The latest version of Android 4.2, code-named “Jelly Bean” has been released some time ago. While being just an incremental update to the major 4.0 release “Ice Cream Sandwich”, Google introduced some major new features within that update. While offering multi-user support and improved notifications, a new feature which is being promoted heavily, is the built-in app scanner which should protect Android devices from being infected by malware.
The client side app scanner of Android 4.2 is the next step in Google’s attempts to protect their Android ecosystem from malware threats, after introducing Bouncer, a server-side malware scanner used by Google to analyze apps that are being uploaded to Google Play Store. Bouncer was announced in February 2012 and is Google’s approach to prevent malware from being uploaded to the Google Play store as a first line of defense.
Now, some authors claim that third party mobile security tools are most likely not needed anymore, because Google now already pre-checks all mobile apps. I’ve been closely monitoring all those changes and improvements because I wanted to make my own mind on how successful these attempts by Google would be and to find out how our Android antivirus scanner delivered within our free avast! Mobile Security suite (http://www.avast.com/free-mobile-security) would stack up to what the operating system vendor itself would be able to provide.
Since months before the release of avast! Mobile Security in December 2011, our virus lab was working on setting up the initial state of our Android malware database. The database contains signatures of all the malicious files our virus lab guys find over time and is being extended day-by-day to contain definitions of the newest threats in real-time. Currently, tens of millions of Android devices owned by our users download those definitions every day to their avast! client side scanners. So I just went to our virus lab and asked the guys there to provide me with some statistics on the growth of our Android malware database.
As I already stated, Bouncer was thought to be the first line of defense, and tries to protect the main source of app downloads from malicious offerings. Could it be that as a result of introducing Bouncer, our malware database stopped growing or started to decline in size when Bouncer was introduced? Has Google been successful? See for yourself:
Android Malware Database History (Click to enlarge)
Obviously, since February 2012, our Android malware growth has not started to decline; it has not even stalled its growth, but has been continuously growing since that point in time. Read more…
Last week we told you in the avast! blog about the nasty attack against Android smartphones which could lock the SIM cards or completely wipe all of the data and reset to factory settings. We are pleased to confirm that the newest update of avast! Free Mobile Security protects against USSD attacks, without having to install additional tools.
“The benefit of our solution is that we do not require the user to install an additional tool, as the newest update of avast! Mobile Security already contains the protection,” said Reinhold Holzner, Managing Director of AVAST Software Austria. “All you need to do is to accept the program update on your smartphone.”
Avast! Free Mobile Security is a full-featured anti-theft and anti-malware app for Android smartphones and devices. With special “stealth” and remote-access features, including lock, wipe and siren, as well as an abundance of remote text commands, smartphone users are protected against the loss or misuse of their device.
Avast! Free Mobile Security is completely free and available through Google play. Protect your devices now, and please tell a friend about it too.
Researchers have determined that an attack which can wipe data from Samsung Android devices when visiting a malicious website can also be used to lock the SIM cards or completely wipe all of the data from many other Android phones. In addition to web pages, the attack can be triggered through SMS, or by a rouge NFC tag or QR code.
Mobile geek Dylan Reeve explains how the attack works. Computerworld summarizes it like this, “The attack can be launched from a Web page by loading a “tel:” URI (uniform resource identifier) with a special factory reset code inside an iframe. If the page is visited from a vulnerable device, the dialer application automatically executes the code and performs a factory reset.”
Check if your smartphone is vulnerable
Here is a way for you to check if your phone is vulnerable to this remote wipe threat: Visit http://dylanreeve.com/phone.php on your Android device, and if your phone is vulnerable, you’ll immediately see your phone’s IMEI number pop up. I checked my HTC Google Nexus One this way, and it came back as being vulnerable. Other phones reported to be affected include the HTC One X, Motorola Defy, Sony Experia Active, Sony Xperia Arc S, and the HTC Desire. Reeve says that Samsung fixed the USSD/MMI code execution issue for Galaxy S III devices, but it appears that all 4.1-based builds are safe, and some 4.0.4 builds as well.
Currently avast! Mobile Security is actively blocking URLs containing malicious code that triggers the exploit. Our Android users can expect an update containing protection against this kind of attack soon. We’ll let you know when that is released.
Edit: We are pleased to confirm that the newest update of avast! Free Mobile Security protects against USSD attacks, without installing additional tools. All you need to do is to accept the program update offered by avast! on your smartphone. Please share this message with your friends who are Android smartphone owners. They might need avast! Mobile Security too. Thank you.
How many times have you dropped your mobile phone? As much as I try to take good care of my phone, I can count at least 3 times that it has slipped out of my hand and landed with a sickening crunch on the pavement by my feet. Thankfully, my Nexus 1 (it’s ancient, I know) seems to handle the abuse, and except for some external bruises, it works fine. But that’s not always the case. One of our Facebook fans wrote this testimonial today on our wall.
I had an issue on the weekend with my phone and Avast has saved the day!!!
I had dropped my new Galaxy SII HD LTE and was unable to view or alter the phone due to a broken screen. My replacement is on the way but I wanted to ensure my phone was wiped and factory reset before I sent it back to Bell.
Without Avast Mobile on the phone this would have been impossible, so I would just like to say THANK YOU! One quick text and the phone was wiped and factory reset.
You have secured the integrity of my data and assisted when I needed it most. THANK YOU a Million times over.
avast! Free Mobile Security – the new anti-theft and anti-malware app from AVAST Software – has been installed by over one million smartphone users in just 16 days.
This threshold was crossed on January 6, only 16 days after avast! Free Mobile Security was placed in the official Android Market.
“This has been a really fast-paced launch, surpassing the results from competing products,” said Ondrej Vlcek, CTO for AVAST Software. “It required Lookout a full six months to reach the one-million level for their mobile security product.”
avast! Free Mobile Security is a full-featured anti-theft and anti-malware app for Android smartphones. Read more…
The holiday season may be over, but the gift-giving is still going strong.
AVAST Software and Android Police have teamed up to give away ten Galaxy Nexus smartphones to readers of the popular Android news site.
To enter the contest, visitors to the Android Police site just need to register their name, email address, and show how they have spread the news about the Galaxy Nexus giveaway and avast! Free Mobile Security to their friends via social media including Twitter, Facebook, and Google+. The more ways users spread the news, the higher their chances are of taking home a new phone.
This contest started on January 2 and runs through Saturday, January 7, closing at precisely 23.59 PST.
So, enter quickly and be social. ( :
On 21 December, 2011, we launched our Android antivirus/anti-theft solution (see our official press release). The beta version, released a few weeks earlier, was well received, and generated a lot of initial buzz in the Android community. What follows are quotes from early reviews, many of which were written about the beta version. We have also received a lot of great feedback from our avast! user community, and thus a few days ago AVAST CTO Ondrej Vlcek responded to 10 frequently asked questions about avast! Free Mobile Security.
Here is some of the initial praise from the Android community:
“It has the potential to overshadow just about all of the apps in our Mobile Security App Shootout.”
“A strong contender for the best overall security app on Android.”
“Extremely sophisticated security solution accessible to everyone.”
– Android Police (product review, 7 December 2011)
In a few days, the world will ring in the New Year with renewed hope for a bright future. Predictions are being made about what 2012 will bring, and unfortunately instead of focusing on the positive, many of them are bleak. One that stands out is the prediction that the world will cease to exist on December 21, 2012 (according to the Mayan Long Calendar.) Thankfully, that one has been debunked – but we’ll see…
Here at AVAST, we are confident that we’ll have another great year protecting millions of happy internet surfers from all the nasties out there, but here are some educated predictions about what CyberThreats 2012 has in store for us, and how you can stay protected. Read more…