Protecting over 230 million PCs, Macs, & Mobiles – more than any other antivirus


Archive for March, 2013
March 28th, 2013

2013 AV-Comparatives Security Survey: Great news for AVAST


Results of the AV-Comparatives 2013 Security Survey (pdf) are in, and once again AVAST leads among consumer preferences. Since AV-Comparatives is an independent testing firm, we always look forward to what they have to say. Here are some highlights:


According to survey respondents, AVAST remains the most widely used antivirus solution worldwide, claiming first place as the most used computer antivirus in Europe and South/Central America. :)

We are also glad to report that AVAST is the only brand to be among the top three most-used brands in all four global regions surveyed. ;)

At the time this survey was conducted, AVAST was protecting just over 184 million PCs, Macs, and mobile devices.



To make the above news even better, the survey’s respondents requested AVAST as their top interest for future testing.   Read more…

Comments off
March 28th, 2013

The avast! 8 User Interface: A study of change

UI big smiley

The “creepy” smiley face


Everyone knows that change is not easy. When a decision is difficult, people tend to go with the status quo or choose to do nothing. So when we decided to update the look of Avast for version 8, we first had to get through the challenge of change.

One of the most important aspects of our software is how it looks and how user-friendly it is. When our designers started working on the new look, they were met with some skepticism. I mean, how do you completely overhaul a design that 170 million users and hard-nosed critics alike publically admired? You start by putting it out there and seeing what comes back.

Beta testers get creeped out

When we had the private beta for our new avast! 8, the conversation was mostly focused on technical issues, but there was some discussion regarding the look of the user interface (the UI is part of the application where the user interacts with the software). Interestingly, the big smiley face drew attention early on in the conversation.

“These ear-to-ear mouths look totally creepy. This includes the smiley in main avast! 8 interface and also in the installer. “

“How about getting rid of the smiley completely.”

“The smiley is very childish . . . I vote to go back to the green checkmark.”

“there are some who like it…”

Don’t fix it if it ain’t broken

After taking the feedback of our beta-testers, our designers did some tweaks, including the smiley face, then asked Avast employees to take a look at a few designs including these:



UI2Because change is so hard to make, especially when you like the old ways so much, we had a difficult time switching our vision from the previous familiar version of avast! to the new modern, simplified version. The comments skewed on the negative side at first:

“Both are ugly, but the first one is brighter, so the tiles are more separated from the background.”

“I don’t like them either. The second is a little better in terms it looks like rings or a snake…”

“Better no background than this. No offense but it looks like someone’s yesterday’s dinner. =)”

“I like the design, but I don’t understand the background.”

Several choices were given for the paid-for products, including this one, and again, we were struggling with change, but starting to adjust our vision.

UI Blk2

These dark backgrounds stirred imaginations, and from the comments, you can tell that we have some SciFi fans among us.

“Background design je jak z nejake Sci-fi filmu. Uz si jen domyslet ty vetrelce uvnitr lodi..(Background design is both from a Sci-fi movie. Uz can just imagine the intruder inside the ship ..)”

“Sorry, but all of them look somehow like the walls of a wraith starship in StarGate Atlantis. Probably pure colors or a very simple pattern would be better.”

“To me they are indeed too dark and scary. The art is nice though, but suitable more into the Alien/Prometheus starship control panel.”

“Current themes look pretty scary. On the other hand I really like the idea of bringing in some ‘natural beauty’.”

Repeated exposure to the new look was prompting us to think about it – we thoguht about what was best for our users, we asked questions and wondered out loud how to improve the design. One commenter noted,

“I think all of them are good because they started this long discussion. ;-) So they raise emotions, which is good.”

Suggestions started coming in:

“Probably pure colors or a very simple pattern would be better.”

“Is the background going to be user-customizable?”

“I also don’t like that mixture of fonts used, especially that tall and wide fonts are combined.”

Dimmer switch not included

Finally, avast! 8 was released to the public, and a whole new set of eyes got to see it for the first time, arguably the most important eyes – our users. Many comments reflected that same reluctance to change that we noticed internally.
UI new white1

“The free UI really does need more contrast, but would I go back to avast 7 over aesthetics no, but avast 8 free hurts my eyes.”

“Big childish blocks that look like it belongs in a baby’s play pen. I love Avast and have been using it for over 5 years, the guts and glory have always been robust but this 2013 windows 8 look makes me want to barf!”

“I had to clean out my eyes with Scotch Whiskey,  twice!”

 “I wish the Free GUI had a dimmer switch.” 

“Slowly becoming accustomed to the new GUI, otherwise it is the quality I have come to expect”

UI new blk1

At least one person gave up completely and complained,

“I had come to know where everything was located and could get what I needed done very quickly. Now there’s a whole new GUI and I have to relearn where everything is. I’M DONE WITH AVAST AND WONT EVER USE IT AGAIN, free or otherwise.”

Others were more practical:

“It’s always disconcerting when old friends change – like Avast. I am not fond of the Windows 8 look but suppose I will adjust.”

“User Interface, who really cares, it’s hardly ever looked at except in screenshots or, when you first install avast!.”

“So who cares about the GUI. Just keep my machine clean :)”

And some were fans right away.

“I just love the new UI, it’s much more compact ^^”

“I think avast! 8 is amazing. I for one love the new GUI of the free version.”

“i like the new interface……have to change every so often……as long as it’s avast-it’s the best”

“I absolutely love avast! pro v8. Great looking GUI. Great protection. It has everything I need and use. Nothing goes to waste.”

One member of the forum summed it up by saying,

“Some people just don’t like change but I think the new version is the best yet! Well done!”



Categories: General Tags: , , , ,
Comments off
March 25th, 2013

Fake Facebook login pages spreading by Facebook applications

Another wave of Facebook phishing is spreading among Facebook users. Imagine you get a message from another Facebook user with a link to a new amazing Facebook app. Even if the sender is not your friend, you decide to go to the link. Instead of an application you see a fake Facebook login page. But here’s the catch – you don’t know it’s a fake!

Recently we have encountered a lot of Facebook apps which do nothing but redirect users to a fake Facebook login page. You cannot recognize from the link that the application has no real content. The URL of the application looks like where app_id is 15-digit identification number of the application. The application link usually contains its name (, but using the application ID in the link is also possible.

Read more…

Comments off
March 25th, 2013

Personal identification numbers (PINs) need protection too

ATM PINBy now, avast! users are aware of the importance of creating strong computer passwords, and guarding their Social Security number like a trained Doberman. But what about the humble four-digit personal identification number (PIN)? PINs are security features just like passwords. They give access to your mobile phone, credit card, bank account, and numerous other things. My garage door opener even has a keypad and PIN. Because it’s the key that unlocks so many doors, literally and figuratively, it pays to keep your PINs safe.

Here are some things to remember when choosing a PIN:

  • Be more original than 1234. One in 10 people use this number combination. Together with 1111 and 0000, these three combinations make up nearly 20% of PINs. Think of it this way, if you find an ATM card on the floor, you have a 1 in 10 chance of getting the correct number if you type 1-2-3-4 .
  • Using your birthdate as a PIN is a bad idea. Everyone carries their driver’s license in their wallet with their ATM card. The birthday information gives a wallet thief both the lock and key in a convenient location. One study said that one out of 15 wallet thief victim’s also had their ATM raided!
  • Forget about your address too. Your house or apartment number is also printed on your driver’s license, so it’s easily found.
  • Keep LOVE in your heart, not on your phone. 5683, which spells out “love” on the keypad is very popular.  Use a less popular word, maybe 9278, which spells “wart.”

Here are some tips to secure (and remember) your PIN:

  • Use the bank assigned number. Just don’t write it on your ATM card.
  • An old phone number, student or work ID is good, as long as they’re not listed anywhere.
  • Choose a meaningful number. The score of the big game (your favorite basketball team won 80-58, so the PIN is 8058).
  • Base the number on a phrase instead of a word, such as 2432 for “Avast is FREEking awesome” (AIFA).
  • Hide the number in a fake contact. If you have too many PINs to remember, make up a fake contact with a fake phone number and keep it in your phone. Just don’t let the battery run out!

Share your tips in for creating strong PINs and how to remember them in the comments section.  And please follow us on social media. We can be found on Facebook, Google+ and Twitter.

March 20th, 2013

Avast Browser Cleanup at work

Does this internet browser window look familiar to you?


If so, you may be the victim of unwanted multiple browser toolbars. These browser add-ons have become a real problem in the last couple of years. Unfortunately, much free software nowadays comes with some unwanted add-ons; in most cases a so-called browser toolbar is installed. Many toolbars can be quite annoying because they:

Read more…

Categories: General Tags:
March 20th, 2013

Banker Omnia Vincit – A tale of signed Brazilian bankers

Let us present the long-term analysis of malware which was designed to steal credentials from more than 25 largest banking and payment systems in Brazil. The unique features of this banking malware include the usage of valid digital certificates, 3 years of evolution and stealing credentials from e-commerce admin pages. This feature opens doors for attackers, who can then log in to e-commerce systems and steal information about customers and their payments.

This malware family combines all of these powerful functionalities and serves as a comprehensive tool for stealing money and sensitive personal data with dangerous efficiency.

Download full whitepaper in PDF format here.


Comments off
March 19th, 2013

Analysis of Chinese attack against Korean banks

In this blog post, we will look at the attack originating from hxxp:// and targeting several major Korean banks.

The site,, is a legitimate Korean website which belongs to Korea Software Property Right Council (SPC). After opening the site and showing its source code, we looked into the included script /js/common1.js. This script includes another two javascripts ( the third one is commented out ). When we opened both of these scripts, we noticed a suspicious iframe tag at the end of /js/screen1.js. This iframe tag led us to, which is the main attack site.

01-original_website Read more…

Categories: analyses, Virus Lab Tags:
March 18th, 2013

Granny Scams target senior citizens

granny scamsThe “Jamaican lottery scam,” also known as advanced-fee fraud, is made up of scam artists that trick people, mostly senior citizens, out of their money with a false notification of a lottery winning, inheritance or Publisher Clearing House sweepstakes prize. In these “granny scams”, the fraudsters convince the victim to send money in order to secure their winnings.

  • A 79-year-old woman from Maryland received a phone call announcing that she had won sweepstakes money during a time when she was struggling to pay her family’s hospital bills. Over seven months, she was scammed out of $30,000.
  • An 80-year-old man from an affluent neighborhood in a suburb of Detroit, Michigan got caught up in a scam and it cost him $48,000 before he realized he was being played. The con started with a letter stating, “You’ve won $ 2.5 million and a brand new Mercedes Benz.” The catch was he needed to send cash up front to collect the winnings. Police say that the scammers contacted the man every day and he repeatedly sent money cards that were transferred into cash.
  • A woman in Colorado received a message that she won a high value lottery from a person pretending to be her Facebook friend. The fake friend told Michelle Harlow that she won $90,000 dollars and that Harlow was qualified to get the same prize. Harlow said a red flag went up in her mind when the person asked for a $500 money order.

Read more…

March 15th, 2013

We are looking for a Japanese and Brazilian Queen/Kings of AVAST FREEks!

Part time job for a social media agent :) 

Do you blog, comment, respond, post, chat, like, re-tweet, add to circles, pin…? Do you monitor what’s hot on social media in your language? Do you have 2 hours a day that you can fully dedicate to avast! social media? Can you be the eyes and ears of avast! in your country as if your own reputation depended on it?

We seek a highly motivated individual with experience and fanatical passion for blogging, micro-blogging and community participation to simply communicate with avast! followers in your mother tongue. You will help us approach new users in your country, so we can spread avast! Free Antivirus across the globe!

This is a part time position – at least 10 hours a week

That will not happen to you :)



Read more…

Comments off
March 11th, 2013

Mobile Drive-By Malware example

Several days ago we received a complaint about After a bit of research, we found that it tries to mimic and jquery, but the code is an obfuscated/packed redirector.

After removing two layers of obfuscation, we found a list of conditions checking visitors’ user Agent. From these conditions. we got a clue and focused on mobile devices.


Read more…

Comments off