By definition, Adware is a program bundle which renders advertisements in order to generate revenue for its author. In a more strict sense, e.g. for security solutions, it means an application/installer whose nature lies somewhere between a potentially unwanted application and proper malware, like Trojans or Spyware. It might use more or less aggressive methods, starting with tricks and ending with fraud, to achieve its goals to benefit its distributor, while staying as innocent as possible on first sight. We blogged about an adware downloader a year ago.
Now we focus on two selected adware examples: The first is a Windows installer called Linkular and the second is a well-known application called Genieo (with a focus on its OS X version.) Being in the wild for a few months, the detection within AV products reached only partial coverage in both cases, with very similar numbers on VirusTotal (~10-20 %, see Sources below). However, the OS X adware Genieo is additionally flagged by OS X-specific security solutions. Considering maliciousness, the Windows adware is far more dangerous and invasive than the OS X one and also more than other Windows Adware examples we usually see. Here’s the comparison:
|Distribution strategy||Advertisement Network||unknown|
|Software Download site||coolestmovie.info||www.genieo.com|
|Rank on alexa.com||~4200||~3000|
|Masking||VLC Player + Addon||Flash Player (*)|
|Payload||SpeedUpMyPC; Multiplug; Bitcoinminer;OneStep/BasicServe||Codemc; Photo.it; Qtrax(**)|
|Change of browser start page||YES||YES|
|Persistance||YES (of payload)||YES|
|Obfuscation||YES (of payload)||NO|
|Digitally signed||YES (both installer & payload)||YES|
(*) masking is not connected with the official site, but some of its distribution partners
(**) related to older installers; not presented anymore
Compared to Windows, Mac users have been relatively free from malware attacks. But cybercrooks are just as aware as antivirus vendors of the behavior of users and their false sense of security and their habit of browsing the internet without security software. You only have to read this blog to learn that cybercrooks are adapting Windows malware for use on their Mac counterparts.
AVAST aces malware detection test
Over 300 malware samples and 35 applications were used to measure the effectiveness of products built specifically for Mac in a recent SecuritySpread.com test. Multiple machines running different operating systems were used to ensure the reliability of the test, and for real-world results, Macs that are used every day for a range of tasks from web development, media center, movie editing to gaming were included. avast! Free Antivirus for Mac had the highest detection rate among them all. The results can be found here.
The Security Spread test was done with avast! Free Antivirus for Mac 7, but in preparation for the official public release of Mac OS X 10.9, aka Mavericks, avast! Free Antivirus 8.0 has been released. The changes are mostly under the hood, and it requires version 10.6.8 or newer. Download it here.
avast! Free Antivirus for Mac was launched a mere week ago, and it only took three days to reach the #1 position on CNET’s download.com. avast! Free Antivirus for Mac fulfills the need for quality security just as the Mac community is recovering from the high-profile Flashback Trojan that infected 600,000 Macs. Many people realize now that OS X is not immune to attack, and new OS X malware is demonstrating how unprotected Macs can be infected when a user simply visits a website.
avast! Free Antivirus for Mac contains the same light, award-winning, certified, and highly acclaimed antivirus and anti-spyware engine as its avast! version 7 Windows counterpart. Learn more about it here.
Win a MacBook Air
Thanks to loyal avast! users like you, avast! is the most liked antivirus on Facebook. As of this writing, we have over 1.1 million likes and rising. Thanks, avast! fans.
Like avast! on Facebook and enter to win a MacBook Air! Take a photo of yourself with an apple and submit it to our contest by Friday, May 18. You must be a registered avast! user and a fan of avast! on Facebook. After the photos are in, the fun begins when all the participants vote for their top 5 favorite photos. Those five will each win a MacBook Air! So get those apples polished and cameras snapping. We want your best photo!
Apple’s ‘cloak of invulnerability’ has lately been shredded by the MacDefender fake antivirus and the Pinhead and Boonana Trojans. Don’t worry, be proactive. Here are five tips to make your Mac more secure:
1. Don’t use ‘automatic login’
It’s cool to turn your computer on and instantly use it. But troubles can start when a computer is turned on by someone other than its owner… If you are concerned about your sensitive data, you can encrypt or simply disable the ‘automatic login’ function. Here’s how to do it:
1) Go to System Preferences > Security
2) Authenticate yourself by clicking Click the lock to make changes
3) Check Disable automatic login Read more…
On August 28, 2009, Apple released Snow Leopard. One of new functions added to this version is basic anti-malware tool called “XProtect”. The name is based on the name of one .plist file which contains strings that are necessary for detection. Apple had not provided a name for the tool, so developers made it. Read more…