If you work at an antivirus company, be sure that family members will soon ask you questions about computers and the latest malware. Sometimes, they will even send you some. The other day, I got an odd email from my cousin, soon followed by a similar note from my sister that contained this:

The two of them – completely unintentionally – sent me a personalized bit of spam/malware. This was quite nice. After all, there aren’t so many Lyle’s in the world and I thought it was really considerate of some malware writers to address me directly. So I asked Jan Sirmer in the AVAST Virus Lab to tell me about how it was done and the goal of this malware. Here are his comments: Read more…

My daughter should be credited (or blamed) with the  Cute, Pink, and Infected release.

She was playing games on my computer and suddenly screamed: “The internet has stopped!”

Yes indeed, the browser had shut down on her. All I knew at the time was that this involved some online games and a google search using the word “games” or “hry” (games in Czech).

Back at the office, I started sifting through the list of infected sites for those with “game” or “arcade” in the URL and found quite a few. Even better, there were even two sites, cutearcade.com and hiddenninjagames.com, that looked something like the game sites she had been visiting. Read more…

avast! Free Mobile Security – the new anti-theft and anti-malware app from AVAST Software – has been installed by over one million smartphone users in just 16 days.

This threshold was crossed on January 6, only 16 days after avast! Free Mobile Security was placed in the official Android Market.

“This has been a really fast-paced launch, surpassing the results from competing products,” said Ondrej Vlcek, CTO for AVAST Software. “It required Lookout a full six months to reach the one-million level for their mobile security product.”

avast! Free Mobile Security is a full-featured anti-theft and anti-malware app for Android smartphones. Read more…

A short time ago in a galaxy very close by, the German Police and their R2D2 Trojan gave us a simple reminder of what modern malware is all about. It’s wiretapping.

Technical buzzwords usually leave me more puzzled than enlightened. How many of these terms can you identify: backdoor Trojan with mfc42ul.dll, winsys32.sys key logger, Speex codec, full registry access, CJPEG, or acrd~tmp~.exe for a hidden executed application.

Did I lose you? Just think wiretapping in the digital age.

Recently, the German Police had their R2D2 outed by the Chaos Computer Club. It seems that after the Police loaded their R2D2 Trojan onto a suspect’s computer, the defenders of law and order could do the following: Read more…

Yesterday evening we got the latest results from Virus Bulletin comparative test of over 40 antivirus solutions for Server deployment.   It is the first test of the new business product we launched before summer and it is definitely worth publishing.  AVAST is known for distributing a very good free product – and some competitors look down their noses at us as being only good for home users.  Well, this could change their minds. Read more…

It has been raining a little over the last 3 days in Prague but the weather for weekend should improve.  Sunny skies and temperature around 12 °C (about 54F) are expected.  In general, the weather in Central Europe is mild and comfortable.  Nothing extreme and this is what we are used to.  That also means when we do have 3 centimeters of snowfall in Prague,  it is a ‘calamity’ with a traffic jam throughout the whole city and everything stops working.  I guess the winters in northern parts of Europe are much more harsh and unless there are 3 meters of snow nobody really bothers to call it unusual.  And I also would imagine that it is the weather, lots of snow and 20-hour long winter nights, which drive internet usage up there. Read more…

Is free security only for the poor in developing countries?  Well let’s look at what the users think.

When AVAST users install the free antivirus, we use this opportunity to collect some research data on various subjects.   This particular research was based on over one hundred thousand responses collected during the last couple weeks. So, it is pretty solid data. Read more…

The “Unitrix” exploit takes several Unicode features designed for right-to-left languages and uses them to mask malicious executables as safe text or video files. Here is a short list of the main options.

We described Unitrix in a recent release Hackers flip filenames to create “safe” file extensions. But, this was just the start of the detective work. Analysis of this exploit showed that the hackers do not directly takeover the infected computers. Instead, they have a “pay per installation” network that provides outsourced infection and malware distribution services for other cybergangs – apparently based in Russia and the Ukraine  – after giving each infected computer its own identification number. And, this gang has the ability to change the final payload thanks to its downloader: rootkit today, tomorrow something else.

We’ve titled this malware W32:Fivfrom. It’s a malware downloader which, after activation, connects to several distribution centers to download and install malware to the infected computer.  We analyzed over fifty separate files, all of which initially looked quite different. But when we looked inside, Read more…

Yesterday (1 Sep 2011) we made a Facebook post recognizing avast! antivirus users in particular towns in the USA, towns that because of their names have a special affinity with where avast! originated:

Czech communities in the USA (Source: Wikipedia)

“Since we’re headquartered in Prague, Czech Republic, we’d like to say a big ‘Dobry den’ to avast! users in the following US towns: Prague, Nebraska… Prague, Oklahoma… New Prague, Minnesota… and Praha, Texas.”

These North-American towns all began as Czech communities (or at the time Czech, Moravian, and Slovak communities) in the ‘new world’ about a century ago. Even today, a lot of Czechoslovak festivals are held in these regions and many others (see http://en.wikipedia.org/wiki/Czech_American).

Today, however, we want to recognize avast! users in our top 10 COUNTRY markets: Read more…