Traveling to Brazil for the 2014 FIFA World Cup, or just headed out to your local beach for a daytrip? You remember to pack your sunglasses, a hat, and plenty of sunblock, but don’t forget that your mobile gadgets need protection too.
- avast! SecureLine VPN to protect against dodgy public WiFi
- avast! Mobile Security and Anti-Theft to protect against thieves
That free WiFi HotSpot could get you in hot water!
Spectators at the 2014 FIFA World Cup Brazil will have lots of choices of free WiFi. At least 6 of the 12 World Cup stadiums have access to free WiFi built in, and planners have created WiFi hotspots across 2,300 access points, including parks, squares, and public transit stations. Fans not watching in person will check scores on their phone or watch live streaming matches by connecting to free WiFi at hotels and bars.
“A WiFi attack on an open network can take less than 2 seconds,” tweeted @ExtremeNetworks recently. Cybercrooks can access and steal your personal data when you connect to these unprotected networks. Having your identity stolen and bank account emptied out while on vacation could ruin any trip – even one to paradise!
“Hackers target public hotspots, where it’s easy to follow every move that users of the WiFi connection make, allowing them to access emails, passwords, documents, and browsing behavior,” said Vincent Steckler, Chief Executive Officer of AVAST Software.
Use a VPN service to make sure that doesn’t happen. avast! SecureLine VPN protects your privacy by making your logins, emails, instant messages, and credit card details invisible to spying.
A new Android mobile Trojan called SimplLocker has emerged from a rather shady Russian forum, encrypting files for ransom. AVAST detects the Trojan as Android:Simplocker, avast! Mobile Security and avast! Mobile Premium users can breathe a sigh of relief; we protect from it!
The Trojan was discovered on an underground Russian forum by security researchers at ESET. The Trojan is disguised as an app suitable for adults only. Once downloaded, the Trojan scans the device’s SD card for images, documents and videos, encrypting them using Advanced Encryption Standard (AES). The Trojan then displays a message in Russian, warning the victim that their phone has been locked, and accusing the victim of having viewed and downloaded child pornography. The Trojan demands a $21 ransom be paid in Ukrainian currency within 24 hours, claiming it will delete all the files it has encrypted if it does not receive the ransom. Nikolaos Chrysaidos, Android Malware Analyst at AVAST, found that the malware will not delete any of the encrypted files, because it doesn’t have the functionality to do so. Targets cannot escape the message unless they deposit the ransom at a payment kiosk using MoneXy. If the ransom is paid the malware waits for a command from its command and control server (C&C) to decrypt the files.
What can we learn from this?
Although this Trojan only targets a specific region and is not available on the Google Play Store, it should not be taken lightly. This is just the beginning of mobile malware, and is thought to be a proof-of-concept. Mobile ransomware especially is predicted to become more and more popular. Once malware writers have more practice, see that they can get easy money from methods like this, they will become very greedy and sneaky.
We can only speculate about methods they will come up with to eventually get their malicious apps onto official markets, such as Google Play, or even take more advantage of alternative outlets such as mobile browsers and email attachments. It is therefore imperative that people download antivirus protection for their smartphones and tablets. Mobile devices contain massive amounts of valuable data and are therefore a major target.
Ransomware can be an effective method for criminals to exploit vulnerable mobile users, many of which don’t back up their data. Just as in ransomware targeting PCs, this makes the threat of losing sentimental data, such as photos of family and friends or official documents, immense.
Don’t give cybercriminals a chance. Protect yourself by downloading avast! Mobile Security for FREE.
We’re sorry that you lost your phone. You are not alone. Over one hundred smartphones are lost or stolen every minute of every day, but unfortunately 34% of smartphone owners haven’t protected their phone like you did. Congratulations on taking the initiative to back-up your data! We found out that half of smartphone owners don’t back up their data, even though they are concerned about losing it. (This seems to be theme – same thing happens with changing passwords.)
If there’s no way to recover the device, then you are wise to use avast! Mobile Security to remotely wipe your phone of all your personal data.
Avast! Mobile Security and Anti-Theft has remote features that allow you to take certain actions. Wiping the phone can be carried out by SMS command. This is useful in your case when you do not expect to get your phone back and you do not want a thief to access your personal data. Read about how you can set up remote control on your Android phone.
Thorough wipe allows avast! to permanently and irreversibly delete the content of any SD card when wiping the phone. Wiping smartphones using up to Android 2.1 is somewhat restricted as a factory reset of the phone is not possible. However, avast! will try to delete as much as possible, for example contacts, call logs, SMS/MMS, browser history and SD card content, but not emails or apps.
From Android 2.2 onwards, a full factory reset is possible so you have full wipe capabilities. However, please be aware that this will also delete avast! Anti-Theft, unless it was installed as a rooted application.
The thorough wipe will take up to ten minutes, and will physically and irrecoverably delete the actual contents of your SD card. It is your choice whether to select the maximum level of security by using the thorough wipe option.
Protect your data with avast! Anti-Theft
To do a full wipe, avast! Anti-Theft needs to be configured in the advanced settings as a device administrator, otherwise applications, emails etc. will not be deleted. Download and install avast! Mobile Security and Anti-Theft from the Google Play store.
Don’t forget to backup your data with avast! Mobile Backup. It saves your contacts, call logs, SMS history, photos, and other irreplaceable data to your AVAST Account (and, optionally, Google Drive) to ensure that your priceless data is never lost. Download avast! Mobile Backup for free from Google Play.
All SMS commands, along with a short description how everything works is explained in our manual (PDF). It’s short and easy to understand.
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.
Congratulations on your cool new phone! It would be awful to lose that! Now that you have the free avast! Anti-Theft installed, you need to set it up so you can use the remote control features to control your phone via the avast! Portal or by SMS commands using a friend’s phone.
Communicate via your online account
First, make sure you set up an account on our online portal at my.avast.com to communicate with the anti-theft installation. Once you set it up, you get an overview of all your devices protected by avast! security products and you can pair the devices with the online account.
To pair your smartphone to the account open avast! Mobile Security, open the Settings section and tap on the avast! Account. The wizard will lead you through the registration or pairing process.
Once that’s done, you can remotely control your mobile devices on which avast! Mobile Security and Anti-Theft is installed.
Another way to communicate with your phone is by SMS commands using a friend’s phone. To do that you need to specify one or two phone numbers of friends or family members who will receive the Anti-Theft notifications from your phone.
To add a friend’s phone number, open avast! Anti-Theft and click on Friends. You can add one or two phone numbers here. Before you leave the screen, you have one more decision to make: Go to the bottom and check the box Only allow friend commands to allow SMS commands only from the specified friend’s numbers, or, if left unchecked, SMS commands will be accepted from any number. If you change your mind later, you can remove that restriction, by de-selecting the option.
SMS commands to remotely control your phone
Using the SMS commands, you can silently retrieve details of calls made and received, copies of incoming or outgoing SMS messages, you can remotely lock your phone, sound a siren or even remotely wipe your phone of all your personal data if you do not expect to recover it. You can also receive continuous GPS updates so that you can track your phone’s location.
Get avast! Mobile Security and Anti-theft for free
Install avast! Mobile Security and Anti-theft from the Google Play store.
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news and product information, please follow us on Facebook, Twitter, Google+ and Instagram. Business owners – check out our avast! Business Solutions.
The avast! Virus Lab professionals work together to stop malware from attacking your Android mobile phone.
Filip Chytrý, an analyst in the avast! Virus Lab will Declare war against Android Malware, together with his colleague, Peter Kalnai, at the 8th International CARO Workshop held in Melbourne, Florida this week. CARO (Computer Antivirus Research Organization) is a technical gathering of malware experts from around the world who share case studies of mobile attacks, do real life attack demonstrations, and present plans for the identification and investigation of coordinated mobile threats.
Along with his specialized knowledge in Android malware, Filip is a really fun guy. I asked him a few questions, so that you could meet one of the AVAST professionals directly responsible for keeping tens of millions of Android smartphone users safe from threats.
DEBORAH Thanks for taking time during your preparations for CARO to meet our users via the AVAST blog. Your job analyzing Android-targeted malware didn’t even exist when you were a little boy. What early experiences with technology influenced your career path?
FILIP Define early. I’ve been addicted to PCs since childhood. I had my very first PC when I was 8 years old; some old piece of junk which was at that time probably older than I, but I still have remarkable memories of that time. So from that time on, I was influenced by technology. Even in my leisure activities, I concentrated on PCs. I went on to graduate from the School of Applications Cybernetics in Hradec Králové in Czech Republic.
DEBORAH Protecting people’s desktop computers is how AVAST started, and now we’ve added free mobile security to our product offerings. How do we teach people to keep their smartphones and tablets safe just like their computers?
FILIP Most people still do not realize that their smartphones actually have more computing power and abilities than the computer they had in their homes five-ten years ago. The capabilities of their devices are incredible. Data in portable devices may say more about you than data from your PC. You have location data there, pictures, social media information and so on. Read more…
Today almost everyone and their mother has a smartphone, even your mom’s mom probably has a smartphone! Smartphones help us connect with people near or far, whether it be through traditional phone calls, text messages, photo and video sharing via apps or messaging services, smartphones have made keeping in touch routine, easy and instant. We share personal moments, large or small, with the people we love the most: our moms. All these personal moments are then stored on our smartphones, so it is imperative to protect them, which is why we think avast! Mobile Security is the perfect Mother’s Day gift.
Here are 6 reasons reasons to back that up:
1. Antivirus: Mom has always protected you, whether it be checking for monsters under your bed or making sure you put on a jacket before you leave the house. Now its your turn to protect your mom from mobile malware monsters from getting to her data. Our anti-virus scans apps, files and SMS for malicious malware and includes spyware.
2. Anti-theft: We all know moms are superheroes that don’t wear capes, always on the go, making sure everyone is taken care of and where they are supposed to be. We also know that mom-purses are like Mary Poppin’s never-ending bag, so it wouldn’t be surprising if mom lost her phone running between work and soccer practice drop-off or if she were to “lose” her phone in her ginormous wonder bag. avast! Anti-Theft helps locate, control and lock lost or stolen phones remotely, GPS track and sound a siren alarm, making it simple to retrieve missing devices.
Ransomware, which has already made its rounds on Windows, is now increasingly targeting the Android operating system. A new piece of mobile malware claiming to be the government under the name Android: Koler-A is now targeting users.
We have full control of your phone – give us $300 and we’ll give it back
The ransomware is pushed automatically from fake porn sites visited by Android users via a malicious .apk file that appears in the form of an app. The innocent appearance of the app deceives users and is a powerful social engineering tactic used by malware developers to trick people into installing malicious apps. The form of delivery is not the only thing that makes the app suspicious and potentially dangerous, but the access it seeks are highly unusual and alarming. The ransomware requests full network access, permission to run at startup and permission to prevent the phone from sleeping. Once installed the granted access allows the ransomware to take control of the device. The full network access allows the malicious app to communicate over the web and download the ransom message that is shown on the captive device. The permission to run at startup and prevent the phone from sleeping fully lockdown the phone, preventing victims from escaping the ransom message.
The ransomware localizes fake government messages, depending on the users GPS location, accusing them of having viewed and downloaded inappropriate and illegal content. What does the ransomware do next? Demands ransom of course! The ransom to regain access to the device including all of its apps, which it claims are all encrypted, is set at around $300 and is to be paid through untraceable forms of payment such as MoneyPak.
avast! Mobile Security safeguards against ransomware
Both AVAST’s free and premium mobile security apps, avast! Mobile Security and avast! Mobile Premium, protect customers from falling for the devious apps containing ransomware. AVAST detects this ransomware under the name Android: Koler-A and blocks its execution.
We recommend that everyone be cautious when downloading apps, especially from unofficial app markets. We also urge users to not open any files that have been downloaded to their device without their consent. Always check what apps want to access and in addition to being cautious, we advise people download antivirus to protect their devices. This new ransomware appearing on Android is the perfect example of how malware is starting to move away from the PC environment and into our pockets and there are no signs of this slowing down.
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news and product information, please follow us on Facebook, Twitter, Google+ and Instagram. Business owners – check out our business products.
From governments to thieves to your wife – it seems that everyone has access to your private data.
If you have a smartphone or tablet, people around you can discover your most deeply held secrets. You put all your private data and personal information there and… it’s at risk. The possibility of losing your phone or getting robbed is a major concern.
Is there anything that we can do to protect our private data? Some skeptics say no. I’m an optimist; I think there is always a way. Working for a security company makes us think that there is always a way to protect ourselves, to avoid danger, and to care about other users.
- 1. Use a PIN, password or pattern in your device. I’m lucky to have a phone where the numbers change their position on the screen and make the lockscreen even more secure. There are some apps that make your password “random” (obeying rules you’ve previously set).
- 2. Lock your most private apps. Lock your log in data but also your own messages, emails, personal notes, contacts, everything is in your pocket. offers the feature to secure even more sensitive parts of your device with the avast! Mobile Security App Locker that automatically asks for a PIN when you start the app.
- 3. Do not save banking or credit card credentials in your phone or, at least, not in the mobile browsers. Some banks, at least here in Brazil, have their own mobile app that never saves the passwords or PINs. Now, for Android, there are free password managers that adds a new security layer while browsing.
- 4. Do not be a happy clicker. People who expose themselves to scams or spam links, who download each single app they see from any kind of source put themselves at risk. OK, you’ll say this is not you. But, do you think twice on clicking in social media links or shares?
- 5. Do not take, send, save or share nude photos. No, this is not a moral commandment. It’s a privacy one. Read more…
How to save a wet smartphone
It happened with me, I jumped in the swimming pool with my phone in the pocket. Unfortunately, it was not the first time my phone was drenched. Some years ago, the villain was the rain. I was using a smartphone app to monitor my running pace and it started to rain. Not a light refreshing rain – no, a deluge, a Heavy rain. My phone was protected, but that was just too much rain.
At that time, I didn’t know what to do and made the wrong decisions. Some modern phones are waterproof, but others aren’t, and an accident involving water can be fatal. I’d like to share these hints with you on what to do if your phone decides to take a bath.
- The first thing you should do NOW is a backup! You’ve heard this before, but have you done anything about it? It’s always better to be safe than sorry. Your photos, videos and musics, your apps and game data – everything could literally sink in water. We offer a simple, yet easy solution: avast! Mobile Backup protects your data against such accidents. Try now the free basic version from Google Play Store.
- TURN YOUR PHONE OFF If your phone was dropped into water, the first thing to do is TURN IT OFF. And not only press the on/off button, but also remove the battery and cards completely. It’s a race against time. Each second is vital to avoid an electric shock and motherboard crash.
- Let all the water flow freely. The best position for the phone is horizontal over a table on a dry piece of cloth. Do not rub, do not use cotton, do nothing… Just let the water drain out.
- Dry the device carefully. After that, take a dry cloth or some absorbent paper to dry the device completely. Hold it with the screen facing up to drain all the water that could stay inside. Try not to shake it.
- Be patient. Have a lot of patience. That’s the keyword here. Keep the phone open for a long time, at least 24 hours. Some technicians recommend to put it into a pot and fill with raw rice (or gel silica, if you have it with you) to absorb dampness.
- After 24 hours, remove all the rice (or the small pieces of gel silica) and have patience again. Leave it open and exposed to air. Do not use hair dryers. Do not put the phone directly in the sun, because you can do more harm than good (harm to the screen, battery, or even the plastic parts.)
- Only after other 12-24 hours you could try to put battery again and turn it on.
- Of course, if you do not have luck, you’ll have to take it to technical assistance. But we wish you luck and that your phone will work again!
Besides getting wet, your phone can be lost or you could get infected with the ever-increasing malware being written for Android. Protect your phone for free with avast! Mobile Security & Antivirus. Get it on Google Play. Don’t be one of these careless people who neglect to protect their phones!
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter, Google+ and Instagram. Business owners – check out our business products.
Today one of our colleagues came into our office and said, “Hey guys, I’ve been infected.” I thought to myself, yeah, how bad can this be? After a bit of digging we found the results were worth it; it turned out to be a really “interesting ” case of mobile redirected threats localized for each country.
All you need is one bad IP
The case was brought to us by Jakub Carda, a fellow AVAST employee who enjoys blogging in his free time. His WordPress site was compromised through a vulnerability in WordPress, more precisely OptimizePress. OptimizePress is a WordPress plugin that fully integrates itself into the WordPress CMS, helping bloggers optimize their blog’s design. A tiny mistake in the code of a file located in: lib/admin/media-upload.php made it possible for pretty much anyone to upload harmful content onto people’s WordPress sites, and plenty of websites have been compromised because of this.