Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Posts Tagged ‘apps’
August 16th, 2014

Facebook Messenger app stirs privacy pot

Lately, you may have noticed that when you try to send messages through Facebook’s mobile app on your phone and tablet, you are prompted to download the standalone Facebook Messenger app. It’s a cool app which allows you to message your Facebook friends, send picture and video messages, and call any of your Facebook friends for free using your Wi-Fi connection. It has also stirred up some controversy about all the permissions it requires.

avast! Mobile Security protects your Android device

Messenger needs permission to take pictures and videos using your camera, record audio, directly call phone numbers, receive/send/read/edit your text messages, access the internet, look into your address book, and keep track of your precise location. When we take a look at the permissions listed on the Google Play store, there are other creepy, but not really threatening, things like preventing your phone from sleeping and controlling the vibration.

The privacy controversy that is stirring is around the question of what Facebook may do with all that data. For example, do they really need to see your address book? Don’t they already know who your friends are on Facebook?

The thing is – nothing has changed about Facebook Messenger permissions. The previous version required the same access as the standalone app. You can read Facebook’s explanation about the permissions here.

We wrote about the changes in the way Google Play manages permissions earlier this summer, pointing out that most people blindly accept whatever app developers want without question. Each of us needs to decide how much we are willing to give in order to get. But please be aware, dear avast! users, that your smartphone combined with social media is a mecca for hackers. Our lives in data are stored on our mobile devices and without strong security and some common sense, cybercrooks can harvest it and use it as they please.

Make sure you protect your devices with the proper security. avast! Mobile Security is for Android phones and tablets, and it’s free. The Application Shield keeps you safe from malicious apps by scanning them on two levels – on installation and on execution. With App manager you can see your running apps, check their permissions, and if they display ads. Download avast! Mobile Security & Anti-theft from the Google Play store.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitterGoogle+ andInstagram. Business owners – check out our business products.

 

 

 

 

 

August 14th, 2014

The Fine Line between Malicious and Innocent Apps: Part 2

Malware has increased on mobile devices 900% since 2011. As dramatic as that number is, as we explained in part 1 of this post, your Android device is unlikely to become infected with malicious malware.

Nowadays, cybercrooks use more subtle and insidious techniques to steal money and personal data from you.

hungry-ads

We explained about PUPs and snoopy apps that want too much information from you. Here are a few more sneaky methods that you should be aware of:

Information hungry ads

App developers are not the only information hungry players in the app game. Ad kits can be found in 80% of free apps. Ads are used to monetize free apps, just like websites display ads to monetize. Unfortunately, not all ad networks play fair. Some ad networks collect and share your personal data.

At the beginning of the year Rovio, maker of Angry Birds, came under fire for allegedly sharing user information with the NSA. They, however, denied this and stated that Ad Networks used by “millions of commercial websites and mobile applications” leaked information to the U.S. intelligence agency.

avast! Mobile Premium, the premium version of avast! Mobile Security, includes an Ad Detector feature. This feature provides full details of an ad network’s capabilities. Ad network permissions are mixed in with the app’s permissions, so it is difficult to differentiate where certain information is being sent and who is accessing your device. App downloaders should therefore always review app permissions thoroughly, as app developers are not the only players on the app’s field.

Empty promise apps

There are apps on the market that are not after your personal data, but are more interested in deceiving you for financial gain. These apps trick people into downloading something different than what they advertised. There are various ways this can be done with various levels of severity.

The most innocent of them being seemingly normal apps that when downloaded only display ads, not even offering the service they advertised. We found apps like this around the time of the World Cup. Games like Corner Kick World Cup 2014 displayed a white screen with ads popping up now and then. This is not necessarily malicious, but frustrating and annoying for the user. If the app had been called Ad Roulette it would be acceptable, but app developers gain a small profit from advertisers when users click on ads displayed within their app. Displaying ads continuously boosts the likelihood that users will click on the ads, thus increasing the app developer’s profit.

More malicious and misleading apps warn people that their device is infected, deceiving them into downloading either an app to remove the “virus” on their device or in some cases downloading actual malware. AVAST discovered an adult app, available on an underground app market that forced users to “scan their device for viruses.”. Subsequently, the app displayed a fake version of avast! Mobile Security, which in reality was ransomware that locked victim’s out of their devices until they paid up.

Apps that gain users by offering a solution to remove non-existent infections, on the other hand, may offer a legitimate app, like a security or other category of app, but the tactic they use to gain users is deceitful and unethical.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitterGoogle+ andInstagram. Business owners – check out our business products.

August 9th, 2014

Our pressing need for ‘now’ does not translate to a want for security breaches

instant-gratificationRecode is running a series leading from its “I want it now” piece about people who have grown accustomed to having their desires met on a whim through the aid of savvy entrepreneurs and tech innovators eager to cash in.

We can all relate to “I want it now”.

I feel myself growing impatient in coffee shops when someone has found a spot to connect their laptops or mobile devices to power points – and I have not. As we often spend hours in the one coffee shop sipping from the same latte we ordered more than an hour ago, it’s inevitable from time to time that we’ll want to check our personal affairs.

What’s happening on facebook? I should message my friend. Let’s browse my favorite news and music sites – that concert looks good, I think I’ll buy a ticket. What, my credit card has been rejected? Best do some online banking.

This type of activity in public spaces can be open playing field for the ill-intentioned: The hacker or the “steal your data” money or identity thief.

We would all agree the “I want it now” mentality does not include: ‘I want’ cyber snoops and criminals ‘now’.

We’ve heard the warnings about our mobile devices – the smartphone is a walking computer in your back pocket, and yet one that can easily be lost or stolen. The plethora of text messages, contact lists, photos, online search history – all this information can be found and used against us if it falls into the wrong hands – even when wiped (as our recent blogpost shows).

Hackers are also targeting our mobile devices with malicious malware. Read more…

May 21st, 2014

Does your fitness app track more than your daily workouts?

avast! MobileSecurity checks privacy permissions of appsFor the last few years, I have used an app on my Android smartphone to log my training runs. It tracks the distance I ran, the route I took, my running pace, and calories burned. If I want to, I can link it with Facebook or other social networks and share my workouts, or I can pay to have my stats broadcast live, so for example, during a race, my family can follow my progress.

Using an app like this is motivating and helps me to organize my training better, but until recently I had never considered the privacy and security issues surrounding fitness tracking devices and apps.

“Privacy advocates warn that consumers aren’t always aware of how sensitive the data the apps collect can be or what privacy protections exist,” reported The Washington Post yesterday.

My smartphone is protected by avast! Mobile Security, so I decided to take a closer look at my apps with the Privacy Advisor feature. Privacy Advisor scans the apps in my device and tells me what kinds of information they collect. Application Management tells me what permissions individual apps require. My fitness app requires me to give these permissions:

  • Track GPS location
  • Read contact data
  • Access accounts

Not too bad; at least when I compare it to the fitness app that came with the phone.

My fitness app respects my privacy, but many health and fitness apps sell personal information like usernames, names and email addresses, and information like medical symptom searches, zip codes, geo-location, gender identifiers, and dietary and workout habits. A Federal Trade Commission (FTC) study revealed that ad companies and data miners are among the third parties that buy this data.

Already some employers are rewarding their workers with cheaper insurance plans for joining fitness programs. But there is worry that the data collected could be pieced together to create profiles that would backfire. It’s fine when you’re healthy for your fitness, health and medical data to determine things like insurance rates or drug pricing, but what if your health declines?

The FTC “is concerned consumers could be penalized based on health data; for instance, a financial institution might adjust credit ratings based on the fact someone has a disease.”

“Information about consumers most intimate health conditions is going to be sold to the highest bidder,” Jeffrey Chester, the executive director of the Center for Digital Democracy, told the Washington Post. “Employers might get access to it, insurers might get access to it, or mortgage lenders — which could lead to a vast array of negative discriminatory practices.”

Know what your apps want

Check what the apps that you have allowed on your smartphone require with avast! Mobile Security.  Install it free on Android devices from the Google Play store.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news and product information, please follow us on Facebook, Twitter, Google+ and Instagram. Business owners – check out our avast! Business Solutions.

 

September 12th, 2013

How to remove Give Hearts and other unwanted Facebook apps

Recently, we have seen many Facebook posts with links leading to applications called Give Hearts, Drink It Up and Daily Horoscope. The applications are very popular – they have over 5 million monthly users – and are managed by the same provider called App Discovery Engine. The posts attracted my attention because they seem to be posted automatically. The entire post consists of the URL which contains quite long text separated with ‘+’. (Later we will see that the text is a horoscope that you see on the page of the application).

spreading

 

To begin investigating these apps I follow the link leading to the Give Hearts application. It redirects me directly to the application. But before I can use it I am asked to grant Give Hearts access to information on my Facebook account like my email or friend lists.

hearts1

Read more…

January 24th, 2013

What’s that new game on Google play? Oh, it’s malware again!

playA few months ago, Google announced a new feature in Android. Version 4.2 Jelly Bean has an integrated real-time app scan which should be able to check if applications you install are clean or malicious. But is this enough? Sleazy Android app developers continue to sneak their fake apps by the Google Play gatekeepers. These guys rip off popular apps in an attempt to fool unsuspecting users.

“In the start of this week, Google released a few applications from a developer called GILBERT8332 which pretend they are legitimate applications. Between these applications you can find quite common games such as The Sims 3, Asphalt 6, Ninjago Lego and so on. And compared to original developers they are free,” said Filip Chytrý, a researcher from Avast Virus Lab.

The common result of downloading a bogus app is that personal information like your email address and mobile phone number are stolen and you are served an unending stream of spam and unwelcome offers.

Chytrý warns, “When you download them and install in your android device you will be surprised. All of them are malware. They all start quite innocently with a license agreement of AirPush advert. (AirPush is a advert system which allows to show advertisement in notification bar of your Android device.)”

2

“And then the funny parts come up. The Game will ask you if you want to change your main page in browser and put a search icon on desktop. Even if you decline, it’s too late. Your browser is already changed for another search page and your device is filled with uncomfortable adverts and as a bonus, the device will send  personal information to a third party,” said Chytrý.

top apps

Block fake apps

avast! Free Mobile Security blocks fake apps and our new signature targeting protects you against
malware distributed with them. Our popular anti-virus/anti-theft app for Android stops downloads of fake apps and games, so you won’t be duped.

“All of these apps use multiple advert services, steal your personal data and they even are hidden under different creators. But don’t worry. Avast detects all of the mentioned applications as Android:FakeInst-DL, and urls of fake searchers are blocked also,” said Chytrý.

Get avast! Free Mobile Security for your Android device from Google Play. Please add a review and share with your friends if you like it! :-)