Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Posts Tagged ‘mobile malware’
June 20th, 2014

Samsung Galaxy S5 and other popular phones vulnerable to “TowelRoot” Android exploit

avast! Mobile Security detects TowelRoot exploitsavast! Mobile Security protects from an Android flaw which leaves nearly all new smartphones and tablets vulnerable to attack.

Last week, a wave of articles about a newly discovered Android security flaw flooded the Internet. They sounded a warning, similar to this:

“A flaw in the Android operating system may leave many Android phones and tablets vulnerable to attack, including the Samsung Galaxy S5 and Google’s own Nexus 5,” reported Jill Scharr in a Tom’s Guide article.

Our Virus Lab did not waste  time and started preparing for the inevitable attacks. AVAST researchers dug into the subject looking for malware to make  sure that avast! Mobile Security is ready to protect our users. If you are an avast! user and your tablet or smartphone is protected by avast! Mobile Security, you are protected.

“Even though TowelRoot is not malicious itself, it may be misused as an exploit kit. Generally, TowelRoot can be used as a delivery package for malicious applications,” explained  Filip Chytry, an AVAST Virus Lab expert on mobile malware. “It’s capable of misusing a mistake in Android code which allows attackers to get full control over your Android device. TowelRoot itself is more a proof-of-concept, but in the hands of bad guys, it can be misused really quickly. For this reason we added it to our virus signatures, so Avast detects it as Android:TowelExploit.”

Android has not made an official statement on the security flaw, however our researchers confirm that even the latest versions of the operating system are exposed (version 4 and all higher). It is very likely that versions 3.0 can be attacked, too. For those who just purchased an Android device or don’t have protection yet, we strongly recommend that you install avast! Mobile Security, before taking any further actions. Despite the fact that some of the mobile providers claim that their devices are immune to this particular Android exploit, it is highly risky to leave your device unprotected.

What is the TowelRoot Android vulnerability?

Earlier this month a security flaw in Linux, the operating system which Android is based upon, was discovered by a young hacker known as “Pinkie Pie.” Soon afterwards, a gifted teenager, notable because he was the first to unlock the unlockable –  an iPhone at the age of 17, prepared a tool kit for potential hackers. Its instructions are available publicly to “purchase,” allowing even less advanced programmers to write a script that will use the exploit.

The potential exists for hackers to take full control; to simply root your device. So far the AVAST Virus Lab has not observed any massive attack, however knowing about the potential risk, our Virus Lab is ready for the attack. avast! Mobile Security is capable of discovering different variations of malware code required to exploit the bug.

Who is exposed and how to protect yourself?

Basically everyone who owns an Android device without proper antivirus protection, tablet or mobile phone, with any version of Android OS, including the newest one is at risk for malware.

In order to prevent this exploit, or any other malware attack, once you purchase your device, we advise to install antivirus first, before installing any apps, importing contacts, or starting to browse online. Our avast! Free Mobile security, as well as its Premium version are available to download and install from Google Play.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

June 5th, 2014

SimplLocker does what its name suggests: Simply locks your phone!

A new Android mobile Trojan called SimplLocker has emerged from a rather shady Russian forum, encrypting files for ransom. AVAST detects the Trojan as Android:Simplocker, avast! Mobile Security and avast! Mobile Premium users can breathe a sigh of relief; we protect from it!

malware, mobile malware, Trojan, SimplockerThe Trojan was discovered on an underground Russian forum by security researchers at ESET. The Trojan is disguised as an app suitable for adults only. Once downloaded, the Trojan scans the device’s SD card for images, documents and videos, encrypting them using Advanced Encryption Standard (AES). The Trojan then displays a message in Russian, warning the victim that their phone has been locked, and accusing the victim of having viewed and downloaded child pornography. The Trojan demands a $21 ransom be paid in Ukrainian currency within 24 hours, claiming it will delete all the files it has encrypted if it does not receive the ransom. Nikolaos Chrysaidos, Android Malware Analyst at AVAST, found that the malware will not delete any of the encrypted files, because it doesn’t have the functionality to do so. Targets cannot escape the message unless they deposit the ransom at a payment kiosk using MoneXy. If the ransom is paid the malware waits for a command from its command and control server (C&C) to decrypt the files.

What can we learn from this?

Although this Trojan only targets a specific region and is not available on the Google Play Store, it should not be taken lightly. This is just the beginning of mobile malware, and is thought to be a proof-of-concept. Mobile ransomware especially is predicted to become more and more popular. Once malware writers have more practice, see that they can get easy money from methods like this, they will become very greedy and sneaky.

We can only speculate about methods they will come up with to eventually get their malicious apps onto official markets, such as Google Play, or even take more advantage of alternative outlets such as mobile browsers and email attachments. It is therefore imperative that people download antivirus protection for their smartphones and tablets. Mobile devices contain massive amounts of valuable data and are therefore a major target. 

Ransomware can be an effective method for criminals to exploit vulnerable mobile users, many of which don’t back up their data. Just as in ransomware targeting PCs, this makes the threat of losing sentimental data, such as photos of family and friends or official documents, immense.

Don’t give cybercriminals a chance. Protect yourself by downloading avast! Mobile Security for FREE.

January 29th, 2014

How are you doing Mr. Android?

First of all, I would like to shift your attention a bit backwards. No worries! This is not a history lesson or something from the ancient past.  Rather, I would like to share with you folks some Android statistics from the last two years. Hopefully, it will give you a better idea about which malware is spread around the most. By the way, if growth of Android malware was on the stock exchange and you had invested some money in it, you would have become a billionaire a few months ago. So let’s check out some graphs!

cumulative samples 2

In the first graph you can see how many samples we have to process in our databases. It shows dates between 2010 through the end of 2013. Pretty nice growth, isn’t it? By the end of 2013, we had almost 800,000 unique suspicious Android samples which we had to process and cover in VPS updates.

detections

In the second graph, you can see the TOP 10 detections of malware families we have seen during the last half of the year. The majority are fake applications or data stealing apps. This group of malware can really easily mess up your device. Data which is mined from these apps can be used against you. Last year, I blogged about a few examples which we saw infecting devices – but that was just a piece of a bigger pie.

What might be strange in the second graph is that four of the top ten have something to do with SMS sending. That means they are able to steal your money using SMS messages. That’s probably the most common way for mobile cybercrooks to quickly steal money. For malware programmers, it is really easy to access those parts in devices and send premium messages.

I hope that even skeptics will agree that protecting your device from malware threats is necessary these days. :) Try avast! Mobile Security for free.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

December 27th, 2013

What bugged AVAST users this year: Mobile malware and fraud

Last year, on Christmas day, over 17 million new mobile devices went online. Before the ribbons and wrapping paper could be discarded, cybercrooks started their attacks.
santa-with-mobile

In the first half of this year, experts said that 79 percent of all mobile malware attacks were on Android systems. When we asked Ondrej Vlček, AVAST’s Chief Technology Officer, about mobile security in 2013 and what we can expect in 2014, he answered, “Mobile threats will certainly continue to be on the rise. We see nearly 2,000 new malware samples on Android every day, and this is up from maybe 50 a year ago. It’s quite likely that the trend will continue. Especially if you are running an Android device, you absolutely need to install a security product.”

Online fraud goes viral on mobile

Paving the way for a mobile-payment driven future like Japan and Singapore have developed, mobile phones morphed into wallets during 2013, including SMS, WAP and near-field communications (NFC) payment. Data privacy and security have emerged as critical issues over the past few years, and will continue to be important as these new mobile payment options introduce new threats of data hacking and fraud.

AVAST detected an average of 1,839 new mobile malware samples a day, about 60 to 70% of which were designed to send and charge mobile users for premium SMS.

Speaking to SC Magazine about mobile malware, Vlček said, “Especially on Android, the KPIs are exploding, because its openness and design make it a logical choice for the attacker, and it has reached a critical mass in terms of penetration and market share.”  And, he adds, with the smartphone’s ability to send premium SMS and spam SMS messages offering new channels for malware writers to make money, it’s only going to get worse.

AVAST this year has also seen more targeted attacks where the goal is to steal users‘ financial transaction data and ultimately their money. This includes hacking specific banks by manipulating their Internet banking interfaces to steal the customer’s personal data.

BOGO AMSpost-en

It’s a good idea to follow Ondrej’s advice and get a mobile security product for your Android smartphone or tablet. We suggest PC Mag’s Editor’s Choice award winner, avast! Free Mobile Security.

Upgrade from avast! Free Mobile Security to avast! Mobile Premium for your device and get a second license free of charge for a friend!

To get this offer, install our top-rated avast! Mobile Security app, then click on the Go Premium! button and follow the instructions. This offer is valid from now until the end of December.

Buy One, Get One: avast! Mobile Premium.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

Comments off