Protecting over 230 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Author Archive
November 21st, 2014

How to change your router DNS settings and avoid hijacking

If your home router is hacked, you have a serious situation on your hands.

When an Avast Home Network Security scan finds that your router is already compromised, this notification will appear.

Your WiFi network is not secured

Your WiFi network is not secured

This means that the router has been hacked and the DNS settings have been modified to serve hacked contents to a cyberthief. This is a pretty serious situation. When hackers exploit router vulnerabilities, gain access to it, and modify the DNS servers settings, all your Internet traffic can be forwarded to rogue servers. This is called a man-in-the-middle attack.

The DNS or Domain Name System, is the “phone book” of the Internet, and an IP address is what’s listed in the book. DNS names computers, services, or any resource connected to the Internet or a private network. It translates easily memorized domain names, for instance, www.example.com, to the unique numerical IP addresses needed to locate the service worldwide.

What happens when your router is hacked?

Instead of connecting to a clean site or service, when your router is hacked, you’ll visit a rogue and hacked one. It’s obvious that your privacy will be violated, and your banking information could be captured – by the man-in-the-middle mentioned above. Even the usually secure SSL, the HTTPS protocol we have all been instructed to look for to indicate a secure site, won’t assure you’re protected. Instead, you’ll be proxied through malicious servers and the encrypted connection is cut in the middle. This illustration shows what happens.

 

Your WiFi network is not secured

Source: http://www.cert.pl//news/8019/langswitch_lang/en

This could also happen if your router is set to default/weak/factory password. So, the worst scenario of hacking is not that uncommon. See the latest news about webcams being hacked because of the owner’s using default passwords. Vincent Steckler, CEO of Avast, told VentureBeat that consumers are notorious for not updating default passwords, just as I’m talking about here. Some 63 percent of wireless routers run with default passwords, says Steckler.

The problem goes further than just one user or one device. The malicious effects can spread to all users in the local network, regardless of the operating system used.

How to protect ourselves against this plague?

First, scan your home network with Avast Home Network Security to verify if your device is compromised. If Avast alerts you, it’s already too late. You’ve already been compromised. You need to manually check the DNS servers in the router configuration.

By default, your router uses DNS servers automatically acquired from your Internet provider. All the devices on your network — PCs, smartphones, tablets, game consoles, and anything else connected to the network — get their DNS server from the router. You can change the DNS server on your router, therefore changing every other device on your network.

There are several good articles on the Internet about changing your DNS. Here’s one from howtogeek.com.

You also need to pay attention to your browser address bar. The HTTPS indicator should be there all the time. If it comes and goes, you may have already been compromised. In these cases, or for any other strange symptom you could be experiencing: Disable your Internet connection immediately and change the router username and password to unique ones (consult the router manual for instructions).

But, be warned, neither of these will be enough because if the router is vulnerable, it will take the attacker no time to change the settings back. Updating the router firmware or even changing it completely – as described in previous article – will be necessary.

Avast Software’s security applications for PC, Mac, and Android are trusted by more than 200-million people and businesses. Please follow us on FacebookTwitter and Google+.

 

 

November 13th, 2014

How to upgrade your router with the latest firmware or replace it completely

It’s difficult to accept that we made an unwise purchase or even that a piece of technology has gone obsolete. But when it comes to the security of your home network, it’s time to face up to it.

Last February, Craig Young, a researcher at security firm Tripwire, published research showing that 80% of the 25 best-selling small office/home office (SOHO) wireless router models on Amazon had vulnerabilities. Because some routers, in fact, a lot of them, have so many non-patched vulnerabilities, the easiest way to secure your home network is to replace the router completely with a secure model.

Your WiFi network is not secured

Your WiFi network is not secured

 

How to update your router

But let’s not spend your money yet. Only four of the reported vulnerabilities were completely new, and many have been patched in later models, so you should first look for firmware updates. Some conscious manufactures release updates for their hardware controls and, if applied, could solve all (or at least some) known vulnerabilities.

Routers do not perform automatic updates, so the process requires appropriate patches to be manually downloaded and installed. Avast 2015 includes a Home Network Security scanner that can help you determine what needs to be done, explain why, and can direct you to the router manufacturer’s website.

Open the Avast user interface, click Scan from the menu on the left, then choose Scan for network threats. Avast will take a look at your router and report back any issues. In most cases, if there is an issue to be addressed, then it will direct you to your router manufacturer’s website.

Yes, Virginia, there is a Santa Claus Router Attack

If you’re not convinced that router attacks are something to be concerned about, then think back on the attack from earlier this year. Attackers remotely altered DNS configurations for more than 300,000 small office/home office (SOHO) routers, subsequently opening up victims to a host of compromises

Among several vulnerabilities around, there is one that is quite common. It’s called ROM-0 and allows the attacker to easily gain control of the whole router and, subsequently, your Internet connection. In short, the attacker could request ROM-0 through HTTP (i.e. http://192.168.1.1/ROM-0) and then he can download all the important and secret data stored in your router: Your ADSL login/password combination, WIFI password and basically all your configuration data.

How to avoid attackers from downloading your Rom-0 configuration file and manipulating your router?

It’s simple (if you are comfortable around computers. Ask a techie to help you, if you’re not):

  • Forward port 80 on the router to a non-used IP address on your network.
  • Enter your router configuration and go to “Port forwarding” configuration.
  • Send all http traffic, of all protocols, to star and end port 80 in a non-used local IP address (something like 192.168.0.xxx, where xxx would be a non-used IP).

There are free guides of “port forwarding” for quite a lot of routers. Check your model here.

Avast Software’s security applications for PC, Mac, and Android are trusted by more than 200-million people and businesses. Please follow us on FacebookTwitter and Google+.

 

 

Comments off
November 11th, 2014

How to disable access to your router from the Internet

When Avast Home Network Security (HNS) displays the following error: “Your network router is accessible from the Internet” that means that hackers can access your router’s administrative interface.

Your WiFi network is not secured

Your WiFi network is not secured

 

Although that doesn’t mean imminent threat, the fact that the router is accessible from the Internet is not good. A cybercrook could modify your network settings and even disable your Internet connection or, the worst, steal your personal data.

For sure, if you use the default password in your router, everyone can access your router. However, you won’t do that, will you? If you’re reading this article, we suppose you’re technically educated and will know that using the default password is a serious risk.

hns3Routers, especially Small Office/Home Office (SOHO) wireless routers, are usually quite vulnerable to all sorts of exploits and exposing the admin interface of the router to the Internet is like leaving your door unlocked when you leave home. According to Tripwire, “80% of Amazon’s top 25 best-selling SOHO wireless router models have security vulnerabilities.”

Why should we worry about routers?

“Unsecured routers create an easy entry point for hackers to attack millions of American home networks,” said Vince Steckler, chief executive officer of Avast. “If a router is not properly secured, cybercriminals can easily gain access to an individual’s personal information, including financial information, user names and passwords, photos, and browsing history.”

Set up a strong password

I already explained how to make sure you have the highest level of encryption set on your router. If you missed it, please go back and read my blog, How to turn on WiFi encryption in your router settings.

The next step is to replace thedefault administrator password.Some of the most common mistakes made, not only by common users but also from a significant number of IT professionals, are to use the default administrator password and use the popular WPS and its insecure technology that allows hackers to discover (much easier) the router encryption passphrase.

When creating a new password, make sure it is long and strong, using a mix of numbers, letters and symbols. If you have many visitors to yourhome, it’s a good idea to set up a guest network with a separate password.

Avast 2015 includes a Home Network Security scanner that can help you determine what needs to be done, explain why, and can direct you to the router manufacturer’s website. Read more about it on our blog,  Your home network is at risk of cybersecurity attacks.

Avast Software’s security applications for PC, Mac, and Android are trusted by more than 200-million people and businesses. Please follow us on FacebookTwitter and Google+.

November 6th, 2014

How to turn on WiFi encryption in your router settings

Eavesdropping is a major concern when we talk about the security of home WiFi networks. People around you, your neighbors in the next apartment, or even your own government, can discover anything flowing through your Internet traffic. Your personal data, like passwords and log in credentials, your credit card numbers, and  your photos and videos, are at risk.

Your WiFi network is not secured

Your WiFi network is not secured

We have written a lot about how to protect our communications using a VPN. To summarize, a Virtual Private Network, or VPN, is an encrypted tunnel where your data travels from your computer to a secure server on the Internet. Avast SecureLine is a VPN that you can use when outside of your home; at cafes, hotels, or airports.

Get your home network secure

But now, it’s time to bring your attention to your home network security. Your router should be correctly set to achieve the highest level of protection. Until you secure your router, you’re vulnerable to people accessing information on your computer, using your Internet service for free, and potentially using your network to commit cybercrimes.

There are basically three levels of security on a home router. These come in types of encryption. They are WEP, WPA and WPA2. These strange acronyms refer to different wireless encryption protocols which protect – in fact, encrypt – the information you send and receive over a wireless network.

WEP (Wired Equivalent Privacy) was the first protocol used in late 90s. It should not be used nowadays as it has serious security weaknesses which are easily hackable by even the most novice hacker. So, the first wise thing to do is move away from WEP. Your router must be quite old if you can’t do that, and you should consider purchasing an updated one, or ordering a new one from your ISP.

WPA (WiFi Protected Access) replaced WEP, but very soon after that, WPA2 replaced WPA. WPA2 implements the latest security standards, especially for data encryption with AES (Advanced Encryption Standard), a strong encryption algorithm.

Using WPA or, better, the WPA2 protocol, means that when any device tries to establish a connection to your wireless network, it will be prompted to enter the security key or password to connect.

Most wireless routers allow you to select WPA2 during the setup process. Unfortunately, the default in many wireless devices is WEP or, even worse – nothing -  which means anybody in range can connect to your WiFi to use the bandwidth and access your other devices (printer, network disk, etc.).

What to do at home

Avast Home Network Security scans for vulnerabilties.

Avast Home Network Security scans for vulnerabilties.

Verify your wireless network router (or other access point) supports WPA2. If necessary, go to your router manufacturer site and search for the latest firmware to be downloaded and applied according to its instructions. Apply compatible WPA2 settings on each WiFi device, choosing the WPA2 encryption and the correct authentication info.

Although encrypting your traffic won’t protect you from rogues, denial-of-service (DNS) attacks or interference, it will ensure secure wireless communication.

Also, change the default password. Make sure the one you use is long and strong, using a mix of numbers, letters and symbols.

Avast 2015 includes a Home Network Security scanner that can help you determine what needs to be done, explain why, and can direct you to the router manufacturer’s website. Read more about it on our blog,  Your home network is at risk of cybersecurity attacks.

Avast Software’s security applications for PC, Mac, and Android are trusted by more than 200-million people and businesses. Please follow us on FacebookTwitter and Google+.

 

Comments off
November 4th, 2014

Avast 2015 new feature: Home Network Security scanning

Nowadays, security is team work: Software and hardware should work together to achieve the most complete protection possible.

Avast 2014 Home Network Security

Avast 2015 Home Network Security scans for vulnerabilities in your router.

Complete protection is why the developers at Avast Software decided to include a security feature called Home Network Security (HNS) in the new Avast 2015. HNS is all about scanning your router for vulnerabilities and identifying potential security problems that open the door to threats. Routers are the weakest security point in many home and small business networks these days, so this is a very valid and needed feature.

Here comes the problem. There are zillions of different routers available around the world, but the majority of users just acquire one “that works and is not so expensive” or they get whatever their ISP gives them.  That means the security is already compromised. HNS has been conceived to solve these major threats:

  1. 1. Your wireless network is not secure due to lack of encryption. Thus, anybody in range, like your neighbor, can connect to your Wi-Fi to use the bandwidth and access your other devices (printer, network disk, etc.).
  2. 2. Your network router is accessible from the internet, so hackers can access the router and modify your network settings, even disabling the internet connection or stealing your personal data.
  3. 3. Your router is vulnerable to hacker attacks, i.e., hackers can easily read your router settings, get access to the router, and modify it. Your personal data might be in risk.
  4. 4. Your internet connection is compromised and your router could be hijacked. Your router is already hacked (i.e., some well-known sites are re-directed to fake IPs).
  5. 5. Devices on your network are accessible from internet. This happens when Internet Protocol version 6 (IPv6 is enabled on the router and the devices get IPv6 addresses that are not firewalled. The problem is not primarily in the protocol, but in the router, which is not able to secure the devices with these addresses

Avast can help you protect your home network

With Home Network Security  on all  Avast security products, we can translate this into security protection for you. This 7-part series published on the Avast blog this month will show you what to do to enhance your network security and how Avast can guide you through the task.

 

Before we continue, know that there are a lot of free guides available from the major router manufacturers that provide step-by-step information. Take a look, for instance, here. Look for your model and read a bit. Remember, all you learn will work toward protecting your network. You can also download and install a router detector that could help you in this job.

Avast Software’s security applications for PC, Mac, and Android are trusted by more than 200-million people and businesses. Please follow us on FacebookTwitter and Google+.

July 31st, 2014

Security basics: Internet scams and your identity

If you’re afraid “to do something wrong” when you sit behind your computer, this new series is for you.

AVAST has expertise in developing security products and we want to bring you a complete series about internet danger, with good practices to avoid scams, loss of money, and identity theft. You’re just about to join a tutorial that will help you avoid such threats in the virtual world.

Privacy July 2014 B (2)

First, being afraid to do something wrong is healthy because it will slow you down, which can be a good thing since most mistakes are made due to rushing through something. Computers, smartphones and tablets are advanced tech devices. Those of us who did not have the opportunity to learn and gather knowledge and experience on using these devices when we were young, can be a little shy with them. Searching for information about how to do something with your device is not always easy because people tend to use complicated language. Making it simple and easy-to-understand is a task that we assume with pleasure.

The Basics

The internet is a space for sharing and dialog. However, alongside this encouraging environment you will face some areas where you need to exercise caution: Inappropriate content for children like adult sites; sites which promote hateful content such as racism and intolerance; and cybercriminals who use different methods to steal your personal, banking, and credit card data.

You may be tempted to think that no one will be interested in your computer, or that your computer cannot be found in the internet jungle. That would be a mistake.

Cybercriminals hide in the jungle and misuse your computer as a base to attack others, and spread viruses (malware) or spam. Think of it this way – the banking systems and e-commerce sites have, in general, a much bigger and more sophisticated security arsenal than your own computer (smartphone or tablet), and yours is the weakest point in this chain.

So let’s start from the same place.

Here’s The Rule: All safety measures you take in real life should be applied when you use the internet: Visit only trustworthy sites and stores, do not share your personal data with anyone, lock the doors, and put an alarm. AVAST believes security implies prevention: Be prepared before something bad surprises you.

Your identity is up for grabs

Your personal data or your credentials for a particular site (username and password) are quite valuable to cybercrooks. With this data, scammers act on your behalf; sending emails (like the phishing ones we’ve written about lately), shopping with your credit card, and doing things that can cause harm to you, not only financially but also for your reputation. They could share false information about you, photos and personal data. This could led to problems when, for instance, you are looking for a new job, but also in your personal and family life.

Create strong passwords to protect your online accountsTaking care of your passwords is essential. Use different passwords for each service or internet site. You should create the so-called strong passwords: CAPS letters, symbols, and numbers. AVAST offers an automated solution for your passwords called avast! EasyPass. This way, using different and secure passwords, cybercriminals can’t easy guess your credentials, enter in sites, or shop in your behalf.

Do not answer unsolicited emails or sales promotions that promise you a financial return after you make a small payment. Never help or join into the financial operations of a third party, close to you or not. Do not trust in NGOs that ask for donations, rather look for the official sites to contribute. Never giveaway your banking data for “personal credit and rewards” announcements, for example, bogus companies offering jobs that ask for a preliminary payment. Scams that prey on your emotions are prevalent. Dating scams in-the-wild ask for money to make a trip to meet your  love interest personally. In fact, after you pay, you’ll never see your love again. Beware of these types of scenarios.

How can we avoid these scams? Generally, they ask for a quick and secret decision and, often they have spelling and grammar errors because many still originate from foreign locales and rely on online translation software to spread the scams all over the world.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter, Google+ and Instagram. Business owners – check out our business products.

July 21st, 2014

avast! is nominated the best antivirus for Windows by Lifehacker

avast! Free Antivirus was nominated by Lifehacker users as one of the best desktop applications.

avast! Free Antivirus

Lifehacker is a well-known site for its “Tips, tricks, and downloads for getting things done.” When the subject is to get protected and install an antivirus, they picked up avast! Free Antivirus and, now, last Sunday, avast! was picked again as one of the Top 5.

“It’s our pick as the best…it’s fast, lightweight,…”, says Lifehacker.

When expert people say something is the best, it is always due to a combination of factors and it varies (a lot!) among users. Lifehacker asked their users to point out where avast! excels and what they miss in the competition. They say they are confident of choosing avast! due to a lot of points.

Users  commented on the high level of usability and that it fits for common users, but doesn’t lack advanced settings for the geeky ones. If you want it, avast! has a high level of customization, fitting well for all needs, from gamers to your grandma!

“A fairly simple interface from which you can scan your computer, see statistics, update definitions, and more.”

Voters appreciate avast’s many features: Scans files, email, URLs, P2P programs, and more for malware. Automatic updates happen as soon as the virus database or program changes. In fact, the streaming updates are released each 4 minutes!

“It updates quietly in the background without fuss.”

“A plethora of on-access scanning and protection tools,” (some of which you may not want, but can be easily managed during the installation process.)

Silent mode where you can disable any and all notifications and warnings to keep performance slim and trim.”

“Others highlighted specific features, like avast!’s screensaver scan, where the application only kicks in when you’re away from the computer or the system is idle.”

Low system impact is a major consideration when choosing antivirus protection:

“avast! may be simpler and lighter weight than most other programs out there”

“The app itself is relatively resource light — you may not even notice it’s there”.

A few users highlighted the fact that avast! is cross-platform, and available for multiple operating systems.

LifeHacker says, “We personally don’t think paid antivirus are necessary in a home setting, especially if you use good browsing habits.”

And the #1 reason people choose avast! Free Antivirus?

“Best of all, it’s completely free.”

What are you waiting for? Install these avast! security products on your devices.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter, Google+ and Instagram. Business owners – check out our business products.

June 18th, 2014

Google Play Store changes opens door to cybercrooks

mobile appsLast week, Google upgraded the Android app section of its store and introduced a new way for users to manage permissions. Google claims it will be easier  for users to understand and that users will pay more attention to app permissions. The new interface has a cleaner look and the common user can now install apps more quickly. But does this simplicity come with a price?

Android controls the security and the amount of access every app is granted by using “permissions”. Each action has to ask the operating system for permission to take a new action. In older versions, when an app update asked for new actions or requested additional permissions, Google Play would notify the user prompting them to explicitly accept or deny the new action. Even if the user had automatic updates set, in the cases of new permissions being asked, the user would need to manually perform the update. Even if the user wasn’t exactly sure what they were giving permission for, at least the user was aware and could make the decision themselves. Security was preserved.

Everything is different now

Everything changed last week.

Individual permissions, which could range from important to trivial, are now joined into 13 groups, including a catch-all called “Other”. Now the user has to accept a “new group” change. This means that if you have already allowed certain permissions within a group, then any other permission within that group will automatically be allowed. For example, an app that could access your calendar can now also read your contacts. If you set a meeting and have invited people by email, the app will be able to use the calendar to send emails to them, even without your consent!  Read more…

Comments off
May 5th, 2014

The 10 Commandments of Mobile Privacy

From governments to thieves to your wife – it seems that everyone has access to your private data.

avast! Mobile Security anti-theft helps track your lost phone

If you have a smartphone or tablet, people around you can discover your most deeply held secrets. You put all your private data and personal information there and… it’s at risk. The possibility of losing your phone or getting robbed is a major concern.

Is there anything that we can do to protect our private data? Some skeptics say no. I’m an optimist; I think there is always a way. Working for a security company makes us think that there is always a way to protect ourselves, to avoid danger, and to care about other users.

Lock your apps for privacy with avast! Mobile SecurityI’ve being collecting info for what I call the 10 Commandments for mobile privacy. Here are simple steps to help protect your privacy:

  1. 1. Use a PIN, password or pattern in your device. I’m lucky to have a phone where the numbers change their position on the screen and make the lockscreen even more secure. There are some apps that make your password “random” (obeying rules you’ve previously set).
  2. 2. Lock your most private apps. Lock your log in data but also your own messages, emails, personal notes, contacts, everything is in your pocket. offers the feature to secure even more sensitive parts of your device with the avast! Mobile Security App Locker that automatically asks for a PIN when you start the app.
  3. 3. Do not save banking or credit card credentials in your phone or, at least, not in the mobile browsers. Some banks, at least here in Brazil, have their own mobile app that never saves the passwords or PINs. Now, for Android, there are free password managers that adds a new security layer while browsing.
  4. 4. Do not be a happy clicker. People who expose themselves to scams or spam links, who download each single app they see from any kind of source put themselves at risk. OK, you’ll say this is not you. But, do you think twice on clicking in social media links or shares?
  5. 5. Do not take, send, save or share nude photos. No, this is not a moral commandment. It’s a privacy one. Read more…
Comments off
April 30th, 2014

You dropped your phone in the swimming pool. Now what?

avast tips help save your wet phone

At least it wasn’t dropped in the toilet!

How to save a wet smartphone

It happened with me, I jumped in the swimming pool with my phone in the pocket. Unfortunately, it was not the first time my phone was drenched. Some years ago, the villain was the rain. I was using a smartphone app to monitor my running pace and it started to rain. Not a light refreshing rain – no, a deluge, a Heavy rain. My phone was protected, but that was just too much rain.

At that time, I didn’t know what to do and made the wrong decisions. Some modern phones are waterproof, but others aren’t, and an accident involving water can be fatal. I’d like to share these hints with you on what to do if your phone decides to take a bath.

  • The first thing you should do NOW is a backup! You’ve heard this before, but have you done anything about it? It’s always better to be safe than sorry. Your photos, videos and musics, your apps and game data – everything could literally sink in water. We offer a simple, yet easy solution: avast! Mobile Backup protects your data against such accidents. Try now the free basic version from Google Play Store.
  • TURN YOUR PHONE OFF If your phone was dropped into water, the first thing to do is TURN IT OFF. And not only press the on/off button, but also remove the battery and cards completely. It’s a race against time. Each second is vital to avoid an electric shock and motherboard crash.
  • Let all the water flow freely. The best position for the phone is horizontal over a table on a dry piece of cloth. Do not rub, do not use cotton, do nothing… Just let the water drain out.
  • Dry the device carefully. After that, take a dry cloth or some absorbent paper to dry the device completely. Hold it with the screen facing up to drain all the water that could stay inside. Try not to shake it.
  • Be patient. Have a lot of patience. That’s the keyword here. Keep the phone open for a long time, at least 24 hours. Some technicians recommend to put it into a pot and fill with raw rice (or gel silica, if you have it with you) to absorb dampness.
  • After 24 hours, remove all the rice (or the small pieces of gel silica) and have patience again. Leave it open and exposed to air. Do not use hair dryers. Do not put the phone directly in the sun, because you can do more harm than good (harm to the screen, battery, or even the plastic parts.)
  • Only after other 12-24 hours you could try to put battery again and turn it on.
  • Of course, if you do not have luck, you’ll have to take it to technical assistance. But we wish you luck and that your phone will work again!

Besides getting wet, your phone can be lost or you could get infected with the ever-increasing malware being written for Android. Protect your phone for free with avast! Mobile Security & Antivirus. Get it on Google Play. Don’t be one of these careless people who neglect to protect their phones!

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter, Google+ and Instagram. Business owners – check out our business products.