Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Posts Tagged ‘malware’
October 8th, 2013

avast! Free Antivirus for Mac gets first place for malware detection

avast! Free Antivirus for Mac was pitted against 35 other antivirus products designed for Mac OS, including plenty of pricey solutions,  and came out in first place for detection of malware.free-mac

Compared to Windows, Mac users have been relatively free from malware attacks. But cybercrooks are just as aware as antivirus vendors of the behavior of users and their false sense of security and their habit of browsing the internet without security software. You only have to read this blog to learn that cybercrooks are adapting Windows malware for use on their Mac counterparts.

AVAST aces malware detection test

Over 300 malware samples and 35 applications were used to measure the effectiveness of products built specifically for Mac in a recent SecuritySpread.com test. Multiple machines running different operating systems were used to ensure the reliability of the test, and for real-world results, Macs that are used every day for a range of tasks from web development, media center, movie editing to gaming were included. avast! Free Antivirus for Mac had the highest detection rate among them all. The results can be found here.

The Security Spread test was done with avast! Free Antivirus for Mac 7, but in preparation for the official public release of Mac OS X 10.9, aka Mavericks, avast! Free Antivirus 8.0 has been released.  The changes are mostly under the hood, and it requires version 10.6.8 or newer. Download it here.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+.

Categories: Mac Tags: , , ,
September 20th, 2013

Avast! Free Antivirus passes new Antivirus Test with flying colors

cert_133160_avast_freeAVAST is trusted by nearly 200 million people worldwide, and the trifecta of protection, performance, and usability work together to make it the most recommended antivirus protection in the world. If you don’t trust the experiences of 200 million people, how about research from an independent testing lab?

During July and August, when the rest of us were taking vacations at the beach, German lab AV-Test was busily testing 26 home user security products. They focused on realistic test scenarios and challenged the products against real-world threats like detecting brand-new malware, email threats, downloading software, and installing and running programs.

“Avast, once again, has an impressive performance in our tests,” said Andreas Marx, CEO of AV-TEST. Our Facebook fans agree.

FB post2

Avast! Free Antivirus was pitted against mostly paid-for products, and earned the coveted “AV-TEST CERTIFIED” seal for its stellar performance. AVAST scored perfectly in protecting home users from zero-day malware attacks, and identified and blocked all the malware samples AV-Test threw at it.

“The free edition of Avast has shown stellar performance,” said Marx, “The offered protection was a lot better than many commercial anti-malware products. Avast is one of the top products when it comes to malware detection and blocking of known and unknown threats.” Read more…

Comments off
September 11th, 2013

avast! Mobile Security trusted by millions to fight Android malware

50m_en

There have been over 50 million downloads of avast! Mobile Security from Google Play since it was released last year. Android users are becoming more aware of the security and theft issues surrounding their mobile devices, and putting their trust in AVAST. A few weeks ago, avast! Mobile Premium was introduced providing superior back-up and anti-theft technology.

Android is the world’s most widely used mobile operating system (OS). That popularity, together with its open source architecture, makes it a primary target for malware attacks. Android threats make up 79 percent of all known mobile malware, so mobile security should no longer be considered optional.

The avast! Mobile Security Virus Scanner detected 99% of malware with no false positives in a recent test by independent lab AV-Comparatives. That exemplary detection plus the fact that avast! Mobile Security has negligible impact on your smartphone’s performance or battery life, is why we have had 50 million downloads.

mobile malware

How to download avast! Mobile Security

Download avast! Mobile Security from the Google Play store  as the free version or upgrade to avast! Mobile Premium for access to all premium features. avast! Mobile Premium is available for $1.99 per month or $14.99 per year. Download and install on your Android device now.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun, and contest information, please follow us on FacebookTwitterGoogle+ and Instagram.

Comments off
August 20th, 2013

No problem bro – ransom decryption service

If thieves gain control of sensitive personally identifiable information (PII) on your computer, your identity can be stolen.  Information such as your social security number, driver’s license number, date of birth, or full name are examples of files that should be encrypted.  Confidential business data like individual customer information or intellectual property should also be encrypted for your safety.

In this blog post we will look at a service offering file decryption. This service helps you to decrypt files which were previously encrypted. But this is no helpful ‘Tips and Tricks’ blog for people who forgot the password to their documents and ask for help recovering it. Although breaking weak passwords is quite possible, noproblembro.com specializes in a different type of service.

01-noproblembro

Read more…

Categories: analyses, Virus Lab Tags: , ,
Comments off
August 1st, 2013

Malicious Bitcoin Miners target Czech Republic

Single BitcoinToday we are going to talk to those of you who use Bitcoin digital currency to pay for a variety of goods and services – along with a warning about yet another source of Bitcoin miners – the sharing services. You may think that if you avoid cracks and keygens while browsing the web you will be safe. Well, we would recommend that you reconsider that position. Recently we found that on the uloz.to file sharing service someone uploaded a lot of fake files containing Bitcoin miners!

Bitcoin Mining service

First a little background for the uninitiated: Bitcoins can be obtained by trading real currency, goods, or services with people who have them or alternatively, through mining. The mining process involves running software that performs complex math problems for which you’re rewarded a share of the income. There are a finite amount of Bitcoins to be had, and mining for them can be compared to extracting gold or diamonds from the earth. The more you get, the fewer there are to be had, so it becomes increasingly harder and more expensive. Here’s a descriptive article about mining.

Bitcoin mining services such as bitminter.com use shared computer resources of their users to mine new Bitcoins. In order to participate, the mining users have to create an account and then register their computers (workers) with the service. Then they simply run the Bitcoin miner program provided with their credentials on as many computers as they have. In the end, if they had enough computation power and time they might end up with a few Bitcoins.

It can be expected that some people will not be satisfied just using their own machines so they will try to use the computing power of unsuspecting victims. And that’s exactly what the authors of this malware are doing: They use hardware that does not belong them to generate more money.

It’s not a Bitcoin problem; it’s a people problem

We must stress that there’s nothing wrong with Bitcoin or its mining services. The problem is that some greedy people are misusing them.

Some of them can be seen on the following image.  The word “cestina” means that the file should contain Czech localization of the referenced program. All of them contain a hidden feature, and sometimes the name is a complete fabrication. For example, The-Night-of-the-Rabbit-cestina.exe contains a crack for Call of Duty 4. Notice too, that all these files have an elevated popularity; no doubt a result of tampering. Some downloaders already suspect something fishy about these files.

Uloz.to malicious filesWarning comment on the sharing server.

Read more…

July 11th, 2013

avast! Mobile Security gets Editors’ Choice Award from PC Magazine

pcmag_blogPC Magazine awarded avast! Mobile Security the Editors’ Choice Award for free Android security apps thanks to its “huge array of powerful tools and fine-grained controls.”

A major concern for smartphone owners is the increasing threat of malicious software targeting Android OS. Max Eddy, software analyst for PC Magazine, writes that, “avast! is well-positioned to guard against new threats that use novel attack vectors we’ve yet to imagine.”

Running quietly in the background, with no system slow-down or stuttering, “avast! will also keep an ever-vigilant eye on your device, warning you as soon as it detects something it doesn’t like,” he writes in his June 2013 review.

But these days, it’s more likely that you will fall victim to theft and loss instead of malware. Eddy explains, “In this department, avast! has an impressive slate of features and controls.”

In case your phone walks off somewhere, you can use the my.avast web portal where you can remotely locate, lock, or wipe your device, and set off the alarm. Eddy said, “I was particularly impressed that the alarm was not only loud, at 96 dB, but also highly illustrative. ‘This phone has been lost or stolen,’ said my S III, cycling between that phrase and what sounded like a Star Trek warning klaxon.”

Make sure you install avast! Mobile Security, the Editors’ Choice for free Android security suites, on your smartphone and tablet. It is available for free in the Google Play store.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun, and contest information, please follow us on FacebookTwitterGoogle+ and Instagram.

July 3rd, 2013

Fake Flash Player installer spreads via Twitter and Facebook

Recently we identified a threat which uses Twitter and Facebook to spread. The origin of the infection begins by clicking malicious tweets or Facebook posts.

fakeflash_sc01
Read more…

July 3rd, 2013

avast! Free Antivirus is the best deal for the Real World

In the “real world” of monthly bills and rising expenses, a decision about antivirus protection often comes down to the best protection for the money – and that’s where avast! Free Antivirus wins out over the rest.

In the May 2013 Real-World Protection Test by AV-Comparatives, avast! Free Antivirus was up against 19 paid-for internet security suites which could cost the customer up to  $60 per year. avast! Free Antivirus passed the tests with honors and was the only free solution to receive the Advanced+ rating!

The test created a real-world scenario using a typical setup that many of us have; Windows 7 and software such as Adobe Flash and Acrobat Reader, Java, etc.  To show how well antivirus products protect the user’s computer when surfing the web, the testers pitted AVAST and the others against threats we encounter in everyday life. They used  431 current dangerous exploits, URLs with known malware, and even a few malicious files from email attachments. avast! Free Antivirus blocked 99.3% of the threats.

AVComparatives Real World test

 

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun, and contest information, please follow us on FacebookTwitter,  Google+, and now,  Instagram.

June 25th, 2013

Story of the Cutwail/Pushdo hidden C&C server

This is a loose sequel to the Cutwail botnet analysis blogpost published on the malwaremustdie.blogspot.com. In this blogpost I will primarily focus on the downloaded PE executable itself (SHA256: 5F8FCC9C56BF959041B28E97BFB5DB9659B20A6E6076CFBA8CB2D591184C9164) and the network traffic that it generates. I will also reveal a hidden C&C server.

But first let’s quickly go through the things it does at the beginning:
- It registers an exception handler that will only start the process again using CreateProcess().
- It performs a check whether it has admin privileges.
- It checks or creates a mutex named “xoxkycomvoly” (hardcoded identifier used on multiple occasions).
- It checks or creates couple of registry entries under HKCU\Software\Microsoft\Windows\CurrentVersion.
- It checks if the process image filename is “xoxkycomvoly.exe” (it restarts for the first time).
- It nests into the system by creating autorun entry in registry under HKCU\Software\Microsoft\Windows\CurrentVersion\Run.
- It copies itself to the user’s profile directory named as “xoxkycomvoly.exe”.
Then on the first time an exception occurs and the sample is restarted from the user’s profile location named as “xoxkycomvoly.exe”.

Initial startup activities

Initial startup activities

After these initial steps, the sample starts communicating heavily over the network.
Read more…

Comments off
June 18th, 2013

Your Facebook connection is now secured! Thank you for your support!

The title of this blog post may make you think that we will discuss the security of your Facebook account. Not this time. However, I will analyze an attack which starts with a suspicious email sent to the victim’s email account.

The incoming email has the following subject, ‘Hey <name> your Facebook account has been closed!‘ or ‘Hi <name> your Facebook account is blocked!‘. The email has a ZIP file attachment with name <name>.zip, which contains a downloader file named <name>.exe. <name> stands for a random user name. After a user downloads and executes the executable file, he is presented with the message saying that “Your Facebook connection is now secured! Thank you for your support!” It tries to convince you that there was a problem with your Facebook account, which was later successfully solved by executing the application from the email attachment.

Let’s look inside the executable file!

fbsec01

Read more…

Comments off