Filip Chytry

Filip Chytry

17 August 2016

Linux flaw puts 80% of Android devices at risk

A vulnerability thought to affect about 1.4 billion Android devices has been uncovered.

Read More

Mobile Security, Threat Research

Filip Chytry

13 January 2016

Notes from the 2016 AT&T Developer Summit

ATT_DevSummit.jpg

For nearly 10 years, AT&T has been bringing an annual developer conference to their partners and collaborators. This year, they creatively chose to combine their conference with a hackathon in order to encourage the participation of budding developers and to support young talent in achieving career-related goals.

This year’s conference and hackathon, which took place on January 2-5 in Las Vegas, Nevada, was packed with an array of topics split into six main sessions: devices and wearables, IoT, real-time communications, video, network advances and the connected home.

I’ve put together several of the sessions that stood out to me as especially relevant to the evolution of today’s technology.

Read More

Filip Chytry

6 January 2016

Notes from the 2016 AT&T Developer Summit

The 2016 AT&T Developer Conference took place on January 2-5 in Las Vegas, Nevada. The 2016 AT&T Developer Conference took place on January 2-5 in Las Vegas, Nevada.

For nearly 10 years, AT&T has been bringing an annual developer conference to their partners and collaborators. This year, they creatively chose to combine their conference with a hackathon in order to encourage the participation of budding developers and to support young talent in achieving career-related goals.

This year’s conference and hackathon, which took place on January 2-5 in Las Vegas, Nevada, was packed with an array of topics split into six main sessions: devices and wearables, IoT, real-time communications, video, network advances and the connected home.

I’ve put together several of the sessions that stood out to me as especially relevant to the evolution of today’s technology.

Read More

Mobile Security, Security News

Filip Chytry

15 December 2015

Retailer's apps reveal your Christmas list to the public

By using some retailer's apps to make your holiday wish list, more people than just Santa Claus can see your list. In fact, it may be accessible to anyone over the Internet!

Santa Claus

America’s most popular retailers collect more information about you via apps than you may be comfortable with.

Recently, the Avast Security Warriors began looking into shopping apps to see what your favorite retailers know about you. They found that these apps, like many other apps out there, collect data and request permissions that are unnecessary for their app to function properly.

Initially, we were curious to see what retailers wanted to know about their customers based on the data they collect. We randomly chose apps from the following retailers: Home Depot, J.C. Penney, Target, Macy’s, Safeway, Walgreens and Walmart. In this blog post, we focus on Target and Walgreens.

You’re making your list and Target is checking it twice!

If you created a Christmas wish list using the Target app, it might be accessible to more people than you want to actually receive gifts from. The Target app keeps a database of users’ wish lists, names, addresses, and email addresses. But your closest family and friends may not be the only ones who know you want a new suitcase for your upcoming cruise!

Read More

Mobile Security, Security News

Filip Chytry

1 December 2015

How many people connect to unknown Wi-Fi hotspots without even knowing?

An Avast team calling themselves the Security Warriors, comprised of intra-departmental specialists, are running experiments in the streets of San Francisco. They spent a few days setting up the first of them and have already gathered some interesting statistics. In Filip‘s words, here is what they have done so far and what they want to achieve.

Security Warriors Filip Chytrý , president of mobile Gagan Singh, Bára Štěpánová, Jaroslav Slaby, and Vladislav Iliushin. Not pictured: Ondrej David

One of our first experiment’s objectives is to analyze people's behavior by seeing how they have their devices preset in terms of outside communication. We didn't have to go far to find out – it's pretty disturbing. Currently, we have a variety of devices prepared for different traffic experiments but now we are using them for one really easy target - to analyze how many people connect to a fake hotspot. We created fake Wi-Fi networks called Xfinity, Google Starbucks, and Starbucks. From what we've noticed, Starbucks is one of the most widespread networks here, so it's pretty easy to get people's devices to connect to ours.

wifi hotspot Wi-Fi networks screen

 

What is the problem we're trying to point out?

Once your device connects to a known SSID name at your favorite cafe, the next time you visit, it will automatically try to connect to a network with the same name. This common occurrence becomes a problem because it can be misused by a hacker.

Read More

Mobile Security, Security News

Filip Chytry

6 October 2015

Has the Windows Phone Store become a new target for hackers?

Almost exactly two months ago, we reported on some fake apps found in the Windows Phone Store. Unfortunately, the news hasn't stopped there – instead, it seems that this third-party app store is becoming an increasingly popular platform for the bad guys. Today, we‘ve uncovered quite a large set of fake apps which includes scams imitating legitimate popular apps such as Facebook Messenger, CNN, BBC, and WhatsApp.

Fake apps advertised by Ngetich Walter on the Windows Phone Store. Fake apps advertised by Ngetich Walter on the Windows Phone Store.

There are two perpetrators behind these fake apps: Ngetich Walter and Cheruiyot Dennis. Between the two of them, they have 58 different apps available in the Windows Phone Store, all of which are fake. The majority of the apps have certain things in common -- they collect basic data about users and display various advertisements that are mostly driven by a user’s location. A portion of the apps try to lead users to pages that force them to submit a request to purchase something. Let’s take a closer look at two of them:

Read More

Mobile Security, Security News

Filip Chytry

4 August 2015

Windows Phone Store scam: malicious mobile apps aren’t unique to Google Play

Although it’s possible to use third-party apps stores safely and securely, the fact that scams do still occur in a variety of app stores shouldn’t be ignored. On Sunday, a threat was discovered by a user who posted the issue on our forum. The scam, located within the Windows Phone Store, advertised three fraudulent versions of Avast Mobile Security. These fake apps not only include the Avast logo, but also feature actual screenshots from AMS in their image galleries. Our fast-acting team has since blocked the pages and has labeled them as malicious.

Fake AMS apps collect personal data and redirect users to adware

[gallery ids="37130,37129,37128"]

If downloaded, these fake versions of AMS found on the Windows Phone Store pose a risk to users’ security. Here’s how they work:

  1. New Avast security: This app includes three control buttons which show only advertisements. Even without actively clicking on the ads, the app redirects users to additional adware.
  2. Avast Antivirus Analysis: Claiming to “protect your phone from malware and theft”, this malicious app runs in the background of victims’ devices once downloaded and collects their data and location.
  3. Mobile Security & Antivirus – system 2: Simply put, this is a paid-for version of “New Avast security” that forcibly leads users to adware.
Read More

Mobile Security, Threat Research, Security News

Filip Chytry

29 July 2015

Big Brother(s) Could be Watching You Thanks to Stagefright

Stagefright is the worst Android malware ever discovered.

stagefright is worst Android malware

Earlier this week, security researchers unveiled a vulnerability that is believed to be the worst Android vulnerability yet discovered. The “Stagefright” bug exposes nearly 1 billion Android devices to malware. The vulnerability was found in “Stagefright”, an Android media library. Hackers can gain access to a device by exploiting the vulnerability and can then access contacts and other data, including photos and videos, and can access the device’s microphone and camera, and thus spy on you by recording sound and taking photos.

All devices running Android versions Froyo 2.2 to Lollipop 5.1.1 are affected. That's about 95% of all Android devices.

Read More

Mobile Security, Threat Research, Security News

Filip Chytry

22 July 2015

Creators of Dubsmash 2 Android Malware Strike Again

Malware Writers Can’t Keep Their Hands Off Porn

In April, we reported on a porn clicker app that slipped into Google Play posing as the popular Dubsmash app. It seems that this malware has mutated and once again had a short-lived career on Google Play, this time hidden in various “gaming” apps.

For your viewing pleasure

The original form of this porn clicker ran completely hidden in the background, meaning victims did not even notice that anything was happening. This time, however, the authors made the porn a bit more visible to their victims.

The new mutation appeared on Google Play on July 14th and was included in five games, each of which was downloaded by 5,000-10,000 users. Fortunately, Google reacted quickly and has already taken down the games from the Play Store.

The selection of "gaming" apps affected by Clicker-AR malware on the Google Play Store. The selection of "gaming" apps affected by Clicker-AR malware on the Google Play Store.

Once the app was downloaded, it did not really seem to do anything significant when opened by the user. However, once the unsuspecting victim opened his/her browser or other apps, the app began to run in the background and redirect the user to porn sites. Users may not have necessarily understood where these porn redirects were coming from, since it was only possible to stop them from happening once the app was killed.

Read More

Mobile Security, Threat Research, Security News

Filip Chytry

3 February 2015

Apps on Google Play Pose As Games and Infect Millions of Users with Adware

A couple of days ago, a user posted a comment on our forum regarding apps harboring adware that can be found on Google Play. This didn’t seem like anything spectacular at the beginning, but once I took a closer look it turned out that this malware was a bit bigger than I initially thought. First of all, the apps are on Google Play, meaning that they have a huge target audience – in English speaking and other language regions as well. Second, the apps were already downloaded by millions of users and third, I was surprised that the adware lead to some legitimate companies.

Read More

Mobile Security, Security News