile dev shop Inmite, and in the official press release.

AVAST Software acquires Inmite mobile development start-up

Avast co-founders Eduard Kucera and Pavel Baudiš take a Selfie with Inmite company founders.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter, Google+ and Instagram. Business owners – check out our business products.

July 17th, 2014

Tinybanker Trojan targets banking customers

Tinba Trojan specifically targets bank customers with deceitful debt notice.

The Tinba Trojan is banking malware that uses a social engineering technique called spearfishing to target its victims. Recently, targets havebeen banking customers in Czech Republic, AVAST Software’s home country. Tinba, aka Tinybanker,  was first reported in 2012 where it was active in Turkey. A whitepaper analyzing its functionality is available here (PDF). However, the spam campaigns against bank users in Czech Republic are still going on and have became more intensive. Here is an example of what Czech customers recently found in their email inbox.

Czech version:

VÝZVA K ÚHRADĚ DLUŽNÉHO PLNĚNÍ PŘED PROVEDENÍM EXEKUCE

Soudní exekutor Mgr. Bednář, Richard, Exekutorský úřad Praha-2, IČ 51736937, se sídlem Kateřinská 13, 184 00 Praha 2
pověřený provedením exekuce: č.j. 10 EXE 197/2014 -17, na základě exekučního titulu: Příkaz č.j. 077209/2014-567/Čen/G V.vyř.,
vás ve smyslu §46 odst. 6 z. č. 120/2001 Sb. (exekuční řád) v platném znění vyzývá k splnění označených povinností, které ukládá exekuční titul, jakož i povinnosti uhradit náklady na nařízení exekuce a odměnu soudního exekutora, stejně ták, jako zálohu na náklady exekuce a odměnu soudního exekutora:

Peněžitý nárok oprávněného včetně nákladu k dnešnímu dni: 9 027,00 Kč
Záloha na odměnu exekutora (peněžité plnění): 1 167,00 Kč včetně DPH 21%
Náklady exekuce paušálem: 4 616,00 Kč včetně DPH 21%

Pro splnění veškerých povinností  je třeba uhradit na účet soudního exekutora (č.ú. 549410655/5000, variabilní symbol 82797754, ČSOB a.s.), ve lhůtě 15 dnů od
doručení této výzvy 14 810,00 Kč

Nebude-li  uvedená částka uhrazena ve lhůtě 15 dnů od doručení této výzvy, bude i provedena exekuce majetku a/nebo zablokován bankovní účet  povinného ve smyslu § 44a odst. 1 EŘ a podle § 47 odst. 4 EŘ. Až do okamžiku splnění povinnosti.

Příkaz k úhradě, vyrozumění o zahájení exekuce  a vypučet povinnosti najdete v přiložených souborech.

Za správnost vyhotovení Alexey Mishkel

 

English translation:

Distraint notice
———————
Bailiff [Academic title] [First name] [Last name], Distraint office Prague-2 ID: 51736937 at Katerinska 13, 184 00 Prague 2 was authorized to proceed the execution 10 EXE 197/2014 -17 based on execution Order 077209/2014-567/Cen/G according to §46 paragraph 4, 120/2001 law collection in valid form which impose you to pay these costs:

Debt amount: 9,027.00 CZK ($445.00)
Distraint reward: 1,167 including 21% TAX
Fixed costs: 4,616 CZK including 21% TAX
Total: 14,810 CZK ($730.00)

To bank account 549410655/5000, variable symbol 82797754, CSOB a.s.

For the correctness of the copy warrants Alexey Mishkel

Using the spearfishing social engineering tactic, the attackers attempt to scare their victims with a specially designed email message explaining that there exists a debt which needs to be paid.

Read more…

July 11th, 2014

Six ways to secure your smartphone

AR AMSpost-enI bet you would be lost without your smartphone. It’s your lifeline to contacts, emails, and personal information, not to mention all those apps that you use for fun, entertainment, and business. You probably have bought something using your phone, so your credit card information is there, as well as your account log ins. In other words, it would be disastrous to lose it to a thief or be infected with a data-stealing app.

Keep reading for some solid tips that will help you secure your Android smartphones and tablets.

1. Install security software

Protect your smartphone or tablet from malicious attacks. Malware targeted at Android devices is increasing daily, and we project that it will be at PC levels in the next 4 years. Avast! Mobile Security stops malware, plus it help you locate your device if it is lost or stolen with avast! Anti-theft.   Install avast! Mobile Security and Anti-theft from the Google Play store, https://play.google.com/store/apps/details?id=com.avast.android.mobilesecurity

2. Use trusted stores to install apps

The major app stores like Google Play and Amazon are the safest places to go for apps. These have strict vetting procedures, so they are reliable sources most of the time. The ones you need to watch out for are the unregulated third party app stores, often originating from Asia or the Middle East.

For an extra safeguard on your Android device, disable the installation of apps from unknown sources by going to Settings>Security and unchecking the “Unknown Sources” option. Also check the “Verify Apps” option to block or warn you before installing apps that may cause harm.

3. Use a PIN or password and lock your apps

Your Android phone has its own security settings, so we recommend that you set a PIN number with a strong number code to lock the screen. To set your PIN or a pattern, go to Settings>Lock screen.

Read more…

July 9th, 2014

Android Forensics, Part 1: How we recovered (supposedly) erased data

Introduction to Android forensics (aka CSI: Android)

Digital forensics is a branch of science which deals with the recovery and investigation of materials found in digital devices. Forensics is usually mentioned in connection with crime, vaguely similar to criminal investigations on TV shows like CSI: Crime Scene Investigation and NCIS. However, several experiments (1, 2), including this one, use methods of digital forensics as proof that people do not pay attention to what happens with their personal data when replacing their digital devices (computers, hard drives, cell phones). In this blog post series we will reveal what we managed to dig out from supposedly erased devices. The sensitive information includes pictures (even very private ones!), videos, contacts, SMS messages, Facebook chat logs, Google searches, GPS location coordinates, and more.

What happens to the file when it is “deleted”

When people want to delete a file, most will use the standard features that come with their operating system. After it’s done, they consider the unwanted data to be gone forever. However, this is not true. When a file is deleted, the operating system merely deletes the corresponding pointers in the file table and marks the space occupied by the file as free. The reality is that the file is not deleted and the data it contained still remains on the drive. With regular usage of the drive, the remaining data will sooner or later be overwritten with different data. The same thing happens on your PC.

The following screenshots show the scenario. We used the program FTK Imager to mount the image of a partition containing user data. The first figure shows a [root] directory followed by [unallocated space]. Although all the sensitive files were deleted in the regular way, something still remained in unallocated space. In this particular example, we managed to dump 251 blocks of unallocated data and to recover interesting messages, for example from a Facebook chat. The seller of this HTC Sensation cell phone thought that his personal was cleared out, but the figures below show that he/she was tragically mistaken.

ftk_imager Read more…

July 8th, 2014

Tens of thousands of Americans sell themselves online every day

The Internet has become a virtual flea market, with online consumer-to-consumer sites like Amazon, eBay, and Craigslist selling millions of products every day. Used smartphones are a popular sales item on eBay – more than 80,000 people list their phones for sale each day. It seems like a smart way to make some extra money, but AVAST has found out that many fail to protect their identity in the process. 

AVAST recovers an abundance of personal data from used smartphones 

Most sellers delete all of their personal data prior to selling their used devices… or so they think. We purchased 20 used Android phones off eBay and used simple and easily available recovery software to restore deleted files. The amount of data we were able to retrieve was astonishing and proves that simply deleting is not enough.

Our analysts found the following:

  • More than 40,000 stored photosUsed Smartphones for Sale
  • More than 1,500 family photos of children
  • More than 750 photos of women in various stages of undress
  • More than 250 selfies of what appear to be the previous owner’s manhood
  • More than 1,000 Google searches
  • More than 750 emails and text messages
  • More than 250 contact names and email addresses
  • Four previous owners’ identities
  • One completed loan application

One phone even had a competitor’s security software installed, but unfortunately it did not help the former owner as it revealed the most personal information out of all the phones we analyzed. 

No one cares about my old photos, messages and Google searches, right?

Wrong! As the old saying goes, a picture is worth a thousand words. Now add private Facebook messages that include geo-location, Google searches for open job positions in a specific field, media files, and phone contacts. Put all of these pieces together to complete the puzzle and you have a clear picture of who the former smartphone owner was. Stalkers, enemies, and thieves can abuse personal data to stalk, blackmail and steal people’s identities. They can use this information to watch people’s every move, exploit their strange fetishes, open credit cards in their name, or even continue what they started by further selling their personal information online. 

How to permanently delete and overwrite data from your Android phone 

Deleting files from your Android phone before selling it or giving it away is not enough. You need to overwrite your files, making them irretrievable. To do so, install avast! Anti-Theft from the Google Play Store for free. Once you have the app installed, turn on the “thorough wipe” feature within the app. You will then need to create a my.avast account to connect to the phone (this allows users to remotely wipe their phones in theft cases as well). The final step is to wipe the phone clean, which will delete and overwrite all of your personal data. 

AVAST Used Smartphone Infographic

Read about our investigation:

Android Forensics, Part 1: How we recovered (supposedly) erased data

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

July 2nd, 2014

How to prevent unnecessary costs of AVAST SMS notifications when replacing your SIM card

avast! Anti-Theft is a separate program included in the avast! Free Mobile Security appYou can install it at the same time as avast! Mobile Security, or later, during a separate installation. Its unique capabilities help you recover your phone by controlling it remotely with SMS commands or via the Internet by logging in to your AVAST account. The app can also notify you that your SIM card was removed, in case the device was stolen. All that will help you to control and locate your lost or stolen smartphone. Since its release, we have received many messages from all around the world, proving that avast! Anti-Theft has helped many users find their missing devices. A dramatic story with happy end came to us from the Humayuns brothers. They were attacked at a Pakistani market. Their smartphone was stolen during the attack. Luckily they were able to catch the thief using avast! Anti-Theft. Stories from the open road have also come our way from motorbike AVAST fan DuckyBoy and truck driver Steven B., who used AVAST to track their missing smartphones lost on the roads of USAWe even received a detective-like story from sisters Katharina and Nicole. Nicole’s phone was stolen during the trip to Vietnam, AVAST notified her sister Katharina that her SIM card had been changed and provided her with the phone’s new number. Using this information the girls successfully tracked down the stolen device (with a little help from Vietnamese authorities). Last but not least avast! Anti-theft managed to locate a phone that was lost for a year and a half, it traveled a great distance within Africa before it was found!

DiedreD-user-testimonial

 

However, we have also spotted questions from users who were surprised by the “extra charges for the SMS notifications”. Some thought the charges came from AVAST. Let’s clarify this functionality and explain, why mobile operators can charge you for SMS notifications sent from the avast! Anti-theft app.

Why is it happening and how to prevent unexpected costs?

Read more…

Comments off
July 1st, 2014

Avoid regrettable mistakes; proactively protect yourself

Even the most careful planning sometimes cannot mitigate human error. A week ago, a photograph of the World Cup Security Center showing the WiFi password on a whiteboard in the background was published on the internet and immediately retweeted numerous times.

Last February, during the Super Bowl XLVIII pre-game show, the Super Bowl security headquarters was shown on a television broadcast along with the stadium’s internal WiFi login credentials.

super-bowl-security-fail-620x463

These so-called “epic fails” are highly publicized examples of regrettable mistakes that every human on the planet is familiar with – because we all make them. Maybe not at that scale; but I dare say, that no one at FIFA or the NFL intentionally set out to expose themselves or their organization to danger.

It could happen to you

So let’s stop giggling at these public slip ups and talk about our collective failure at securing our own passwords and other data. Read more…

June 20th, 2014

Samsung Galaxy S5 and other popular phones vulnerable to “TowelRoot” Android exploit

avast! Mobile Security detects TowelRoot exploitsavast! Mobile Security protects from an Android flaw which leaves nearly all new smartphones and tablets vulnerable to attack.

Last week, a wave of articles about a newly discovered Android security flaw flooded the Internet. They sounded a warning, similar to this:

“A flaw in the Android operating system may leave many Android phones and tablets vulnerable to attack, including the Samsung Galaxy S5 and Google’s own Nexus 5,” reported Jill Scharr in a Tom’s Guide article.

Our Virus Lab did not waste  time and started preparing for the inevitable attacks. AVAST researchers dug into the subject looking for malware to make  sure that avast! Mobile Security is ready to protect our users. If you are an avast! user and your tablet or smartphone is protected by avast! Mobile Security, you are protected.

“Even though TowelRoot is not malicious itself, it may be misused as an exploit kit. Generally, TowelRoot can be used as a delivery package for malicious applications,” explained  Filip Chytry, an AVAST Virus Lab expert on mobile malware. “It’s capable of misusing a mistake in Android code which allows attackers to get full control over your Android device. TowelRoot itself is more a proof-of-concept, but in the hands of bad guys, it can be misused really quickly. For this reason we added it to our virus signatures, so Avast detects it as Android:TowelExploit.”

Android has not made an official statement on the security flaw, however our researchers confirm that even the latest versions of the operating system are exposed (version 4 and all higher). It is very likely that versions 3.0 can be attacked, too. For those who just purchased an Android device or don’t have protection yet, we strongly recommend that you install avast! Mobile Security, before taking any further actions. Despite the fact that some of the mobile providers claim that their devices are immune to this particular Android exploit, it is highly risky to leave your device unprotected.

What is the TowelRoot Android vulnerability?

Earlier this month a security flaw in Linux, the operating system which Android is based upon, was discovered by a young hacker known as “Pinkie Pie.” Soon afterwards, a gifted teenager, notable because he was the first to unlock the unlockable –  an iPhone at the age of 17, prepared a tool kit for potential hackers. Its instructions are available publicly to “purchase,” allowing even less advanced programmers to write a script that will use the exploit.

The potential exists for hackers to take full control; to simply root your device. So far the AVAST Virus Lab has not observed any massive attack, however knowing about the potential risk, our Virus Lab is ready for the attack. avast! Mobile Security is capable of discovering different variations of malware code required to exploit the bug.

Who is exposed and how to protect yourself?

Basically everyone who owns an Android device without proper antivirus protection, tablet or mobile phone, with any version of Android OS, including the newest one is at risk for malware.

In order to prevent this exploit, or any other malware attack, once you purchase your device, we advise to install antivirus first, before installing any apps, importing contacts, or starting to browse online. Our avast! Free Mobile security, as well as its Premium version are available to download and install from Google Play.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

June 19th, 2014

How to use avast! Ransomware Removal?

howto2_enEarlier this week AVAST released a new Android app called avast! Ransomware Removal that will remove SimplLocker from infected devices.

SimplLocker blocks access to files on infected mobile devices by encrypting them. Without our free ransomware removal tool, infected users have to pay $21 to regain access to their personal files. SimplLocker  is the first ransomware that actually encrypts  files, so we developed a free tool for people to restore them. – said Ondrej Vlcek, Chief Operating Officer at AVAST Software.

After being available on Google Play for a few days to the public, the app has already been received with huge enthusiasm. We, however, spotted some questions regarding the tool on social media and addressed to our support team. In this article we will explain, how to install, run the tool and why it is important to uninstall it after AVAST has done its job!

1. How can I install the avast! Ransomware Removal tool, if my mobile is already being blocked by the malware? Read more…

June 18th, 2014

Google Play Store changes opens door to cybercrooks

mobile appsLast week, Google upgraded the Android app section of its store and introduced a new way for users to manage permissions. Google claims it will be easier  for users to understand and that users will pay more attention to app permissions. The new interface has a cleaner look and the common user can now install apps more quickly. But does this simplicity come with a price?

Android controls the security and the amount of access every app is granted by using “permissions”. Each action has to ask the operating system for permission to take a new action. In older versions, when an app update asked for new actions or requested additional permissions, Google Play would notify the user prompting them to explicitly accept or deny the new action. Even if the user had automatic updates set, in the cases of new permissions being asked, the user would need to manually perform the update. Even if the user wasn’t exactly sure what they were giving permission for, at least the user was aware and could make the decision themselves. Security was preserved.

Everything is different now

Everything changed last week.

Individual permissions, which could range from important to trivial, are now joined into 13 groups, including a catch-all called “Other”. Now the user has to accept a “new group” change. This means that if you have already allowed certain permissions within a group, then any other permission within that group will automatically be allowed. For example, an app that could access your calendar can now also read your contacts. If you set a meeting and have invited people by email, the app will be able to use the calendar to send emails to them, even without your consent!  Read more…

Comments off