The Android:FakeInst family of malware seems to be never ending story. Its creators have been trying to trick users into sending premium rate SMS messages for several months now. Just a few days ago, we discovered 25 more apps placed on alternative markets that are all based on very similar concepts as was the one in the story we wrote about before Christmas.
This time malicious Android applications are hosted on several domains:
All these sites were registered a week ago so it looks like they were supposed to serve as a malware hosting for the bad guys from the very beginning. Also if someone tries to access these sites from the browser, the visitor only receives a 404 error message which does not look like a legitimate site. Analyzing the trail the malware creators left for us, we’ve discovered a few sites they have used in order to attract users and all of them target Russian speaking people and look like an alternative markets. In reality, these sites exist for a short period of time and offers only fake downloaders. Read more…
The RSA Conference – the largest gathering of security vendors and the companies who buy their products – was held in San Francisco last month. Avast was in attendance, and I had the pleasure of moderating a panel on mobile security. Mobile security was also one of the top topics permeating the entire event. What I heard on the panel and throughout the conference, and what has been reinforced from my discussions with analysts and consultants to businesses, should have you all pretty worried.
The good news is that businesses want to embrace employees use of mobile phones and tablets. And it’s not just the biggest companies doing so: even small businesses are eager adopters of mobile technologies. After all, employees are more accessible and more productive when they can use their mobile devices for work. However, these are your devices; they are not the company’s and shouldn’t be treated as such. And that’s the challenge.
Businesses have legitimate concerns that these devices are inherently insecure, and that consumers don’t always secure their devices to the same level businesses do their PCs. They are also concerned about all the corporate data that these devices contain or can access, and that their loss or theft can compromise a company. And they are concerned that people will misuse their access to this data now that it’s on their person device.
The problem is that businesses want more security and control over your phone then they should have or even need: even more control than they have over the PCs they provide you.
- Because there are malicious apps, they want to keep a catalog of every app you install and be able to remove those applications without prior notice to you.
- Because mobile devices can hold private corporate data, they want the ability to wipe all data on your phone, also without prior notice to you.
- Because you could potentially misuse the phone by transferring corporate data between a business app (like email) and a personal app (like Facebook), they want to be able to monitor everything you do on that phone: your call logs, your text messages, all your social networking activity, all your browsing activity.
This blatant company disregard for employees’ privacy and property all in the name of security has gotten completely out of hand. One product that was given prominent attention at the conference basically rooted your device to put a monitoring and management layer underneath the operating system. Besides taking any semblance of control of your device away from you, this procedure would likely lead to voiding the warranty for many of your devices, especially Apple devices.
Using your mobile devices for work purposes should not require you giving up all your privacy rights or giving your company effective ownership of your device, without having to pay for it. If your company is letting you use your phone or tablet for work purposes, especially if it’s for more than email, then you should take a close look at your organization’s mobile policies – not just for what you should or should not be doing, but for what your company could be doing.
The second week of January 2012 started with amazing growth in terms of numbers for AVAST Software. Numbers and stats might not sound that “hot” and maybe you are wondering why I would write a blog post about it, but these numbers are REALLY HUGE and it is YOU – our avast! Community – who greatly helped us to achieve such results. Look at this:
1. Over 500,000 – fans of the avast! antivirus official page on Facebook.
Hello avast! Blog readers. Occasionally we hear from people who wonder how we can (or why we would) give away such great software for free – namely, avast! Free Antivirus and our Android offering, avast! Free Mobile Security.
My unofficial response is that we closely align ourselves to the principles of rock and roll. To keep ourselves in the right head-space in the Marketing/PR department, we listen to the following songs – every day – in constant rotation:
Rolling Stones – “I’m Free”
“I’m free to do what I want any ol’ time…”
The Who – “I’m Free”
Pearl Jam – “Corduroy”
“Can’t buy what I want because it’s free…”
Red Hot Chili Peppers – “Give It Away”
“Give it away, give it away, give it away now…”
The holiday season may be over, but the gift-giving is still going strong.
AVAST Software and Android Police have teamed up to give away ten Galaxy Nexus smartphones to readers of the popular Android news site.
To enter the contest, visitors to the Android Police site just need to register their name, email address, and show how they have spread the news about the Galaxy Nexus giveaway and avast! Free Mobile Security to their friends via social media including Twitter, Facebook, and Google+. The more ways users spread the news, the higher their chances are of taking home a new phone.
This contest started on January 2 and runs through Saturday, January 7, closing at precisely 23.59 PST.
So, enter quickly and be social. ( :
On 21 December, 2011, we launched our Android antivirus/anti-theft solution (see our official press release). The beta version, released a few weeks earlier, was well received, and generated a lot of initial buzz in the Android community. What follows are quotes from early reviews, many of which were written about the beta version. We have also received a lot of great feedback from our avast! user community, and thus a few days ago AVAST CTO Ondrej Vlcek responded to 10 frequently asked questions about avast! Free Mobile Security.
Here is some of the initial praise from the Android community:
“It has the potential to overshadow just about all of the apps in our Mobile Security App Shootout.”
“A strong contender for the best overall security app on Android.”
“Extremely sophisticated security solution accessible to everyone.”
– Android Police (product review, 7 December 2011)
Just a couple weeks ago, Chris DiBona, Open Source Programs Manager for Google, claimed that no real malware exists and that “Virus companies are playing on your fears to try to sell you BS protection software for Android, RIM, and, iOS”. Well, let’s see about that.
Just a few hours ago, another group of malicious applications were removed from the official Android Market after we’ve alerted the Google’s security team to their presence. In addition to the official Android Market, these apps have also been available in around five “unofficial” markets. These are malicious apps that send premium SMS messages to numbers which users are charged a lot for. What’s more frightening is that this seems very similar to a case discovered just a few days ago. This one was was pointed out by Lookout mobile security and, as you can see in their blogpost, they were also talking about malicious apps that sent SMS messages to premium numbers. Clearly both groups of applications were created by the same person although published under different name.
Apps published by the developer Miriada Production may look like well known Android games (Angry birds, Need for speed, World of Goo and others) and users could be easily confused. Read more…
Christmas is getting ‘awfully’ close for all the husbands – me included – who still don’t have any gift for their wives (no gift and no idea for one.) Yes, it is only 18 days left – time to panic. Of course, the kids are excited, having no such pressures. And just like the kids, the other people who are absolutely excited about the fact that Christmas is around the corner are the mobile phone producers. The fourth quarter of the year is the season to be merry as sales of new devices skyrocket and reach record highs. Economic crises or not… this year will be no exception. It is therefore a good time to introduce a security solution that will ensure your new shiny phone is protected. Read more…
For those interested in all things Android, I have some exciting news. AVAST Software has acquired ITAgents, the Austrian developer of the Theft Aware mobile phone theft protection and recovery system.
The acquisition strengthens AVAST’s technology base and gives us a hands-on security app designed for today’s Android-powered smartphones. Read more…