Protecting over 230 million PCs, Macs, & Mobiles – more than any other antivirus

October 2nd, 2015

Avast at Virus Bulletin Conference 2015

Our team had a wonderful time meeting and networking with the crème de la crème of security industry professionals at this year’s Virus Bulletin Conference in Prague, of which we were a proud platinum sponsor. Throughout the conference, a handful of Avast employees presented talks a variety of today’s most prominent security-centered topics. For those who weren’t able to make it to the conference, we’d like to provide a brief recap of the content that was covered.

Taking a close look at denial of service attacks

Avast senior malware analysts Petr Kalnai and Jaromir Horejsi discuss distributed denial-of-service (DDoS) attacks.

Avast senior malware analysts Petr Kalnai and Jaromir Horejsi discuss distributed denial-of-service (DDoS) attacks.

In their presentation, “DDoS trojan: a malicious concept that conquered the ELF format“, senior malware analysts Petr Kalnai and Jaromir Horejsi discussed the serious issues relating to distributed denial-of-service (DDoS) attacks.

Abstract: DDoS threats have been out there since the Internet took over half of global communication, posing the real problem of denial of access to online service providers. Recently, a new trend emerged in non-Windows DDoS attacks that was induced by code availability, lack of security, and an abundance of resources. The attack infrastructure has undergone significant structural, functional and complexity changes. Malicious aspects have evolved into complex and relatively sophisticated pieces of code, employing compression, advanced encryption and even rootkit capabilities. Targeted machines run systems supporting the ELF format – anything from desktops and servers to IoT devices like routers or digital video recorders (DVRs) could be at risk.

Read more…

September 30th, 2015

Why independent testing is good for Avast Antivirus


Avast Free Antivirus just received another AV-Test certification for its stellar protection against real-world threats, performance in daily use, and usability.


Yay! It’s like collecting another trophy for the display case or another blue ribbon to hang on the wall, but what does it really mean? How is this type of testing useful for you, our customers?

Ondrej Vlcek, Avast’s Chief Operations Officer explains,

Because of the overwhelming growth of malware targeting consumers and businesses, labs like AV-Test Institute have become an invaluable independent source of data to Avast. Their research has influenced our engineers to expand their knowledge of malware, revolutionize diagnostic and detection methods, and facilitate strategies to get real-time updates to hundreds of millions of people who put their trust in our antivirus products.”

Here’s a little background on the testing lab.

AV-Test Institute is an independent lab designed specifically for testing and researching malware. Located in Magdeburg, Germany, they inhabit 1200m² (12,900 ft²) of space with 3 server rooms and a variety of main and secondary laboratories.

Read more…

September 29th, 2015

Cybersecurity tips for business travelers

business trip - working late

Sensitive business data is at risk when you travel. Take precautions to protect it.

Cybersecurity is not limited to your office or home. Nowadays, many of us use the same devices for work and personal business, so when traveling we need to be extra diligent to protect our devices and the data we have on them. If you use common sense and a bit of Avast technology, all your devices – laptops, smartphones, and tablets, can remain secure wherever you are.

Here are a few things you can do before you go and while you’re on-the-road:

1. Install antivirus protection. Your first and best line of defense on your PC or Android device is antivirus protection. Install it and make sure it is up-to-date.

2. Keep your operating system and software up-to-date. Hackers take advantage of software with security holes that have not been plugged, so take time regularly to make sure that your software and apps have patches and updates applied.

3. Lock down your device. Make it a habit to lock your PC and phone with a PIN, password, or even a fingerprint. Avast Mobile Security even allows you to password-protect your apps. Before you travel, make sure your critical apps, like access to your bank, are protected.

Read more…

September 28th, 2015

Making technology simpler: Thanks to my mother

Some days ago we wrote about scams targeting senior citizens. This group is at risk because generally speaking, they have less computer education than younger people who have grown up in the digital world. I recommended the reading to my mother, thinking she will benefit from it. She thanked me, but said that there were “some things” she did not understand.

Learning to surf internet

Friends and family can help senior citizens enjoy a safe online experience

In the Avast blog we do our best to write in simple terms. However, we know much more about security and, quite frequently, explains things in technical writing. So, I’ve take some time to write what will be useful for your mother (and mine). What about recommending her to read this?

Computer and mobile security essentials for senior citizens

Read more…

September 24th, 2015

Got an aging parent? Tell them about the Grandparent scam

Scammers rob elderly victims of an estimated $3 Billion per year.

A scam that has been around since at least 2008 is still active and targeting elderly folks. Seventy-four year old Avast evangelist, Bob Gostischa, who knows a thing or two about scams, security, and privacy, received a call just yesterday from a scam artist attempting to steal money. “If it happened to me, I’m sure it’s going to also happen to others,” said Gostischa.

Male Family Members

Scammers target elderly people “because they’re more gullible.”

Here’s the basic premise:

Someone either calls or emails pretending to be your grandchild. The typical story is that they have been wrongfully arrested and need bail money wired right away. Another variation says they are traveling and have been mugged or even in an accident and badly injured. After going through this frantic sob story, and if they sense that their victim is falling for it, the scammer asks for money to be wired through services such as Western Union and MoneyGram.

After the phone call ended, Bob sent us a transcript so we could share it with Avast Blog readers. “I consider myself lucky because the first instinct was wow, how can I help her…?,” he said.  “I guess we all really need to be very vigilant at all times.”

Caller: Hello Grandpa, this is your granddaughter. I have laryngitis so I don’t sound like myself

Bob: You certainly don’t. Which granddaughter?

Caller: What do you mean?

Bob: Well, I have several. Read more…

Categories: General Tags: , ,

September 23rd, 2015

Avast team at Webexpo conference

This past weekend, Prague hosted hundreds of web professionals at the Webexpo conferenceAvast Software was a proud general sponsor of this event.

Avast Webexpo booth

Avast was one of the sponsors of Webexpo

Attendees could meet our team at the Avast booth, try Avast technologies, and chat with our colleagues. They could also learn first hand how it is to work for the Best Czech Employer of 2013!

Read more…

Categories: General Tags: , , , ,

September 22nd, 2015

Apple removes malicious apps from App Store

Apple slow internet

image via TechInsider

While the rest of us were soaking up the last of the season’s sunshine, Apple researchers spent the weekend removing hundreds of malicious apps for iPhone and iPad from the iOS App Store.

The recent exploit on Apple has shown us that even Apple’s system can be compromised quite easily,” said Avast security researcher Filip Chytry. “While this time nothing significant happened, it is a reminder that having everything under an Apple system could potentially make a system vulnerable.”

The malware seems to have been focused on Chinese users. Chinese media reported more than 300 apps including the popular instant messaging service WeChat, Uber-like taxi hailing program Didi Kuaidi, banks, airlines, and a popular music service were infected.

The malicious software programs got by Apple’s strict review process in an ingenious way. Hackers targeted legitimate app developers by uploading a fake version of Xcode, Apple’s development software used to create apps for iOS and OS X, to a Chinese server. It’s a large file, and reportedly quite slow to download from Apple’s U.S. servers, so to save time, unwitting Chinese developers bypassed the U.S. server and got their development tools from the faster Chinese server. Once their apps were completed, the malicious code traveled Trojan-horse style to the App Store.

“If hackers are able to exploit one entry point, they are able to attack all of the other iOS devices – and the fact that Apple doesn’t have a big variety of products makes it easier,” said Chytry.

Read more…

September 17th, 2015

AirDrop vulnerability is an easy avenue for hackers to exploit Apple devices

Do you own an Apple device? A vulnerability discovered within AirDrop could pose as a risk to your files. (Photo via

Do you own an Apple device? A recent vulnerability discovered within AirDrop could pose as a risk to your files. (Photo via

Recently, an alarming vulnerability has cropped up on iOS devices. This security loophole allows an attacker to overwrite arbitrary files on a targeted device and, when used in combination with other procedures, install a signed app that devices will trust without presenting a warning notification to users.

In a recent article published on Threatpost, it’s noted that the vulnerability is located in a library that lies within both iOS and OS X. In this case, the library in question is AirDrop, the tool featured on Apple devices that allows users to directly send files to fellow Apple device quickly and effortlessly. The problem lies within the fact that Airdrop doesn’t use a sandboxing mechanism in the same way that many other iOS applications do. When making use of a sandbox, every application has its own container for files that it can’t get beyond the so-called “walls“ of.

Read more…

Categories: Mac Tags: , ,

September 14th, 2015

Avast Mobile Security: So much more than just another security app

With millions of applications waiting to be installed in our gadgets, you not only need to be concerned about quality, but you also need to take the proper measures in order to avoid your phone becoming infected by malware. Unfortunately, we already know that Google Play and the Windows Store aren’t immune to malware. Even the Apple Store has its bad days, so we’re not trying to scare you. These days, malware is a continuing, growing threat.

Read more…

September 11th, 2015

Ads: Love or hate?

Ad-injection is an increasingly annoying and dangerous problem

Ad injecting in action on Amazon

Malvertising attacks. Image via Google Security Blog

There are basically two reactions people have when they see ads in their browser. Some think they add interesting content and possibilities, insights and ideas or even, opportunities. The other group considers them as a distraction, an invasion and a disruption to what they were doing.

But most everyone will agree, once you begin something on your laptop or mobile, especially if it’s work-related task, you want to continue what you started. Lots of people get so into what they’re doing that they don’t see or think of anything else, and when an unwelcome ad comes through, it breaks the concentration. Some will say this is a man’s perspective. But even some women I talk to agree; even though they always say they are multitasking and (cough, cough) never lose focus.

When it comes to security, ads are becoming more and more a vehicle for malware. Ad-injecting malware is really a threat nowadays. Once on your device – computer or mobile – the malware will drop new ads into any (or most) sites you visit, sending ad revenue back to remote cybercriminals. For example, malicious porn ads use this type of redirection and clicking techniques.

Research conducted by Google from June to October of 2014 concluded that deceptive ad injection is a significant problem on the web today.  They identified tens of millions of instances of ad injection and detected 5.3 million different IP addresses infected with adware, 5% of the total testing group. The research also found that Superfish, one of the notorious businesses that have ad injection libraries,  was alive and well, not only pre-installed on Lenovo laptops, but breaking SSL protections for any other computer running it in background.

Ways to control unwanted ads in your browser

Read more…