Marina Ziegler

23 May 2016

Independent test shows Avast offers best HTTPS protection in the market


Every day, 50,000 infected unique URLs of HTTPS-protected websites are detected and blocked. Scientists from the Concordia University in Montreal, Canada, have tested 14 antivirus programs offering HTTPS scanning and found that these programs create more security problems than they actually solve. There was only one exemption from this: Avast. The only issue mentioned in their study is a lack of revoked certificates checking by Avast, which has been in the market since November 2015 and is fixed in 2016 products.

Read More

Security News

Stefanie Smith

23 May 2016

Your iPhone6s is not waiting for you – despite what the text message says

What’s the deal with these “you won something” texts?

I recently received a text message saying an iPhone 6s is waiting for me. I normally delete these messages, but this time I was curious… I have been considering upgrading from my iPhone 5 for a while now J. So, I decided to consult with my friend, Avast senior malware analyst Jan Sirmer and see what would happen if I believed the text.


How did they get my number?

The first question I had about this was: How did they get my number? “A computer probably sent it to you,” said Jan. How did a computer get my number? “There are programs that allow computers to send text messages to a bunch of numbers at once. They probably use the same area code and the rest of the digits in the number are generated by the program.”

Read More

Security News

Deborah Salmi

19 May 2016

Time to change your LinkedIn password

LinkedIn members' login credentials are being sold on the dark web.

The 2012 breach of social networking site LinkedIn, has come back to haunt us. That breach resulted in 6.5 million members' credentials being stolen. Articles published in the last day report that the number was way short of reality - it's actually more than 167 million email and password combinations - or nearly all the members of LinkedIn. 


Read More

Security News

Alexej Savčin

19 May 2016

Locky ransomware is far from dead

Avast Antivirus solutions protect against Locky ransomware.

A brief update on Locky, the latest ransomware targeting PCs:

Beware of emails from random email addresses with subject lines like “Upcoming Payment – 1 Month Notice”. These emails typically come with a zip attachment that attackers have created to run a script that downloads and runs the now well-known ransomware, Locky. These phishing emails prove that Locky is not going anywhere anytime soon.


The emails are written in typical phishing style. The attacker tries to entice a potential victim to read the email and subsequently download the attachment. Attackers seem to be targeting small and medium sized businesses, to gain access to valuable company data.   

Locky_email_content.pngContent of the email.

Read More

Security News

Stefanie Smith

19 May 2016

Avast Software Updater can help protect you from security loopholes, like the recent 7 Zip vulnerabilities

Last week, Talos discovered multiple vulnerabilities in 7-Zip, a popular, open source file archiver. The vulnerabilities are particularly severe as many products, including antivirus software, implement 7-Zip in their software. When vulnerabilities are found, it is the responsibility of software owners to patch them. However, these patches are useless, unless users update their software.

Avast is not affected by these vulnerabilities, but if you are a non-Avast user we recommend you update your antivirus software, if you haven’t done so already.

About the vulnerabilities

The two vulnerabilities found are CVE-2016-2335 and CVE-2016-2334. The first vulnerability is an out-of-bounds read vulnerability, which exists due to how 7-Zip handles Universal Disk Format (UDF) files and could allow attackers to remotely execute code.

The second vulnerability is an exploitable heap overflow vulnerability, found in the Archive::NHfs::CHandler::ExtractZlibFile method functionality. In the HFS+ file system, files, depending on their size, can be split into blocks. There is no check to see if the size of the block is bigger than size of the buffer, which can result in a malformed block size which exceeds the buffer size. This will cause a buffer overflow and heap corruption.

What you should do

As mentioned above, it is up to software publishers to provide their users with vulnerability fixes, but these are futile if users don’t take action and update their software. It is vital that you frequently update all software, including your operating system, on a regular basis.

Read More

Security News

Gracie Roberts

16 May 2016

New feature in Avast Passwords for Android: Fingerprint scanning

Screenshot_20160510-163038.png Screenshot_20160510-163229.png

Avast Passwords gives you easy, secure access to all your passwords, PINs and login credentials.

 Avast Passwords is an app that helps you to safely store each of your PIN codes, passwords and login details safely in one place. Instead of needing to memorize each of your login credentials, Avast Passwords allows you to keep them together in one secure place and access them safely.

Start managing your passwords now!  

Read More

mobile security

Michal Krejdl

10 May 2016

Andromeda distributors craft new strategies for attacks

Most of popular botnet Andromeda’s (also known as Gamarue) distribution channels have been discovered and analyzed by antivirus vendors. This has forced Andromeda’s distributors to come up with a new attack strategy to continue to drop Andromeda binaries onto PCs.

Meanwhile at the Andromeda headquarters…

Operator: “Captain, all of our distribution channels have been discovered!”

Captain: “Report the loss..”

Operator: “Email scams, exploit kits, everything is known to the public.”

Captain: “Operator, let’s start with plan N!”

Operator: “Roger that, captain”

Before we dive into Andromeda’s new tactic, I’d recommend you to read this article by fellow security researchers from Stormshield, which describes one of Andromeda’s most recent phishing campaigns. We have observed similar Andromeda email phishing campaigns. Most of the emails we have seen seem to be targeting Germans and Italians. However, these two target groups seem to be too clever to fall for the bait, as they are not the top infected users.

Some of the popular subject lines used to target Germans and Italians are “Your current bill” and “A nude photo of you has appeared on the Internet”.


Read More

Security News

Jan Piskacek

5 May 2016

Android Banker Trojan preys on credit card information

An Android Trojan is spying on its victims and even tricking some into giving up their credit card information.

Most of today’s malware authors create malware for one of two reasons: either to make money or to steal valuable data. In this blog post, we will show how an Android Trojan relies on social engineering.

Social engineering tactics are used to trick people into performing an action, like clicking on a link or downloading an application. The person being tricked thinks they are doing something innocent when they are really clicking on or downloading something malicious. This malware is associated with the banker family as it tries to steal user's credit card information.

Once installed, the Banker Trojan puts an icon in the launcher. The app name shown with the icon can vary from sample to sample -- some of the names we have seen were : AVITO-MMS, KupiVip and MMS Центр (MMS Center).

Read More

Threat Research

Deborah Salmi

5 May 2016

Can your bad passwords cost you money and cause trouble?

From football stars to cheating spouses, using easy-to-crack passwords puts everything from your livelihood to your relationships at risk.

passwords should be long and strongChange your passwords regularly and don't share them with others

A tweet showing top NFL draft pick Laremy Tunsil taking a hit off a bong through a gas mask cost him upwards of $13 million. Tunsil’s Twitter account was allegedly hacked at the worst time – just minutes before the draft began – making his fall from the first round to thirteenth swift, decisive, and oh, so costly. Minutes after that, his Instagram account was hacked to show screenshots of a text conversation implicating Ole Miss in NCAA rule-breaking that will likely end up in an investigation.

This mind-boggling turn of events in what should have been a night of triumph for Tunsil and his university has a lesson for the rest of us.

Read More

Security News

Michal Salat

4 May 2016

Why it would have been a relief to know who’s behind bitcoin


News broke that Australian businessman Craig Steven Wright is Satoshi Nakamoto earlier this week.
(Image via the Wall Street Journal)

Finally, we know the inventor of bitcoin! Wait, maybe not so fast. Actually, we don’t know anything at all.

Read More

Security News