Every software should have an Easter Egg.  Let me introduce you an Easter Egg in avast! Antivirus 2014…

Slot machine easter egg

Enjoy this “new feature” if you find it

As it’s a slot machine game then there is of course an unexpected surprise when your score is over 200 points…

You can download avast! Antivirus at links available at http://forum.avast.com/index.php?topic=149104.0

AVAST finds new twist on WordPress plugin vulnerability

Today one of our colleagues came into our office and said, “Hey guys, I’ve been infected.” I thought to myself, yeah, how bad can this be? After a bit of digging we found the results were worth it; it turned out to be a really “interesting ” case of mobile redirected threats localized for each country.

All you need is one bad IP

The case was brought to us by Jakub Carda, a fellow AVAST employee who enjoys blogging in his free time. His WordPress site was compromised through a vulnerability in WordPress, more precisely OptimizePress. OptimizePress is a WordPress plugin that fully integrates itself into the WordPress CMS, helping bloggers optimize their blog’s design. A tiny mistake in the code of a file located in: lib/admin/media-upload.php made it possible for pretty much anyone to upload harmful content onto people’s WordPress sites, and plenty of websites have been compromised because of this.

Read more…

Easter egg hunts are a favorite activity for kids and adults alike, and on Easter Sunday, backyards, church grounds and even the White House will host their own competitions. Cyberspace has its own Easter eggs (a hidden message in software applications), and the hunt for them is just as fun as for real eggs. I asked Filip Chytrý, a researcher in the avast! Virus Lab specializing in mobile malware, about his favorite Easter eggs.

“I hate boiled eggs,” Chytrý joked, “but revealing Easter eggs in applications is pretty fun especially if you just have a clue, but don’t have any idea where to start.”

Can Easter eggs be malicious?

We’re not too keen on hidden code that no one knows about here at AVAST, so I thought it was a good question. Filip explained that to successfully make an Easter egg, the programmer has to hide the surprise from his fellow team mates and his employer, as well as the end user. It occurred to me that if programmers can hide fun things, it’s not a huge leap to hiding malicious things. Backdoors, for instance?

“We have not seen an Easter egg that might be considered as malware. There are plenty of original apps for Android which are modified to distribute malware by adding some kind of a downloader, but it’s without the user’s interaction. Easter eggs have remained harmless; Android apps – not so much,” said Chytrý.

Are there Easter eggs in mobile software?

Easter eggs found in older version of Android OS

“There are Easter eggs in the latest versions of Android,” said Chytrý. “To access the Easter egg in your device, open the settings screen and tap About phone at the bottom of the screen. Locate Android’s version number on the about screen and quickly tap it several times.”

It worked with Android KitKat on my Nexus 4, but may not work in the modified OS of some device distributors. Find out how to access older Android OS Easter eggs.

Read more…

Shahrukh Humayun’s smartphone was stolen

Two brave brothers fight off mobile phone thieves in Pakistan market.

We have heard stories about how avast! Mobile Security’s anti-theft feature has helped people recover their lost or stolen phones, but nothing as dramatic as Shahrukh Humayun’s tale of bravery.

Twenty year old Shahrukh and his 17-year old brother, Shoaib, live in Rawalpindi, Pakistan, the “twin city” to the capital, Islamabad. “Pindi” is a thriving urban area with good hotels, restaurants, museums, parks, and numerous markets and bazaars. It’s in one of those busy marketplaces that their story begins.

Shahrukh and Shoaib went to the market one day and were held up at gunpoint by thieves that demanded Shahruck’s HTC EVO smartphone.  Acting bravely to defend the expensive and precious device, Shoaib fought back against the bandits. They shot the teenager in the leg, stole the phone and fled the scene.

In his own words, Shahrukh described what happened:

Respected Avast! Team

I love the avast! android application as it helped me in catching the thieves who stole my mobile when I was in the market.

The story of the incident is that I visited market with my brother and I had a HTC EVO 3D X515m at that time. The thieves called me on the gun point while the area was empty. They asked me for the mobile and when my brother tried to take action they shot him on the leg.

Well, eventually I received an sms from avast that the sim have been changed. I checked my mobile as the GPS was active. I told the police about the incident on the same day and they found the thieves after 8 hours through the Google GPS connected with avast map.

Thank you avast!. Love you

Shoaib Humayun fought theives

All of us at AVAST were touched by the courage of these two young men when faced with danger. We are happy that our anti-theft product proved to be so useful in finding and recovering the phone. More than that, we were concerned about Shoaib. How has he fared since the incident?

Shahrukh gave us an update:

My brother is braver than me. As a result of that bravery he showed his best loyalty to me by fighting with those bandits and got shot on his leg. This event have passed 8 months and he got no sign of bruises on his leg. But thank God he is fine.

Thank you avast for helping me fight these bandits against their unlawful behavior for the country.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.

The majority of AVAST customers running Windows XP said they will rely on AVAST to protect them.

Last month Ondrej Vlcek, Chief Operating Officer of AVAST, shared his opinion on the end of Windows XP support by Microsoft, revealing that 23.6% of AVAST’s over 200 million users were still using Windows XP. Since then less than 2% of AVAST Windows XP users have parted ways with the operating system. We conducted a global survey just days before the support end date to find out how aware our Windows XP users were of the support cutoff and what they were planning on doing.

How aware were Windows XP users that their support was expiring?

Months ago Microsoft announced that it would no longer support Windows XP, sending daily warning messages to XP users a month before the end date, April 8, 2014. The media, especially technology-focused media, has been buzzing about the end of support. Our survey found that 21% of Windows XP users were unaware that Microsoft would be ending support, despite Microsoft’s efforts and the media attention around the topic.

What actions were Windows XP users planning on taking?

Although Microsoft recommends upgrading the operating system as the first option home XP users should take to protect themselves, AVAST found that only 15% of XP users were planning on upgrading their OS. The second option Microsoft suggests is for XP users to purchase a new PC, as many of the newer operating systems aren’t compatible with older devices. This does not seem like a popular option for many XP users, which is understandable considering the costs that come with purchasing a new PC. Only 5% of Windows XP users plan on purchasing a new PC. The majority of AVAST customers running Windows XP said they will rely on AVAST to protect them.

How faithful Windows XP users should protect themselves.

The survey also revealed that 27% of Windows XP users were not planning on doing anything. As AVAST users they are protecting themselves since we will continue to support Windows XP users for at least the next three years. This number is relatively high considering the security risks involved with the OS and makes one wonder how many XP users are not concerned about their protection and aren’t planning on upgrading their OS, buying a new PC or seeking AV that will support them. AVAST has been creating protection modules and detections specifically designed to cover Windows XP vulnerabilities and other security problems. We recommend non-AVAST Windows XP users download AVAST for the added protection. avast! 2014 is a light product, both in terms of speed and resource consumption, tailored for older PCs running XP. In addition to this, we recommend users stop using Internet Explorer, as the browser poses an even larger threat when used on Windows XP. The latest version of Internet Explorer for Windows XP is 8, which is outdated and lacks many security improvements available in later versions of the browser. We recommend XP users switch to a safer browser that updates itself, like Google Chrome.

1) Percent of global AVAST users using Windows XP

Related post: AVAST will continue to support Windows XP for home and business users

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.

For seven years, the CARO Workshop has been hosted in Europe. It is an outstanding technical meeting, attended by some of the best malware researchers in the world. In 2014, the CARO workshop comes to America. ~CARO’s conference official website

We are proud and happy to introduce you to our AVAST speakers and Security Experts from the Virus Lab. Peter Kálnai and Filip Chytrý are going to CARO’s (Computer Antivirus Research Organization) workshop to“Declare war against Android Malware.” We sat together and talked about their presentation, mobile malware, and general trends in the security industry.

Meet our security experts: Peter and Filip.

The theme for this year’s CARO conference is Mobile Space: Malware in a mobile world. As security experts, what changes and specific trends in malware development have you observed?

FILIP Well, this may sound cliché,  but the amount of mobile threats are rising and more sophisticated attacks appear every day. A few years ago, we would observe mostly primitive malware with only one or two capabilities such as to send paid SMS or track your movements. Now, however we have malware that can root your phone and became a device administrator, or command and control Apps which take control of your device by attackers. That’s why I believe we can stay tuned for more conferences concentrated on Android malware.  CARO is first, but hopefully not the last, conference focused on Android and mobile threats.

PETER I can’t recollect a different example, but this year’s CARO Workshop seems to be the first IT security conference completely devoted to mobile malware. The topic of our talk reflects trends in the Android threat landscape. Security experts nowadays observe an increased ratio of total malicious Android packages to unique malware families. Two particular cases appear most: The expansion of usage of Android packers and repackaging benign application with malicious code, so called piggybacking. Read more…

Change your passwords as a precaution against the Heartbleed bug.

We reported yesterday about the serious Heartbleed  bug which allows hackers to steal encryption keys from nearly two-thirds of all websites.

“This is probably the worst bug discovered this year. We believed in the security of SSL/TLS, and now discover that it comes with a hole that allows anyone to read our personal information such as passwords, cookies or even server’s private keys,” said Jiri Sejtko, Director of the AVAST Virus Lab. “We, as end users, simply can’t do anything, but make sure we are as secure as possible.”

That means changing your passwords. Again.

If just thinking about changing all your passwords makes you want to jump out the window, then here are a few tricks to help make it a little less painful. At the end of this post, we’ll share a tip on how to make password creation, as well as remembering them all, as easy-as-pie. So go all the way to the end.

Why do cybercrooks want your password?

It takes serious effort to hijack accounts, so there must be some payoff at the end for cybercrooks.  Obviously, it’s not to get your vacation photos. Money is the most common motivation. Your money.

There are many ways of turning stolen data into money, but one of them is worth highlighting. Research shows that 55% of us reuse passwords on different sites. It is likely that you use the same password for Facebook  that you use for your bank account.  This means that cybercrooks can steal your money much easier. Never use the same passwords on different sites, especially for really important services.

Password basics

1. Use a random collection of letters (uppercase and lowercase), numbers and symbols

2. Make it 8 characters or longer

3. Create a unique password for every account

Tricks and tips

Maximum password security requires at least seven characters, a mix of upper and lower case, a few symbols, and a sense of humor.

Create an acronym using a meaningful, easy-to-remember piece of information. Use a sentence like My wedding anniversary is 28 December, 2001. That phrase turns into this password, Mwai28/Dec.01.

Many sites require a special symbol like ` ~ ! @ # $ % ^ & * ( ) _ – + = { } [ ] \ | : ; ” ‘ < > , . ? /. Use some of those to replace letters. Your password can be this, M<>ai28/Dec.0!.

Read more…

The security community is buzzing with news of a threat called Heartbleed. The bug reportedly affects nearly two-thirds of all websites, including Yahoo Mail, OKCupid, WeTransfer, and others. The bug takes advantage of a vulnerability in OpenSSL, an open-source protocol used to encrypt vast portions of the web. It allows cybercrooks to steal encryption keys, usernames and passwords, financial data and other sensitive data they have no right to.

In a blog post to their users, Tumblr described it this way,

…that the little lock icon (HTTPS) we all trusted to keep our passwords, personal emails, and credit cards safe, was actually making all that private information accessible to anyone who knew about the exploit.

The latest version of OpenSSL fixes the problem and websites are already upgrading.

However, your popular social site, your company’s site, commerce site, hobby site, sites you download software from or even sites run by your government might be using vulnerable OpenSSL, warns Codenomicon on their site about Heartbleed. GitHub compiled a list of sites that are vulnerable, but some may have already been updated. AVAST’s website is safe from the Heartbleed threat.

You can check a site’s vulnerability status at the Heartbleed test site which enables users to enter domains. If a site comes back as an “uh-oh” but doesn’t say “heartbleed” then there may be something else wrong, but it’s not Heartbleed. Update: AVAST’s COO, Ondrek Vlcek recommends this checker, https://www.ssllabs.com/ssltest/analyze.html.

What can you do?

The best advice is to stay away from affected sites for a while. In their report on Heartbleed, Tor advises, “If you need strong anonymity or privacy on the Internet, you might want to stay away from the Internet entirely for the next few days while things settle.”

You need to change your passwords for any vulnerable sites as well. Once affected sites start making the updates, they will most likely advise their customers to change their passwords. Earlier today, Tumblr sent their users a note encouraging them to change passwords to all their online accounts immediately.

“This might be a good day to call in sick and take some time to change your passwords everywhere — especially your high-security services like email, file storage, and banking, which may have been compromised by this bug,” Tumblr said on their blog.

We have written tips about creating strong passwords in the avast! blog. Read My password was stolen. What do I do now? as a reminder.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.

We prepared a special office equipment for our COO and CTO this year on 1st April. They didn’t expect that we were able to prepare better prank than last year. This year the prank consisted of several stages

1. office moved to a new location
2. office filled up with balloons
3. hints of new office location hidden in different locations in AVAST’s offices

The whole preparation took a lot of hours. But the final state of the offices was worth it…

Ondrej Vlcek’s (COO) office

Pavel Kucera’s office

Movement of offices :

Preparing balloon decoration :

Preparing path to new office location, and hints :

 Our founder’s car – hint on right wheel

Final hint in 12th floor – founders tower

Cards to the new offices – flying under ceiling on 12th floor

Morning April 1st – Ondrej open the door

Path to the new office isn’t easy :

Ondrej – Solving a cypher to find the first hint

Pavel – Solving a cypher to find the first hint

To make the story complete – Ondrej and Pavel found their office. They solved the puzzle, followed hints, shot down card and enjoyed a day in new location. Their offices are back in origin location again. Nobody was harmed during whole event…

Prank crew in moved “joined” offices