Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

May 29th, 2014

Beware, soccer fans: Not all apps are team players, some shoot for more!

The World Cup in Brazil is just two weeks away, are you in the soccer spirit? The AVAST mobile malware team and I have tournament fever and have been downloading games and other soccer related apps from the Google Play store. We unfortunately noticed that some of the fun apps we downloaded weren’t as entertaining as we thought they would be…

AVAST detects fake soccer gaming app: Android:FakeViSport

Some of the Android gaming apps we downloaded primarily displayed ads instead of letting us play. Let me just point out a few from many. We were unable to play Corner Kick World Cup 2014 at all because it displayed nothing but a white screen, with ads popping up now and then. This app struck me as odd from the get go. When I checked the size of the app I noticed it was really tiny, less than 1MB. What kind of game can you expect from an app this size?! What is even more interesting is that the game is made by a developer called VinoSports. If you check the rest of his apps offered on Google Play they are all the same – just blank applications stuffed with advertisements.

Vinospots

wideThis is unfortunately a quite common and sneaky way for developers to make some money. With applications like this, the only person who benefits from them are the developers. They may get some money if you actually click on the ads their apps display. We decided to block apps from VinoSports. From now on, they will be detected as Android:FakeViSport. They are fake applications in that they pretend to be something desirable, but they aren’t.

Some apps are in the gray zone

The second app I would like to mention is Fifa 2014 Free – World Cup. The app comes from a pretty big developer, “Top Game Kingdom LLC”, who has plenty of apps on Google Play and other stores. This however does not mean the app should be trusted. Fifa 2014 Free – World Cup, can be considered, at the very least, suspicious.

As for the app Football World Cup 14: The application’s installation package name doesn’t have anything to do with the name of the app itself. The app is called Football World Cup 14, yet its installation package is called “com.topgame.widereceiverfree”.Football World Cup 14, also known as “Widereceiverfree” requests access to information that has nothing to do with the app’s function, like location, call log, and to other accounts on the phone.

Weirdly enough the Football World Cup 14′s developer has even more applications on the market, most of them behave similarly. They pretend to be something different than what they really are. In the end you might get something that can be considered a game, a game with plenty of obstacles such as and with permissions that could easily misuse personal information.

Tom game kingdom

Apps that display ads are not necessarily malicious. Plenty of apps, especially free apps, are funded by ads. They can, however, be annoying, particularly when they don’t go away and prevent you from using the app itself. Apps that access more information from your phone than they need to function seem harmless, especially since there is no visible evidence of this happening, but they can cause more harm than you may think.

We recommend you to take a closer look at the apps you download during tournament time, be it gaming apps, live streaming apps or apps that allow you to bet for your national team, to make sure you stay safe and as ad free as possible!

Things to look out for when downloading apps:

  1. Make sure you download from official apps markets. Many of our mobile malware samples come from unofficial app markets, only very few come from the official Google Play store.
  2. Download official apps you can trust. Google Play is an open and developer friendly platform, which is why it contains a plethora of apps. We totally understand why people are sometimes overwhelmed with all the apps they can choose from, we found over 125 vuvuzela apps on Play! We recommend users play it safe and download official apps from developers they can trust. Trusted developers appreciate their users, meaning they want to provide them with a quality product, not one that is flooded with apps. FIFA has a great live score/news appand EA Sports has an official FIFA gaming app.
  3. Compare app functionalities to the access they request. Some apps need access to certain data on your device, a map app needs access to your location so it can give you directions. App access requests start becoming suspicious when for example your vuvuzela app wants access to your location. Unless your new vuvuzela app uses your location to determine what country you are in to then play your country’s national anthem, why does it need to know your location? Always be cautious when giving apps access and make sure the requests make sense depending on what the app does. You don’t want to carelessly hand over sensitive information that could later be used against you.
  4. Read user comments. You can’t always trust what people write online, but if multiple people really appreciate or dislike an app you can get a good idea of whether or not you should download it based on the feedback they give.

Our mobile security app avast! Mobile Premium has an Ad Detector feature. Ad Detector finds out which apps are linked to ad networks and provides details of their tracking system, so you have a full overview of all the ad networks contained within your apps.

You can download avast! Mobile Security for free from Google Play or for additional features, like Ad Detector, you can download avast! Mobile Premium for $1.99 a month.

 

 

May 28th, 2014

10 reasons why you should join the AVAST team!

AVAST Software is a global leader in the security field. With nearly 220 million activly protected devices and its users we can call ourselves the most trusted antivirus company in the world, especially since 60% of our users install avast based on recommendation. This is already a solid reason to join the AVAST team, but is that all that AVAST is about? No!

 

1. AVAST has the X-factor. Voted Czech Republic’s Best Employer

If you are talented and creative and want to show it off, AVAST is the place for you! Become one of our code masters, product ninjas, customer care gurus, ecom commandos, marketing geniuses or  an indispensable!

our ninjas
2. Location matters!

AVAST is headquartered in Prague, one of TripAdvisor’s Top 5 Cities in the world for 2014. With the largest castle in the world and historic gothic churches, as well as a lively music scene complemented by top-tier restaurants, Prague is a city that has learned to dance easily between the ancient and modern. Not mention, the cheapest beverage you can get in the Czech Republic isn’t a tap water, its legendary Czech beer! :) 

Prague

3.  Size matters!

The AVAST team is the perfect size with approximately 400 people. We are not a large, anonymous corporation! There is a great chance you will meet new friends and perhaps even your soul mate ;). Amongst our employees 20% are women and we speak more than 40 languages, including everything from Chinese and Japanese to Arabic and Hebrew. We have 30 different nationalities on our team!

4. Your place to grow!

You will get a chance to develop professionally in many fields. Our experts visit and speak at prestiges conferences and trainings, we even offer Czech languages courses!

Read more…

Comments off
May 27th, 2014

How to wipe the data from my lost smartphone

howto2_enQuestion of the week: My phone was lost and there is no way to recover it. Thank goodness I had the data backed up. How do I use avast! Mobile Security to wipe all my information off of it?

We’re sorry that you lost your phone. You are not alone. Over one hundred smartphones are lost or stolen every minute of every day, but unfortunately 34% of smartphone owners haven’t protected their phone like you did. Congratulations on taking the initiative to back-up your data! We found out that half of smartphone owners don’t back up their data, even though they are concerned about losing it. (This seems to be theme – same thing happens with changing passwords.)

Many smartphone owners do not have anti-theft installed

Half of smartphone owners don't backup their data

If there’s no way to recover the device, then you are wise to use avast! Mobile Security to remotely wipe your phone of all your personal data.

Thorough wipe

Avast! Mobile Security and Anti-Theft has remote features that allow you to take certain actions. Wiping the phone can be carried out by SMS command. This is useful in your case when you do not expect to get your phone back and you do not want a thief to access your personal data. Read about how you can set up remote control on your Android phone.

Thorough wipe allows avast! to permanently and irreversibly delete the content of any SD card when wiping the phone. Wiping smartphones using up to Android 2.1 is somewhat restricted as a factory reset of the phone is not possible. However, avast! will try to delete as much as possible, for example contacts, call logs, SMS/MMS, browser history and SD card content, but not emails or apps.

From Android 2.2 onwards, a full factory reset is possible so you have full wipe capabilities. However, please be aware that this will also delete avast! Anti-Theft, unless it was installed as a rooted application.

The thorough wipe will take up to ten minutes, and will physically and irrecoverably delete the actual contents of your SD card. It is your choice whether to select the maximum level of security by using the thorough wipe option.

Protect your data with avast! Anti-Theft

To do a full wipe, avast! Anti-Theft needs to be configured in the advanced settings as a device administrator, otherwise applications, emails etc. will not be deleted. Download and install avast! Mobile Security and Anti-Theft from the Google Play store.

Don’t forget to backup your data with avast! Mobile Backup. It saves your contacts, call logs, SMS history, photos, and other irreplaceable data to your AVAST Account (and, optionally, Google Drive) to ensure that your priceless data is never lost. Download avast! Mobile Backup for free from Google Play.

All SMS commands, along with a short description how everything works is explained in our manual (PDF). It’s short and easy to understand.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

May 26th, 2014

AVAST forum offline due to attack

The AVAST forum is currently offline and will remain so for a brief period. It was hacked over this past weekend and user nicknames, user names, email addresses and hashed (one-way encrypted) passwords were compromised. Even though the passwords were hashed, it could be possible for a sophisticated thief to derive many of the passwords. If you use the same password and user names to log into any other sites, please change those passwords immediately. Once our forum is back online, all users will be required to set new passwords as the compromised passwords will no longer work.

This issue only affects our community-support forum. Less than 0.2% of our 200 million users were affected. No payment, license, or financial systems or other data was compromised.

We are now rebuilding the forum and moving it to a different software platform. When it returns, it will be faster and more secure. This forum for many years has been hosted on a third-party software platform and how the attacker breached the forum is not yet known. However, we do believe that the attack just occurred and we detected it essentially immediately.

We realize that it is serious to have these usernames stolen and regret the concern and inconvenience it causes you. However, this is an isolated third-party system and your sensitive data remains secure.

Sincerely,

Vince Steckler

CEO AVAST Software

May 26th, 2014

Your child on Facebook: learn about the privacy settings

Security matters to everyone, however security of our children is our top priority. We make sure that they are safe at school, home, and on the streets. Equally we need to provide them with a safe experience in the cyberworld. Recently, we published a blog about general online security of the children, which suggested that you take time and help your child with privacy settings on Facebook. Don’t worry, if you have no clue where to start, we will guide you through the labyrinth of sophisticated security and privacy settings settings. Follow our tips to secure yourself and your child on the most popular social network.

Privacy settings

Like other Internet giants, Facebook has been especially vulnerable to criticisms about privacy. In particular, critics have complained that even if you deactivate your account, the information can still remain on the network and be subject to web searches.~ comments Mashable in the article on recent Facebook privacy update

Following users’ complaints regarding privacy issues, Facebook decided to change the default settings of your status updates to be the visible for Friends only instead of Public. This however applies to Facebook newbies only! So if you and your children are already users, you still have a job to do! :)
Security shortcut

Facebook regularly updates its settings and as a result your profile settings can be restored to the default. In terms of  privacy it means: Everything is PUBLIC. Therefore it’s extremely important to review your profile regularly . You will not be able to influence everything, however there are an advanced number of settings that can be fully controlled by you. The three basic areas that you should focus on are:

  1. 1. Who can see your posts and images?
  2. 2. Who can contact you?
  3. 3. How you can help your child block harassing Facebook friends.

You will find this setting in the right top corner on the blue bar, in the Privacy Shortcuts section. Click on the See More Settings to open the window below and follow our suggestions.

Advacne privacz settings Read more…

May 23rd, 2014

US schools gain from 5 million free enterprise-grade licenses

MKT-3368_blog_image_blhd01We’re really excited by the popularity of our Free for Education program. It’s growing so much that we recently reached the 5 million milestone for the number of free licenses issues. This means that over 1/10 computers in schools, libraries and charities in the US could be protected by our enterprise-grade antivirus for FREE already!

Since November 2012 we have given avast! Endpoint Protection Suite, a product which is already purchased by many businesses worldwide, to education institutions in the USA for FREE. Over 4500 institutions have been granted a license for their network, savings schools on average $14,000 per year in antivirus license fees – freeing up much needed budget which can be better spent on other equipment to benefit your students. We’ve recently heard how one school will be  putting their savings towards buying tablets for the classroom – a great investment for future technology.

When you consider what little funding this program has for advertising and promotion (after all, it’s a free project), the numbers we’ve achieved are huge and we hope the program continues this way and more and more schools can benefit from this.

How does a school get avast! Endpoint Protection Suite for free? It’s easy – apply here: www.avast.com/education I personally review and check all applications that come in to verify eligibility – so keep them coming!

Is avast! Free for students? AVAST Free for Education protects you at school and avast! Free Antivirus protects you at home. Students and their parents can use avast! Free Antivirus to help protect their school network further from outside threats. Download from: www.avast.com/students

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

 

May 22nd, 2014

The Majority of Children Have Been Asked to Share Inappropriate Photos and Videos Online – Make Sure Your Child is Protected

Kids are online now more than ever with Internet access at home, school and on-the-go with mobile devices. The United Kingdom’s four largest Internet Service Providers have collectively launched Internet Matters, a non-profit organization that helps parents keep their kids safe online. According to Internet Matters, nine in ten kids under the age of ten go online and 26% of kids between the ages of ten and 13 are online for three or more hours a day.

parents, online safety, protection

Social Media 

Although there is an apparent shift in teens from Facebook to more private social networking apps, like Snapchat, it is still important to talk to your kids about privacy settings and their online reputation. Internet Matters claims that the average number of friends on social networking sites is 272 for kids between the ages of 12 and 15. Sit together with your kids and go through their privacy settings with them. This will help you get a better understanding of how social networks work and will provide you with the opportunity to talk openly about the importance of online privacy. Kids may not realize how harmful social networking sites can be to their reputation and that once something is published online it is difficult to permanently remove and can come back to haunt them.

shutterstock_144042481Cyberbullying and Strangers 

You teach your kids to be kind to others, to tell you or a teacher if a classmate is bullying them and to not talk to strangers – these same rules apply online. Internet Matters states that 60% of teens have been asked to share inappropriate images and videos of themselves. Bullies and sexual predators have an open invitation to your home thanks to the Internet. This makes it vital for you to talk to your kids about who they talk to and what topics they discuss online. Let them know they can come to you if someone bullies them or approaches them in an uncomfortable way, whether it be on social networking sites or in private chats. Make sure your kids only connect with and talk to people they know and trust in real life and never reveal personal information such as their address or inappropriate images under any circumstance.

How do your children go online? Do you use and share mobile devices in your family? Take our anonymous survey here

May 21st, 2014

eBay becomes victim of security breach

Auction giant eBay requests 128 million users to change their passwords after hack.

tweet ebay

In a blog post from the company, eBay Inc. said a cyberattack “compromised a database containing encrypted passwords and other non-financial data.” There is no evidence that the compromise resulted in users’ financial or credit card information being stolen, but the company is telling all users to change their passwords.

Users need to be alert even after their passwords have been changed. After a breach like this the risk that hackers will use their personal information to commit identity fraud and launch phishing attacks increases. As always, do not click on links in emails, or give personal information over the phone. If you need to discuss your account information, please contact eBay’s customer service by phone or via their website.

“The eBay breach is yet another password issue like Heartbleed. It is really important that people take this seriously, ” said Ondrej Vlcek, Chief Operating Officer of AVAST Software. “Data from our recent survey shows that nine out of ten people intended to change their passwords after Heartbleed, but only 40% took action. This careless attitude is completely irresponsible; people have to take the initiative to protect themselves.”

A password manager like avast! EasyPass helps encrypt and protect personal information online, with random, strong passwords. Learn about creating strong passwords by reading our blog, My password was stolen. What do I do now?

Two weeks ago, eBay discovered that cyberattackers broke into their corporate network through a small number of employee log in credentials. They revealed that the database was actually compromised in late February and early March, and included eBay customers’ name, encrypted password, email address, physical address, phone number and date of birth. However, the database did not contain financial information or other confidential personal information.

Another eBay compromise yesterday

Yesterday in an unrelated attack, eBay’s UK and French advertisement network was compromised and showed fake Java and Flash updates. This malicious advertising replaced the visited page and an installer offered a Potentially Unwanted Program (PUP).  As of last night, they were working to resolve the issue. avast! Antivirus detected the compromise and alerted users.

“Third party ad networks are useful to attackers because the number of connections delays taking malicious content down,” explained Honza Zika, malware analyst in the avast! Virus Lab. “Instead of a normal ad, the attacker deploys a code that redirects to the attacker’s page. It’s designed to look like an official Flash or Java page, but installs unwanted toolbars, addons, extensions or other PUPs. avast! detected this and protected our users.”

Thanks to independent researcher Malekal for his work on this compromise. Read more on his blog.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

Categories: General Tags: , , ,
May 21st, 2014

Heartbleed: Almost Everyone Plans to Protect Themselves, but Less than Half of People Actually Have

Have you heard about Heartbleed? Yes? Then you belong to a minority. Following the Heartbleed threat, the bug that took advantage of a vulnerability in OpenSSL, AVAST conducted an online survey with 268,000 respondents worldwide and found that three out of four people were not aware of the the Heartbleed threat, which affected millions of sites and mobile apps.

AVAST then explained Heartbleed to these respondents. When asked if they would change their passwords after checking which sites were affected, nine out of ten said they would take action. This high number is interesting from a psychological standpoint as it shows how people think when initially confronted with a threat. People immediately plan on taking the appropriate measures to protect themselves against future threats, but how many actually follow through with their plans? In reality, less than half of people follow through with their security plans: Only 40% of the respondents who were aware of Heartbleed said they had actually changed their passwords. This number closely matches Pew’s Heartbleed report which found that 39% of Internet users have changed their passwords or canceled accounts.

Heartbleed, free antivirus, password, security

“This kind of thing never affects me”

Many respondents, both those aware and unaware of the threat, said they don’t want to change their passwords because they don’t believe their accounts have been compromised. This makes one wonder if the 41% of respondents who were aware of the threat, but don’t believe they have been affected, either think the media has exaggerated the issue – or if they have a “this kind of thing never affects me” attitude. One in ten respondents believes that the next security breach will happen soon and they therefore don’t see the point in changing their passwords. This laissez-faire attitude could be caused by the fact that many have not seen concrete repercussions of the threat or have not yet been directly notified of the threat by the platforms they use. One of the most concerning facts revealed by the survey is that many people lack the know-how to protect themselves. One in ten respondents hasn’t changed their passwords because they don’t know how to change them. 

Furthermore, almost half of both respondents, aware and unaware of the threat, said they would change their passwords once the affected platforms have implemented patches and informed them of the changes.

Passwords are like keys that protect our sensitive data online, just as locks protect the precious objects in our homes. It is recommendable to stay away from affected sites that have not yet issued patches. Once sites have implemented the necessary fixes, passwords should be changed and strengthened with the same manner of urgency as you would change the locks on your home if you were to lose your keys or if your key were to get stolen.

Use a password manager to protect all of your accounts with ironclad passwords 

Changing and memorizing new passwords over and over again isn’t easy, especially since passwords should consist of at least eight characters – or according to latest recommendations even sixteen or more. They should include a mix of letters, numbers and symbols.

A password manager like our avast! EasyPass helps encrypt and protect personal information online. avast! EasyPass creates strong, random passwords of up to 512 characters and secures your information via military-grade encryption, making password management simple and secure. avast! EasyPass is currently available at a discounted price of  $9.99 a year.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

May 21st, 2014

Does your fitness app track more than your daily workouts?

avast! MobileSecurity checks privacy permissions of appsFor the last few years, I have used an app on my Android smartphone to log my training runs. It tracks the distance I ran, the route I took, my running pace, and calories burned. If I want to, I can link it with Facebook or other social networks and share my workouts, or I can pay to have my stats broadcast live, so for example, during a race, my family can follow my progress.

Using an app like this is motivating and helps me to organize my training better, but until recently I had never considered the privacy and security issues surrounding fitness tracking devices and apps.

“Privacy advocates warn that consumers aren’t always aware of how sensitive the data the apps collect can be or what privacy protections exist,” reported The Washington Post yesterday.

My smartphone is protected by avast! Mobile Security, so I decided to take a closer look at my apps with the Privacy Advisor feature. Privacy Advisor scans the apps in my device and tells me what kinds of information they collect. Application Management tells me what permissions individual apps require. My fitness app requires me to give these permissions:

  • Track GPS location
  • Read contact data
  • Access accounts

Not too bad; at least when I compare it to the fitness app that came with the phone.

My fitness app respects my privacy, but many health and fitness apps sell personal information like usernames, names and email addresses, and information like medical symptom searches, zip codes, geo-location, gender identifiers, and dietary and workout habits. A Federal Trade Commission (FTC) study revealed that ad companies and data miners are among the third parties that buy this data.

Already some employers are rewarding their workers with cheaper insurance plans for joining fitness programs. But there is worry that the data collected could be pieced together to create profiles that would backfire. It’s fine when you’re healthy for your fitness, health and medical data to determine things like insurance rates or drug pricing, but what if your health declines?

The FTC “is concerned consumers could be penalized based on health data; for instance, a financial institution might adjust credit ratings based on the fact someone has a disease.”

“Information about consumers most intimate health conditions is going to be sold to the highest bidder,” Jeffrey Chester, the executive director of the Center for Digital Democracy, told the Washington Post. “Employers might get access to it, insurers might get access to it, or mortgage lenders — which could lead to a vast array of negative discriminatory practices.”

Know what your apps want

Check what the apps that you have allowed on your smartphone require with avast! Mobile Security.  Install it free on Android devices from the Google Play store.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news and product information, please follow us on Facebook, Twitter, Google+ and Instagram. Business owners – check out our avast! Business Solutions.