As Google Play tightens their security measures on mobile apps, hackers are moving to third party app stores. Fake apps imitating popular apps were found on the Windows Phone Store earlier this week. Now a new batch of infected Android apps imitating the real deal have been found on unofficial third-party Android app stores.
The new malicious adware, dubbed Kemoge, reported Wednesday by security researchers at FireEye, also disguises itself as popular applications. The apps trick the user into installing them through in-app ads and ads promoting the download links via websites. The legitimate appearing apps aggressively display unwanted advertisements which seem annoying, but in the FireEye blog researcher Yulong Zhong writes, ” it soon turns evil.”
The fake apps gain root access and gathers device information such as the phones IMEI, IMSI, and storage information, then sends the data to a remote server.
Infections have been discovered in more than 20 countries, including the United States, China, France, Russia, and the United Kingdom. Because of Chinese characters found in the code, it is believed that the malware was written by Chinese developers or controlled by Chinese hackers. The apps included Talking Tom 3, WiFi Enhancer, Assistive Touch, PinkyGirls, and Sex Cademy.
How to protect your Android device from infection
- Only install apps from trusted stores like Google Play
- Avoid clicking on links from ads, SMS, websites, or emails
- Keep your device and apps up up-to-date
- Install protection that scans apps like Avast Mobile Security
Avast Free Antivirus just received another AV-Test certification for its stellar protection against real-world threats, performance in daily use, and usability.
Yay! It’s like collecting another trophy for the display case or another blue ribbon to hang on the wall, but what does it really mean? How is this type of testing useful for you, our customers?
Ondrej Vlcek, Avast’s Chief Operations Officer explains,
Because of the overwhelming growth of malware targeting consumers and businesses, labs like AV-Test Institute have become an invaluable independent source of data to Avast. Their research has influenced our engineers to expand their knowledge of malware, revolutionize diagnostic and detection methods, and facilitate strategies to get real-time updates to hundreds of millions of people who put their trust in our antivirus products.”
Here’s a little background on the testing lab.
AV-Test Institute is an independent lab designed specifically for testing and researching malware. Located in Magdeburg, Germany, they inhabit 1200m² (12,900 ft²) of space with 3 server rooms and a variety of main and secondary laboratories.
Cybersecurity is not limited to your office or home. Nowadays, many of us use the same devices for work and personal business, so when traveling we need to be extra diligent to protect our devices and the data we have on them. If you use common sense and a bit of Avast technology, all your devices – laptops, smartphones, and tablets, can remain secure wherever you are.
Here are a few things you can do before you go and while you’re on-the-road:
1. Install antivirus protection. Your first and best line of defense on your PC or Android device is antivirus protection. Install it and make sure it is up-to-date.
2. Keep your operating system and software up-to-date. Hackers take advantage of software with security holes that have not been plugged, so take time regularly to make sure that your software and apps have patches and updates applied.
3. Lock down your device. Make it a habit to lock your PC and phone with a PIN, password, or even a fingerprint. Avast Mobile Security even allows you to password-protect your apps. Before you travel, make sure your critical apps, like access to your bank, are protected.
Scammers rob elderly victims of an estimated $3 Billion per year.
A scam that has been around since at least 2008 is still active and targeting elderly folks. Seventy-four year old Avast evangelist, Bob Gostischa, who knows a thing or two about scams, security, and privacy, received a call just yesterday from a scam artist attempting to steal money. “If it happened to me, I’m sure it’s going to also happen to others,” said Gostischa.
Here’s the basic premise:
Someone either calls or emails pretending to be your grandchild. The typical story is that they have been wrongfully arrested and need bail money wired right away. Another variation says they are traveling and have been mugged or even in an accident and badly injured. After going through this frantic sob story, and if they sense that their victim is falling for it, the scammer asks for money to be wired through services such as Western Union and MoneyGram.
After the phone call ended, Bob sent us a transcript so we could share it with Avast Blog readers. “I consider myself lucky because the first instinct was wow, how can I help her…?,” he said. “I guess we all really need to be very vigilant at all times.”
Caller: Hello Grandpa, this is your granddaughter. I have laryngitis so I don’t sound like myself
Bob: You certainly don’t. Which granddaughter?
Caller: What do you mean?
Bob: Well, I have several. Read more…
While the rest of us were soaking up the last of the season’s sunshine, Apple researchers spent the weekend removing hundreds of malicious apps for iPhone and iPad from the iOS App Store.
“The recent exploit on Apple has shown us that even Apple’s system can be compromised quite easily,” said Avast security researcher Filip Chytry. “While this time nothing significant happened, it is a reminder that having everything under an Apple system could potentially make a system vulnerable.”
The malware seems to have been focused on Chinese users. Chinese media reported more than 300 apps including the popular instant messaging service WeChat, Uber-like taxi hailing program Didi Kuaidi, banks, airlines, and a popular music service were infected.
The malicious software programs got by Apple’s strict review process in an ingenious way. Hackers targeted legitimate app developers by uploading a fake version of Xcode, Apple’s development software used to create apps for iOS and OS X, to a Chinese server. It’s a large file, and reportedly quite slow to download from Apple’s U.S. servers, so to save time, unwitting Chinese developers bypassed the U.S. server and got their development tools from the faster Chinese server. Once their apps were completed, the malicious code traveled Trojan-horse style to the App Store.
“If hackers are able to exploit one entry point, they are able to attack all of the other iOS devices – and the fact that Apple doesn’t have a big variety of products makes it easier,” said Chytry.
Eliminate the risk of your sensitive business data being hacked.
Most of the truly dangerous malware is designed to harvest valuable business information – especially financial data. So hackers design malware to look like an innocent video, application, or website cookie. Sometimes malware can even be disguised as a exit button on an infected website. Basically, hackers use all kinds of tricks to get unsuspecting people to click, download, or run their malware.
The problem is that malware often ends up on a company computer or network completely by mistake. The file might look like a useful business graphic or tool, but when opened, it unleashes malicious code that takes over the computer and even the network.
So how do you stop this when you have 10, 20, 30, or more PCs, Macs, and servers under your care?
The Avast Sandbox lets you run a questionable program without risking your computer.
The Avast Sandbox is a special security feature which allows you to run potentially suspicious applications automatically in a completely isolated environment. This is particularly useful if you don’t completely trust whatever you just downloaded or you visit dodgy websites because programs running within the sandbox have limited access to your files and system, so there is no risk to your computer or any of your other files.
Here’s how it works: By default, if an application is started and Avast detects anything suspicious, it will automatically run the application in the Sandbox. The advantage of running an application in the Sandbox is that it allows you to check suspicious applications while remaining completely protected against any malicious actions that an infected application might try to perform.
The browser or other application will then open in a special window, indicating that it is being run inside the Sandbox. When the Sandbox is closed, it will be restored to its original state and any downloaded files or changed browser settings will be automatically deleted.
The Avast Sandbox is part of Avast Premier 2015, Avast Internet Security 2015 and Avast Pro Antivirus 2015.
Diamond rings and an Audi R8 can be mine just for the simple actions of liking and sharing on Facebook. NOT!
In the past week, three fake giveaways have come across my Facebook newsfeed – two of them today! These were shared by otherwise intelligent friends, so that makes me think all kinds of other people are falling for the scam. I’m sharing these with you, so you’ll know what to look out for.
Each scam promises that you could win a valuable prize just by liking and sharing the post. This one is for an Audi R8 V8, and every time I’ve seen it, it’s originates from a different page. The instructions are always the same – for a chance to win, you must like the page, request your desired color in the comments, and share the post with your friends.
This type of social engineering scam is called like-farming. It is designed to gather many page likes and shares in a short amount of time, and since Facebook’s algorithms give a high weight to those posts that are popular, they have a high probability of showing up in people’s newsfeeds. Scammers go to all this trouble for two purposes: The pages can later be repurposed for survey scams and other types of trickery that can be served to a large audience. And pages with large numbers of fans can be sold on the black market to other scammers with creative ideas.
“Biggest iPhone hack ever” attacks jailbroken phones
In what has been called the biggest iPhone hack ever, 250,000 Apple accounts were hijacked. That’s the bad news.
The good news is that most Apple device users are safe. Why? Because the malware dubbed KeyRaider by researchers at Palo Alto Networks, only infects “jailbroken” iOS devices. (there’s that bad news again)
When you jailbreak a device like an iPhone or iPad, it unlocks the device so you can do more with it like customize the look and ringtones, install apps the Apple normally would not allow, and even switch carriers!
The KeyRaider malware entered the jailbroken iPhones and iPads via Cydia, a compatible but unauthorized app store, which allows people to download apps that didn’t meet Apple’s content guidelines onto their devices. The malware intercepts iTunes traffic on the device to steal data like Apple passwords, usernames, and device GUID (“Globally Unique Identifier” which is your ID number similar to your car’s VIN). Users reported that hackers used their stolen Apple accounts to download applications from the official App Store and make in-app purchases without paying. At least one incident of ransomware was reported.
Chinese iPhone users with jailbroken phones where the primary attack target, but researchers also found incidents in 17 other countries including the United States, France, and Russia.
Networks are relentlessly attacked by online threats. Organizations need quality security products to keep their network secure.
When Jothan Virgil, an IT Administrator at Alabama State University located in Montgomery, Alabama, got an email announcing the new, free Avast for Business product, he did his research and signed up.
Virgil knows that a good antivirus product is the most important part of protecting a network and was using Avast Endpoint Protection before switching. ”The new cloudbased solution is easier to manage.” Avast for Business lets Virgil see his entire network anywhere, anytime making his job easier.
Alabama State has a very large network managed by multiple IT professionals, with over 1,000 faculty and staff members and more than 5,600 students. Avast for Business now protects all of them from one console.
“Avast for Business is so easy to deploy and monitor, it’s made the administration of our network much smoother.” System notifications tell Virgil exactly which machines are being hit with viruses or malware.
And it’s not just easy. It’s also free. Avast for Business created a savings that Virgil can use somewhere else. He’s certain the savings will go to good use in their growing IT environment.
Avast for Business can save your non-profit, company, or school money and time. Sign up on the Avast website.