Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Posts Tagged ‘malware’
December 13th, 2013

How do I know which antivirus is the best?

howto2_enQuestion of the week: How do I know which antivirus is the best for my computer? I mostly use it for staying in touch with my friends, doing schoolwork and watching videos. Is your free product good enough to protect me?

We receive questions like yours on our Facebook page frequently. We understand how difficult choosing which security product is right for you when the technology is unfamiliar and the marketing messages are similar.

That’s where independent testing labs like AV-Comparatives can help. A few times a year, these experts set up a “real-world’ test in their lab where they test dozens of antivirus products on identical computers.

AV-C_adv+_dec2013avast! Free Antivirus was the only free product to receive AV-Comparatives highest award in the ADVANCED Plus category because of exemplary results in protecting against malicious samples with a small incidence of false positives (wrongly blocking domains or files). The other Advanced Plus recipients were paid-for products (that shows how good avast! Free Antivirus is! ;-) ).

For this “real-world” test, AV-Comparatives, together with the University of Innsbruck’s Computer Science department, set up identical Dell computers with Windows 7, Office, Adobe Reader, Flash, Java, QuickTime, Firefox, and a constant  internet connection – basically, like most of us have at home. Twenty-two products, of which only two were free, including avast! Free Antivirus, were tested. As you can see from the award, avast! Free Antivirus held it’s own, so yes, this product is more than good enough to protect your computer.

Notable among the test results is Microsoft Security Essentials, which placed last. AV-Comparatives only used it as a basis of comparison, because Microsoft withdrew it from testing this year.  This product provides only basic malware protection and has been the source of much conversation since earlier this year when Microsoft advised Windows users to use a third-party antivirus instead of counting on MSE. Since then they have changed their statement. Nevertheless, MSE’s scores in malware detection have continued to slide.

We hope you choose avast!, the most trusted antivirus in the world

No matter which antivirus product you decide to go with, make sure you keep it up-to-date, as well as keeping the software and apps on your machines updated. We hope you will choose avast! Free Antivirus or one of our premium products. You can see a comparison of all the choices on our website. If you want to see how avast! stacks up against others, then check out the avast! comparison tool on our Facebook page.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

Comments off
December 12th, 2013

Christmas time! Do you want a malware present?

DHLspoofChristmas time is essentially connected with buying presents. There’s a lot of stuff to be done and a lot of opportunities to buy a present in an e-shop to save time. Who doesn’t know someone who buys a Christmas gift online?

The malware authors know and are very keen to take advantage of it. We see scam emails containing order or delivery details every day and they have a lot of common. In fact, it’s nothing new. Such methods are used constantly during the year, it’s nothing special connected to Christmas. However, Christmas is the reason why many people might be fooled. Let’s look at them in detail.

Imagine you are customer waiting for a present to be delivered. You get anxious and check your email waiting for order details. You are probably the most vulnerable at this time. Then you get an email from DHL, the well-known parcel delivery service, with a notice saying that the shipping details are in an attachment. In that moment of relief, you click on the email attachment. It turns out to be a zip file containing a file named DHL-parcel.exe. The strange thing is the file extension looks like regular PDF file because it has the same icon. In fact, it is malware.

Read more…

Comments off
November 19th, 2013

Can avast! protect me against CryptoLocker?

howto2_enQuestion of the week: I have read frightening stories about CryptoLocker locking computers. I don’t have $200 to pay blackmailers for my own files. How do I protect myself from getting attacked? Does avast! protect from CryptoLocker?

 

“Avast! Antivirus detects all known variants of CryptoLocker thanks to our automated processing and CommunityIQ,” said Pavel Sramek, researcher and analyst for the avast! Virus Lab. “There are less than a dozen; this doesn’t seem to be a case of rapidly mutating malware.”

CryptoLocker EN

 

 

 

 

 

 

 

 

 

 

What is CryptoLocker?

CryptoLocker is malware known as “ransomware” that encrypts files on a victim’s Windows-based PC. This includes pictures, movie and music files, documents, and certain files on local or networked storage media. A ransom, paid via Bitcoin or MoneyPak, is demanded as payment to receive a key that unlocks  the encrypted files. The victim has 72 hours to pay about $200; after that the ransom rises to over $2,200.

How to get CryptoLocker?

The CryptoLocker virus is often attached as an executable file disguised as a PDF attachment to an official-looking “spoofed” email message which claims to come from banks, UPS or FedEx claiming to be a tracking notification. When someone opens the email, they are asked to download a Zip file that contains an executable file (.exe) that unleashes the virus.  There is also evidence that CryptoLocker started with infections from the ZeuS or Zbot banking Trojan and is being circulated via botnets to download and install CryptoLocker.

How to protect your computer from CryptoLocker?

AVAST users should be safe from infection during the short period when the malware is new and “undetected” as long as AutoSandbox and DeepScreen are active. “The infection is prevented by means of a dynamic detection,” said Sramek.

“We also automatically add detections for each new sample that passes our backend filters,” said Jiri Sejtko, Sramek’s colleague in the avast! Virus Lab.

“Against future threats like this, having a backup is always a good idea – who knows when CryptoLocker v2.0 will be released, and every antivirus solution is reactive by nature,” said Sramek. “The encryption used is virtually unbreakable, there is zero chance of recovering files after infection.”

Avast! BackUp is an online backup and recovery service that allows you to select sets of data or individual files you want to back up. Try avast! BackUp free for 30 days; after that you can choose a subscription based on your storage needs.

Read the warning issued to American computer users from US-CERT, and the warning to British users from NCA’s National Cyber Crime Unit.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

November 14th, 2013

Malvertising and OpenX servers

Monster-iconMalvertising is an abbreviation of malicious advertising and means that legitimate sites spread malware from their infected advertisement systems. There were many malvertising campaigns in last few years, some of them confirmed even on big sites like The New York Times, but most of them go unnoticed because they are well hidden and served only to selected users. Earlier this year, one of our top analysts found a stealth infection on a Czech entertainment site and began to watch it. We were able to obtain source code from infected sites, and I would like to show you how easily hacking is done and what can be done to secure your server.

In this case all infected servers contained OpenX (open source solution for advertisement) which has a rich history of vulnerabilities. Look, for example, at last three versions.

  • In version 2.8.9 and previous versions there was a SQL injection
  • Version 2.8.10 contained a hidden backdoor that allowed remote PHP execution
  • The latest version 2.8.11 offers more security, but there are known vulnerabilities

In summer 2013, OpenX was re-branded as Revive Adserver and several security flaws were patched. I strongly recommend you update to the latest version (currently 3.0.0) to secure your advertisement solution from being misused by hackers.

How do they get in?

An analysis of infected web pages revealed that the attacker used SQL injection to obtain administrator log ins and passwords from the database. Then he used credentials to log in and exploited another flaw to upload a backdoor with executable extension. Actually there were more backdoors and PHP scripts hidden in various places suggesting that this server was attacked multiple times.

mv-files

This picture shows all scripts and their dates of creation found on the infected page. The first three files are backdoors and tools for server control. The last two files are different; they serve as an interface to the database.

Files “inj” and “minify” seem to be two versions of the same script, which connects to the database and either removes injected scripts or add new ones. The result of this modification is an iframe appended to advertisement banners. The picture below shows a SQL query used to insert malicious java-script.

mv-sqlThe described infection is really hard to trace, because it’s not present on the server all the time, but only in predefined times and shows only to users coming from specific zone. Read more…

Comments off
October 28th, 2013

Facebook Clickjacking: Will You Like Me?

FB_meme“Who wouldn’t want to have more likes on their Facebook page?” This is the motivation of a very trivial code to get more likes, but while other methods usually comprise of adding better content or advertising, this one is a bit easier, and much dirtier. Why not show the like button directly beneath your mouse cursor as you browse a website, make it invisible, and move it as you move your mouse?

The only thing the victim has to do is click; if they are logged in to Facebook, they will automatically like the Facebook page. And of course, it is not only about the number of likes, but each like means the victim will get all the information about this page on their news feed (until they unlike the page), and all friends will also see that you like it – so why not check it out themselves?

FB_clickjack_Like_ButtonThis method is possible due to Like Button, a social plugin for Facebook, made by Facebook developers. It is used properly on many legitimate sites, but when combined with CSS hiding and JS moving, the victim has no other chance. If you want to know how to minimize the impact of such tactics, or if you are more into technical details, read on.

Read more…

Comments off
October 16th, 2013

Fake email spoofs AVAST

Malware samples received in the avast! Virus Lab Wednesday show that a spoofed email which looks like it has been sent from AVAST is spreading widely. Fortunately, AVAST detects this malware as Win32:Malware[Gen] and has been blocking the virus since 12:45 pm yesterday.

The email’s subject header says, “Your Order details and Additional information,” and the email message contains standard text that is sent when a person purchases a license from AVAST. The message includes an order number that is not authenticated and does not exist in the AVAST database.

The sender’s email address is noreply@avast.com. This is a fake email address and was not created by AVAST. The email contains an attachment titled avast-Antivirus-Order-Details.zip. The attachment is a file that includes two file extensions – *.PDF.EXE – which is malware.

Our worldwide CommunityIQ sensors automatically detected and provided information to the avast! Virus Lab about these suspicious files, and the new threat was detected and neutralized immediately. So far, our virus lab has received 12,500 malware samples.

Avoid this attack by downloading the new avast! Antivirus 2014 for free.

October 8th, 2013

avast! Free Antivirus for Mac gets first place for malware detection

avast! Free Antivirus for Mac was pitted against 35 other antivirus products designed for Mac OS, including plenty of pricey solutions,  and came out in first place for detection of malware.free-mac

Compared to Windows, Mac users have been relatively free from malware attacks. But cybercrooks are just as aware as antivirus vendors of the behavior of users and their false sense of security and their habit of browsing the internet without security software. You only have to read this blog to learn that cybercrooks are adapting Windows malware for use on their Mac counterparts.

AVAST aces malware detection test

Over 300 malware samples and 35 applications were used to measure the effectiveness of products built specifically for Mac in a recent SecuritySpread.com test. Multiple machines running different operating systems were used to ensure the reliability of the test, and for real-world results, Macs that are used every day for a range of tasks from web development, media center, movie editing to gaming were included. avast! Free Antivirus for Mac had the highest detection rate among them all. The results can be found here.

The Security Spread test was done with avast! Free Antivirus for Mac 7, but in preparation for the official public release of Mac OS X 10.9, aka Mavericks, avast! Free Antivirus 8.0 has been released.  The changes are mostly under the hood, and it requires version 10.6.8 or newer. Download it here.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+.

Categories: Mac Tags: , , ,
September 20th, 2013

Avast! Free Antivirus passes new Antivirus Test with flying colors

cert_133160_avast_freeAVAST is trusted by nearly 200 million people worldwide, and the trifecta of protection, performance, and usability work together to make it the most recommended antivirus protection in the world. If you don’t trust the experiences of 200 million people, how about research from an independent testing lab?

During July and August, when the rest of us were taking vacations at the beach, German lab AV-Test was busily testing 26 home user security products. They focused on realistic test scenarios and challenged the products against real-world threats like detecting brand-new malware, email threats, downloading software, and installing and running programs.

“Avast, once again, has an impressive performance in our tests,” said Andreas Marx, CEO of AV-TEST. Our Facebook fans agree.

FB post2

Avast! Free Antivirus was pitted against mostly paid-for products, and earned the coveted “AV-TEST CERTIFIED” seal for its stellar performance. AVAST scored perfectly in protecting home users from zero-day malware attacks, and identified and blocked all the malware samples AV-Test threw at it.

“The free edition of Avast has shown stellar performance,” said Marx, “The offered protection was a lot better than many commercial anti-malware products. Avast is one of the top products when it comes to malware detection and blocking of known and unknown threats.” Read more…

Comments off
September 11th, 2013

avast! Mobile Security trusted by millions to fight Android malware

50m_en

There have been over 50 million downloads of avast! Mobile Security from Google Play since it was released last year. Android users are becoming more aware of the security and theft issues surrounding their mobile devices, and putting their trust in AVAST. A few weeks ago, avast! Mobile Premium was introduced providing superior back-up and anti-theft technology.

Android is the world’s most widely used mobile operating system (OS). That popularity, together with its open source architecture, makes it a primary target for malware attacks. Android threats make up 79 percent of all known mobile malware, so mobile security should no longer be considered optional.

The avast! Mobile Security Virus Scanner detected 99% of malware with no false positives in a recent test by independent lab AV-Comparatives. That exemplary detection plus the fact that avast! Mobile Security has negligible impact on your smartphone’s performance or battery life, is why we have had 50 million downloads.

mobile malware

How to download avast! Mobile Security

Download avast! Mobile Security from the Google Play store  as the free version or upgrade to avast! Mobile Premium for access to all premium features. avast! Mobile Premium is available for $1.99 per month or $14.99 per year. Download and install on your Android device now.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun, and contest information, please follow us on FacebookTwitterGoogle+ and Instagram.

Comments off
August 20th, 2013

No problem bro – ransom decryption service

If thieves gain control of sensitive personally identifiable information (PII) on your computer, your identity can be stolen.  Information such as your social security number, driver’s license number, date of birth, or full name are examples of files that should be encrypted.  Confidential business data like individual customer information or intellectual property should also be encrypted for your safety.

In this blog post we will look at a service offering file decryption. This service helps you to decrypt files which were previously encrypted. But this is no helpful ‘Tips and Tricks’ blog for people who forgot the password to their documents and ask for help recovering it. Although breaking weak passwords is quite possible, noproblembro.com specializes in a different type of service.

01-noproblembro

Read more…

Categories: analyses, Virus Lab Tags: , ,
Comments off