Protecting over 230 million PCs, Macs, & Mobiles – more than any other antivirus

December 1st, 2015

How many people connect to unknown Wi-Fi hotspots without even knowing?

An Avast team calling themselves the Security Warriors, lead by Filip Chytry and comprised of intra-departmental specialists, are running experiments in the streets of San Francisco. They spent a few days setting up the first of them and have already gathered some interesting statistics. In Filip‘s words, here is what they have done so far and what they want to achieve. 

Security Warriors

Filip Chytrý , president of mobile Gagan Singh, Bára Štěpánová, Michal Reiter, and Vladislav Iliushin. Not pictured: Ondrej David


One of our first experiment’s objectives is to analyze people’s behavior by seeing how they have their devices preset in terms of outside communication. We didn’t have to go far to find out – it’s pretty disturbing.

Currently, we have a variety of devices prepared for different traffic experiments but now we are using them for one really easy target – to analyze how many people connect to a fake hotspot. We created fake Wi-Fi networks called Xfinity, Google Starbucks, and Starbucks. From what we’ve noticed, Starbucks is one of the most widespread networks here, so it’s pretty easy to get people’s devices to connect to ours.

wifi hotspot

Wi-Fi networks screen


What is the problem we’re trying to point out?

Once your device connects to a known SSID name at your favorite cafe, the next time you visit, it will automatically try to connect to a network with the same name. This common occurrence becomes a problem because it can by misused by a hacker.   Read more…

November 27th, 2015

Is Facebook‘s “Most used words” quiz a privacy thief?

The “Most used words” app became a Facebook hit within days of its launch. At the moment of writing this article, it has been used by nearly 18 million users globally. There are many controversies about user privacy in relation to data that is collected by the app.

“Most Used Words“ is an unexpected privacy nightmare. Source

“Most Used Words“ is an unexpected privacy nightmare. Source

Earlier this week, the British company Comparitech published a blog post about the privacy nightmare caused by this innocent-looking Facebook app. “Most used words” is presented as a simple, playful quiz in which Facebook scans through and analyzes users‘ posts in order to generate a collection of words they use most frequently on Facebook. Sounds like fun, right? Before you try it yourself, take a closer look at this data-hungry wolf in sheep’s clothing – after some analysis of the app, it has turned out to be a privacy thief. When using the app, users give away following details:

Read more…

November 26th, 2015

Can shopping extensions help you find the best prices?

SafePrice protects your privacy while finding the best online prices.

The holiday shopping season is upon us and shoppers are flocking to the Web to find online deals and coupons. Shopping extensions for your web browser can help you find the best prices, but how do you know you are finding a great deal from a SAFE and trusted retailer?

There are several shopping tools that can help you find the lowest price from around the web, but I’ll start with the one that finds low prices and guarantees the safety and integrity of the online shop – Avast’s very own SafePrice.

Avast SafePrice finds the best prices from trusted retailers

SafePrice find the best deals from TRUSTED online shops

Instead of visiting price comparison sites first, all you do is go to your favorite online store and pick out what you want to buy. SafePrice checks the price against thousands of verified stores, then displays the best deals and coupons at the very top of your browser. The bar is invisible when you’re not shopping.

Avast users already have SafePrice installed. If you are not an Avast user, but wnat to use it to find trusted stores, then add the extension to Chrome from the Chrome Web Store.

Read more…

November 25th, 2015

‘Tis the Season to Shop Online

The holiday season is coming up and we expect that many will opt to shop online to avoid the big crowds in city centers, malls and stores. 

In America, Cyber Monday, the cyber version of shopping day Black Friday, was born in the mid 2000s. Cyber Monday sales have steadily increased since its inception and according to IBM Digital Analytics, sales grew 8.5% in 2014. According to ComScore, purchases are now also being made from smartphones with overall spending from mobile devices in the millions.

Americans aren’t the only ones who have embraced Cyber Monday, many other retailers around the world have come together to offer deals on the Monday after U.S. Thanksgiving and in China, Singles’ Day (November 11th) has become a major ecommerce day with 27,000 online merchants participating in 2014



This is not only an exciting time for online retailers and online shoppers but also for cyber criminals. I spoke with our senior malware analyst, Jaromír Hořejší about how cybercriminals are preparing for Cyber Monday:

Read more…

November 20th, 2015

Facebook Safety Check feature allows users to connect with loved ones during a disaster

Facebook's Safety Check feature allows users to connect with friends and loved ones during a disaster.

Facebook’s Safety Check feature allows users to connect with friends and loved ones during a disaster.

Facebook’s Safety Check feature was created in October 2014 in response to the devastating earthquake and tsunami that struck Japan in March 2011. In a Facebook post about the feature, Mark Zuckerburg described the mission of the feature:

Over the last few years there have been many disasters and crises where people have turned to the Internet for help. Each time, we see people use Facebook to check on their loved ones and see if they’re safe. Connecting with people is always valuable, but these are the moments when it matters most.

This is how it works:

1. Facebook will prompt users that might be in the area of a natural disaster to inform others about their status using the Safety Check feature.

2. Users can click the “I’m safe“ button to let their Facebook friends know that they are safe.

3. Facebook will alert you of friends that used Safety Check and allow you to look over the list of friends who could potentially be affected by the disaster.

Safety Check is only offered to individuals that are located in a disaster area. Although the feature was originally created to respond to natural disasters, it has recently been utilized to help users connect with others in the wake of social crises. Zuckerberg told CNET that Facebook is still developing the policy to determine exactly when Safety Check will be activated. He was also quoted saying that he won’t post each time Safety Check is activated because “unfortunately, these kinds of events are all too common.”

For more information about Safety Check, you can read through Facebook’s page about the feature.

Follow Avast on FacebookTwitterYouTube, and Google+ where we keep you updated on cybersecurity news every day.

Categories: General, Social Media Tags:

November 16th, 2015

Facebook contest winners help welcome in Avast 2016

Our Facebook contest gave participants a chance to win one free year of Avast Premier 2016.

Our Facebook contest gave participants a chance to win one free year of Avast Premier 2016.

Over the weekend, we ran a fill-in-the blank contest on our Facebook page in celebration of the launch of Avast 2016 products. Participants had the chance to win a 1-year license for Avast Premier 2016, and could do so by finishing the following sentence:

“The best celebrations always include ______________.”

Read more…

November 13th, 2015

Windows 10 get significant upgrade

Microsoft Windows 10

Avast is the official Windows 10 consumer security software provider.

Yesterday, Microsoft released the first major update to Windows 10 for PCs and tablets since its initial release in July. It’s so large and improves so many features that it has been categorized as a whole new version instead of merely a patch or service pack.

Many of the features that have been in preview mode, including Cortana and Microsoft Edge, have significant upgrades. Additional capabilities in Cortana are only available in the USA for now. Improvements were also made to Mail and Calendar, Maps, Groove, Photos, Skype, and Xbox.

The Microsoft company blog states, “With this update, there are improvements in all aspects of the platform and experience, including thousands of partners updating their device drivers and applications for great Windows 10 compatibility.”

Avast 2016 is compatible with Windows 10

Avast is the official Windows 10 consumer security software provider. For best results with the new version of Windows 10, please make sure you also upgrade your Avast antivirus protection to the latest Avast 2016 version.

Avast is a recipient of the Windows 10 Compatibility Award from AV Comparatives.

image via

Follow Avast on FacebookTwitterYouTube, and Google+ where we keep you updated on cybersecurity news every day.

Categories: General Tags: ,

November 13th, 2015

Facebook increases security for users

Don’t ignore Facebook  alerts and take your time to improve your security

Don’t ignore Facebook alerts and take your time to improve your security

Facebook has become more concerned about its users’ security. The social giant understands that education is the key to providing users with a secure experience. We have already seen the Facebook “dinosaur” guiding us via privacy settings. Now Facebook pops out a short guide to improve the security of our profiles. We strongly recommend not to ignore it and take those steps to ensure that your profile is properly protected.

Step 1. Take control over your login

Read more…

November 12th, 2015

What happens when Avast engineers spend the night in a parking garage?

A hackathon resulting in creative prototypes of apps and hardware.

Avast engineers have a hackathon

Avast engineers pull an all-nighter

It had all the makings of a classic hackathon: An all-nighter in a weird location fueled by coffee and good ideas. Located in the parking garage of our current Avast headquarters, R&D teams participated in the event with the goal to invent cool things we can implement in our new HQ building, which is nearly completed.

We dubbed the hackathon Párkathon, because our new HQ building has a sausage-like curve to it. In the Czech language sausage is “párek” + hackathon = Párkathon.

Here’s what it looked like:

The Párkathon started on Thursday and continued through the wee hours of the morning all the way through Friday evening. Some people were so psyched about their projects that they continued at home or even stayed at the office during the weekend to finish . On Monday morning, the epic hackathon ended with a demo session and attendees voted for the winning team. The prize was a barbecue party for that team. And they kindly invited all the other Párkathon attendees.

Some of the projects that came out of Párkathon include:

Winning projects

iZasedáček – an interactive version of the office seating plan. This app let’s people quickly find who sits where and localize empty chairs. It includes floor maps of the building.

Stairs vs. Elevators - devices for measuring stairs or elevator usage. Including HW prototype – every time someone crosses two laser beams, his walk through is counted. Other use cases are under development.

Other projects that came out of Párkathon

Waldo – a tool for the real-time search of people within the building using iBeacons and GPS. Users can send messages along with a location request inside or outside the building to quickly organize a meeting.

Hacked Earth – 3D visualization of geo-located data on Earth’s surface. Can be used for real-time display of virus attacks around the world or product information like the visualization of app installations. The plan is to use it at reception, meeting rooms, or for events.

FunMon – the real-time monitoring of table football and billiards usage. Uses HW sensors to detect facility usage and allows short-term booking.

Orchestrované zobrazovátko – a system for streaming content to TVs around the building. This is an easy way to show content on any TV. There is also the option to broadcast the same message on a group of TVs or even all of them.

Zasedačkomat – an app for wall-mounted Android tablets in each meeting room. It shows the room availability and allows you to perform basic tasks like reserving the room or releasing it for use.

3D navigation – printing of custom made direction signs for our new building. This task included learning to work with 3D printer.

MemeGen – system for internal memes and jokes.

Follow Avast on FacebookTwitterYouTube, and Google+ where we keep you updated on cybersecurity news every day.

Categories: General Tags: , ,

November 11th, 2015

The Anatomy of an IoT Hack

Avast researchers hacked a Vizio Smart TV to gain access to a home network.

Avast researchers hacked a Vizio Smart TV

Hackers could gain access to your home or office network through the Smart TV

Co-authors: Ross Dickey and Riley Seaman 

The Internet is everywhere —  in your TV, your light bulb, and even your refrigerator. We are now living in the world of the Internet of Things. With all of our physical devices connected to the Internet, it’s important to understand how someone might access your information or violate your privacy through these devices. As an example, we’ll walk through hacking a Smart TV with the intention of gaining access to the victim’s home network, as well as to illustrate the privacy implications of having Internet-connected devices in your home or office.

Through this experiment, our aim is to show just how much a regular person can be affected by vulnerabilities within a smart device. Throughout our journey, we went through a series of processes that involved (but were not limited to) a simulated Man-in-the-Middle (MITM) attack, the injection of an SSID, and the decoding of the device’s binary stream. We dove straight in, making our way through many avenues and curves with the ultimate goal to “crack the salt” (more on that later).

In the end, we found that the smart TV we were inspecting actually broadcasted fingerprints of users’ activities, whether they agreed to the device’s privacy policy and terms of services when first setting it up. In addition, we uncovered a vulnerability within the device that could serve as a potential attack vector for an attacker attempting to access a user’s home network. Since this all sounds pretty creepy, it’s important to note that Vizio successfully resolved these issues upon being notified of our findings. Now, onto the experiment we go:

Read more…