The latest version of Android 4.2, code-named “Jelly Bean” has been released some time ago. While being just an incremental update to the major 4.0 release “Ice Cream Sandwich”, Google introduced some major new features within that update. While offering multi-user support and improved notifications, a new feature which is being promoted heavily, is the built-in app scanner which should protect Android devices from being infected by malware.
The client side app scanner of Android 4.2 is the next step in Google’s attempts to protect their Android ecosystem from malware threats, after introducing Bouncer, a server-side malware scanner used by Google to analyze apps that are being uploaded to Google Play Store. Bouncer was announced in February 2012 and is Google’s approach to prevent malware from being uploaded to the Google Play store as a first line of defense.
Now, some authors claim that third party mobile security tools are most likely not needed anymore, because Google now already pre-checks all mobile apps. I’ve been closely monitoring all those changes and improvements because I wanted to make my own mind on how successful these attempts by Google would be and to find out how our Android antivirus scanner delivered within our free avast! Mobile Security suite (http://www.avast.com/free-mobile-security) would stack up to what the operating system vendor itself would be able to provide.
Since months before the release of avast! Mobile Security in December 2011, our virus lab was working on setting up the initial state of our Android malware database. The database contains signatures of all the malicious files our virus lab guys find over time and is being extended day-by-day to contain definitions of the newest threats in real-time. Currently, tens of millions of Android devices owned by our users download those definitions every day to their avast! client side scanners. So I just went to our virus lab and asked the guys there to provide me with some statistics on the growth of our Android malware database.
As I already stated, Bouncer was thought to be the first line of defense, and tries to protect the main source of app downloads from malicious offerings. Could it be that as a result of introducing Bouncer, our malware database stopped growing or started to decline in size when Bouncer was introduced? Has Google been successful? See for yourself:
Android Malware Database History (Click to enlarge)
Obviously, since February 2012, our Android malware growth has not started to decline; it has not even stalled its growth, but has been continuously growing since that point in time. Read more…
Lots of smartphone users are still unaware of the actual risks arising from the use of smartphones based on operating systems, and they have a tendency to underestimate their security risks. Be honest, how many of you check if an application you install on your phone comes from a trusted source? Do you check which permissions the applications has? How many of you install applications that have “cool icons” and don’t check anything else?
I’ve asked a few people these questions, and was totally surprised by their answers! Even IT geeks don’t read permissions of applications and they just click and install whatever they find. What’s WORSE is that most of them think they are secured without any security application.
Do you remember my last article? We identified something very similar, also coming from blog and upload services such as 4shared. It’s really strange how many hijacked and infected applications are offered through those services.
One month ago, I pointed out a really nasty malware that pretends to be a Google Play app. I looked into what the creators of that malware have been doing for the last month. They definitely haven’t been lazy.
For the last two weeks, we saw more mutations of similar malware, with similar behavior. It sends numerous paid SMS messages to premium numbers without the user being aware of it. They try to pretend it is some kind of wanted application, but you obviously don’t want that.
This malware hide themselves under legitimate-sounding names like Flash Player, Talking Tom Cat, Kaspersky Lite, etc. But many of the apps have something in common: The package name is the same in hundreds of them. But don’t worry, all of them are detected.
My phone is infected! What can I do?
This leads me to the most important point of this blog post. For those who still believe they are fine without antivirus protection on their smartphone, there are a few steps to follow when you realize your phone is acting strangely.
1) Switch off GSM module or take out your SIM card immediately. (This should disconnect your phone from the mobile network and prevent losing your money.)
2) Restore your phone back to factory setup. (Malware should be removed, as well as all your data.)
3) Put your SIM card back, and you can use your phone again.
Is there a safer and easier way to protect my smartphone?
Luckily, yes. Malware that we meet comes mostly from untrusted sources. People often put the name of a wanted application in their browser and just click on the first URL that comes up. That practice is, of course, really dangerous. The viruses mentioned above come from file sharing servers such as 4shared.com, filestube.com, rapidshare.com, fake blogs, or from fake Android stores. Those file sharing servers are suspicious sources and one should not download applications from there. Even on Google Play you can find a dangerous application once in a while, so you should be cautious even when you look for applications there!
Here’s a quick example. When you search for popular games, for example, “Asphalt 6 adrenaline скачать бесплатно” (free download in Russian language) in one of the top pages on Google you will find a pretty nasty blog full of repacked games but with a small gift in the form of a malware.
My recommendation is to use an antivirus program on your phone – for example, avast! Free Mobile Security – and download applications from less dangerous sources – for example, Google Play, Amazon.com, etc.
When it comes to hotel security, I usually check two things: 1. Does the door open to an inside hallway or directly to the outside?, and 2. Does the room have a safe to store my passport and other valuables? Now, it seems, I have a third thing to think about: The electronic key.
Those sturdy plastic keycards have always seemed secure, and up to now, my only concern has been losing it, and having to ask the clerk at the front desk for a replacement. But recently, burglaries in American hotel rooms were linked to an electronic ‘hack’ which can open 4-5 million electronic locks in 200 hotel chains worldwide.
Back in July, at the Black Hat security conference, a Mozilla software developer exposed flaws he discovered in hotel room locks from the lock manufacturer Onity. He demonstrated the ability to break into rooms with a simple, cheap device that could be hidden in an iPhone case. Read how he did it. Since the summer, others have perfected the technique, and now thefts have taken place and an arrest was even made in Texas.
Your data is more important than the device it’s on
With all the devices we carry with us these days – I have a smartphone, laptop, and tablet – securing these gadgets is important. The most important thing about these devices is the data that’s on them, so before you leave on your travels, make sure you backup your files, photos, music, etc. Avast! BackUp is an online backup and recovery service that allows you to select sets of data or individual files you want to back up. You can quickly and easily restore files with the avast! BackUp software on your computer and you may also log in to your account online to restore files. Download a free trial here.
For your Android smartphones and tablets, make sure you install and setup avast! Free Mobile Security, our anti-theft and anti-malware app. It has special “stealth” and remote-access features, including lock, wipe and siren, as well as remote text commands, so you are protected against the loss or misuse of your phone. Get avast! Free Mobile Security for free from Google Play.
Other valuables, such as travel documents, can be placed in the hotel safe. But be aware that even those aren’t entirely secure. Reports have been made that some can be opened with a default code of all zeroes, 0000. Check it out next time. If you don’t trust the in-room safe or your items won’t fit, consider using the hotel front desk guest safes. If you don’t want to make use of a safe, make sure you bring luggage equipped with locks, so you can secure your valuables inside.
Do you have any other tips to keep your devices and yourself secure while staying in a hotel? Please share them.
Potentially Unwanted Program – that’s what PUP stands for. You probably already had a chance to meet some PUPs on a Windows PC, but how does a PUP look on an Android phone? How will you know how to handle it? All of this will be explained here.
When a PUP alert attacks you, don’t panic.
For starters, it’s just a warning. It’s not a standard virus and, no, your life is not in danger. PUP detections were made to warn people when a suspicious component or ability is detected within the application.
Let’s say you downloaded an app that’s called “Christmas Carols” (don’t panic about that, either; it’s still a month and a half till Christmas) and a PUP warning hits you. The detection name reads “Android:SpyPhone-E [PUP]”. What should you do? Well, what I would do is to sing Silent Night to that app and wave goodbye while uninstalling it. Why? Well, it’s an app that’s supposed to play Christmas carols and not “SpyMyPhone” or whatever that PUP warning says.
Android is one of the fastest growing platforms in the world. In the second quarter of this year there were more than 300 million active Android devices. The increase is almost 900,000 of new devices per day and still rising. These days Android occupies more than 60% of the mobile devices market! By the way there is around 300,000 newborn children a day all around the world, and this number constantly decreases.
Hand in hand with this trend goes the rise of applications and viruses for this platform. In the past week we noticed one of them that was especially tricky. At first look, it’s trying to act like a regular Google Play application, but that’s just an illusion. It is a fake application which not only downloads other fraudulent application, but it is also able to send premium text messages without user’s knowledge
After the installation it replaces the original Google Play from the menu and just waits for a first start from the user.
Immediately after the first start you are asked to update the program and there your troubles continue “Critical update, install new version, click the continue”.
After this step follows another nasty download from this link shows up:
After the installation of second aplication, your phone turns into a money sucking machine. Without your knowledge it starts sending premium messages on paid numbers. Luckily we caught this threat and Avast! detects both samples as Android:OpFake-BV.
This file is easily accessible from more than thirty malware pages, which are made to resemble various markets and download pages! But no worries Avast! users are protected even if you accidentally visit these pages.
Last week we told you in the avast! blog about the nasty attack against Android smartphones which could lock the SIM cards or completely wipe all of the data and reset to factory settings. We are pleased to confirm that the newest update of avast! Free Mobile Security protects against USSD attacks, without having to install additional tools.
“The benefit of our solution is that we do not require the user to install an additional tool, as the newest update of avast! Mobile Security already contains the protection,” said Reinhold Holzner, Managing Director of AVAST Software Austria. “All you need to do is to accept the program update on your smartphone.”
Avast! Free Mobile Security is a full-featured anti-theft and anti-malware app for Android smartphones and devices. With special “stealth” and remote-access features, including lock, wipe and siren, as well as an abundance of remote text commands, smartphone users are protected against the loss or misuse of their device.
Avast! Free Mobile Security is completely free and available through Google play. Protect your devices now, and please tell a friend about it too.
Researchers have determined that an attack which can wipe data from Samsung Android devices when visiting a malicious website can also be used to lock the SIM cards or completely wipe all of the data from many other Android phones. In addition to web pages, the attack can be triggered through SMS, or by a rouge NFC tag or QR code.
Mobile geek Dylan Reeve explains how the attack works. Computerworld summarizes it like this, “The attack can be launched from a Web page by loading a “tel:” URI (uniform resource identifier) with a special factory reset code inside an iframe. If the page is visited from a vulnerable device, the dialer application automatically executes the code and performs a factory reset.”
Check if your smartphone is vulnerable
Here is a way for you to check if your phone is vulnerable to this remote wipe threat: Visit http://dylanreeve.com/phone.php on your Android device, and if your phone is vulnerable, you’ll immediately see your phone’s IMEI number pop up. I checked my HTC Google Nexus One this way, and it came back as being vulnerable. Other phones reported to be affected include the HTC One X, Motorola Defy, Sony Experia Active, Sony Xperia Arc S, and the HTC Desire. Reeve says that Samsung fixed the USSD/MMI code execution issue for Galaxy S III devices, but it appears that all 4.1-based builds are safe, and some 4.0.4 builds as well.
Currently avast! Mobile Security is actively blocking URLs containing malicious code that triggers the exploit. Our Android users can expect an update containing protection against this kind of attack soon. We’ll let you know when that is released.
Edit: We are pleased to confirm that the newest update of avast! Free Mobile Security protects against USSD attacks, without installing additional tools. All you need to do is to accept the program update offered by avast! on your smartphone. Please share this message with your friends who are Android smartphone owners. They might need avast! Mobile Security too. Thank you.
The My avast! account was created so you can manage all your avast! software and services from one area. You can enter your account by clicking on the avast! icon in the system tray in the bottom right corner of your computer. This opens the avast! user interface. In the Summary section of the UI, you can see if the device you are using is connected to your My avast! account. To the right of that is a link to connect, https://my.avast.com. Click this link to log in and connect the device to your account.
Once you are there, you can see all your avast! protected devices in one place. This is quite useful if you have multiple devices like a PC, tablet and mobile phone. The section called Security Info gives you a summary of protection for each device. If your avast! Antivirus license is expiring soon, it will remind you and give you the opportunity to renew.
For those of you with Android phones, your My avast! account provides valuable information related to avast! Anti-Theft. You can change the settings, for example, add a friend’s number to communicate with your phone if it gets stolen, remotely wipe or lock the phone or stealthily send SMS commands. The Locator Map finds the position of the phone, so you can track it.
Check out your My avast! account here, https://my.avast.com.
A Google alert just popped up this review from Android Authority titled: “The best just got better“. And I just love the writeup from the author Simon Hill…
“After trying a number of Android security apps and comparing their performance in independent tests it is easy to recommend Avast Mobile Security as your best option. The sheer variety of features is more in keeping with a premium app, but it is still completely free.”
So if you have an Android phone – and according to the latest data by Gartner there should be about 450 million of you out there – go to Google Play and get the best rated security app. For free.
I’m still having my old Nokia but I guess time has come to get the shiny Galaxy S3 and install as well
Eight months after the wildly popular release of avast! Free Mobile Security, we are pleased to launch avast! Mobile Security 2.0 for Android smartphones and tablets. Adding to its already feature-rich anti-malware and anti-theft capabilities, the latest version of avast! Mobile Security 2.0 is sure to be the best free security solution for Android on the market. You can download it from the Google Play store.
“The free-but-full-featured Android antivirus and anti-theft app has become the highest-rated security solution on Google Play store with a score of 4.7 stars,” said Ondřej Vlček, CTO of AVAST Software. “We protect over 8 million active devices now and we are growing by 1 million active devices per month,” added Vlček.
avast! Mobile Security 2.0 uses the same award-winning antivirus engine as avast! Antivirus products for PC and Mac and is constantly updated with a mobile version of our virus database and latest virus definitions. avast! Mobile Security 2.0 seamlessly integrates the most stealthy anti-theft component in the marketplace: Immediately upon detecting a threat, avast! Anti-Theft jumps into action without alerting thieves to its presence.
avast! Mobile Security 2.0 includes the following new features:
- Remote functions through the web portal - allows you to remotely control your avast!-equipped device(s) from the web. The web portal offers full control of the device to remotely locate, lock, or wipe your lost phone, sound an alarm, SMS and call forwarding, and a lot more. Access the interface on my.avast.com.
- Improved tablet support – with the popularity of Android tablets such as Amazon’s Kindle Fire and the Samsung Galaxy Tab, AVAST has worked to provide better compatibility with these devices, along with delivering a specific user interface tailored for the larger tablet devices.
- Network meter – review your data usage consumed by each app, individually for WiFi, 3G, or roaming networks.
- avast! Widget – from your device screen, the avast! Widget provides you a quick view of your overall security status, and the ability with one tap to access the main avast! Free Mobile Security interface, to run a malware scan of your installed apps, or bring up a dashboard of device health information such as CPU usage, memory usage, and SD Card free space.
- SiteCorrect™ – in a new feature unique to AVAST, our web protection will now detect common URL typing mistakes and can redirect you to the site you intended to visit.
- Custom name for Anti-Theft – this name is used to disguise the app from thieves’ eyes (e.g. label it “Dodo Gadget”)
- Real-time protection of apps – scan installed applications on their first execution
“We’ve now made the avast! Mobile Security product even better, and continue to keep the solution totally free,” commented Vince Steckler, CEO of AVAST Software.