The Avast bi-weekly wrap-up is a quick summary of what was on the Avast blog for the last two weeks.
Spring has sprung and it’s time to clean the dust and grime away after a long winter. In a departure from our regular security-oriented blog posts, we share 10 spring cleaning tips to combat grime. Don’t forget you can also clean your mobile devices! But you barely have to lift a finger because Avast GrimeFighter Safe Clean will remove the grime from your Android mobile devices with the touch of a button. If only window washing were so easy!
Independent testing lab AV-TEST gave their coveted certification to our popular mobile security application, Avast Mobile Security. If you are still on the fence regarding protecting your Android smartphone then read How to find the best protection for your Android phone? Independent tests.
Many smartphone owners are more worried about losing their device then they are about becoming infected with malware. That’s why we created Avast Anti-Theft. Make sure you have the latest version of our free app so if your phone gets lost, you can track it via your My Avast account or using SMS notifications from your friend’s phone. Turned Android auto-updates off? Manually update Anti-Theft to stay protected. explains how you can use Avast Anti -Theft to recover your lost Android device.
The mobile development team released a handy little app called Avast Battery Saver. This free app from Google Play helps you save some battery power. But not just any app can do it. The blog post Fear and loathing on Google Play: An in-depth look at today’s battery saving and cleaning apps gives us the scoop on apps that promise to save battery life with task cleaning.
How to extend the life of your phone’s battery is a question that we all have when the juice starts running out. The Avast Battery Saver app can help save about 20% but there are other ways to save battery life. We give you the tips and also share the future of smartphone batteries.
The unsecured Wi-Fi hotspot at the local cafe can be bad news if thieves capture your login credentials. Android users with Avast Mobile Security have a built-in feature called Wi-Fi Security that warns them if any issues are detected. We are now seeking iOS beta testers for an app called Avast SecureMe that will include the same type of feature for iPhone users. Check our blog Wi-Fi Security feature foolproofs your network connections both in public and at home and scroll down to the bottom for the beta test sign up link.
Cybercrooks use a variety of attack vectors to reach their victims. Targeted spearphishing attacks use email messages to trick people into providing sensitive information while malicious apps for Android disguise themselves as innocent games. The scary ransomware locks up all your files and demands ransom for the key to unlock it – on both PCs and and mobile devices! Avast keeps you aware of cybercrooks latest tricks in Don’t take the bait: Beware of web attack techniques.
Wi-Fi Security is a feature that is available for Android users within the Avast Mobile Security app as well as within Avast SecureMe for iOS. The feature’s job is to scan Wi-Fi connections and notify you if it finds any security issues including routers with weak passwords, unsecured wireless networks, and routers with vulnerabilities that could be exploited by hackers.
While conducting user testing, we found that 22% of Avast Mobile Security users make use of the Wi-Fi Security feature, making it the 2nd most used feature within Avast Mobile Security.
“Avast SecureMe and Avast Mobile Security offer users a simple, one-touch solution to find and choose safe networks to protect themselves from the threat of stolen personal data,” said Jude McColgan.
Wi-Fi Security scan notifies you of any issues that are detected
From all the users who tested the Wi-Fi Security feature, more than 10% of the scans performed returned some kind of problem, such as the use of non-encrypted passwords or a router that is susceptible to security threats. The Wi-Fi Security feature currently performs checks for the following four key elements:
- Non-encrypted, unsecured wireless networks
- Networks with weak encryption
- Weak router passwords
- Routers with known security issues
What’s the risk that my personal data will be stolen?
If you use unsecured Wi-Fi when you log in to a banking site, for example, thieves can capture your log in credentials which can lead to identify theft. On unprotected Wi-Fi networks, thieves can also easily see emails, browsing history, and personal data if you do not use a secure or encrypted connection like a virtual private network (VPN). See our global Wi-Fi hacking experiment to see how widespread the threat really is.
Wi-Fi Security offers two solutions to defend against malware threats
After the Wi-Fi Security feature has scanned your device, you’re presented with two options:
1) Launch Avast SecureLine VPN
2) Click the ‘How to resolve’ button
The first of the two options is meant to be used when you’re connecting to public networks – it’s ideal for cafes, airports, or hotels. On the contrary, users should opt to resolve detected threats if they’re browsing at home using their own devices. When taking this route, you’re redirected to the Avast website in order to set up your router in accordance with our guidelines.
How do I get the Wi-Fi Security feature onto my device?
Avast SecureMe will soon be available in the iTunes Store. Before its widespread release, we will be conducting an invitation-only public beta test. Please sign up here, and the SecureMe team will contact you. If you have already downloaded Avast Mobile Security for Android then you’re all set to start using the Wi-Fi Security feature (you’ll find the “Wi-Fi Security” button on the app’s dashboard). For those yet to download Avast Mobile Security, it is available now from the Play Store.
Mobile is attractive to cybercrooks
Our mobile phones are fantastic little devices — these days, they’re as powerful and can accomplish nearly all the things a regular computer can. While this is convenient for us, it also gives cybercrooks a relatively easy in-road to your private data and financial information. As 2015 rolls along, consumers continue to become more aware of mobile security options available to them, since they will increasingly use mobile apps that contain sensitive banking, financial, and personal health information.
Last year, more than 1 billion Android devices were shipped out to customers around the world. With Android winning the majority of the smartphone market, it offers a tempting target to malware authors. The average user is not especially concerned about being infected with a virus on their phone or tablet, but unfortunately, mobile malware is more than just a myth. Avast currently has more than one million samples of mobile malware in its database, with 2,850 new mobile threats being created every day by hackers.
Even if you think your chances of being infected with malware are low, we suggest that you go ahead and install a good mobile antivirus software. The great thing about Avast Mobile Security is that it’s free, so your investment is minimal – just a few minutes of setup and you’re ready to go.
Avast Mobile Security includes antivirus protection which scans your apps to see what they are doing, and a Web shield that scans URLs for malware or phishing. Malicious apps allow malware to enter your phone, so it’s good to have Avast on your side to detect when a bad one slips by on Google Play or another app store.
Avast Mobile Security did not commit any mistakes when tested with 1,932 legitimate apps from the Google Play Store and 981 legitimate apps from third party app stores. In addition, all this protection, according to AV-TEST, did not “impact the battery life”, or “slow down the device during normal usage”, and “does not generate too much traffic”.
To compare the choices of mobile antivirus software, you can look at the January 2015 “Mobile Security Test” conducted by the independent labs at AV-TEST. They looked at 31 popular Android security apps. Avast Mobile Security tops the list because it detected 100% of malicious apps without any impact on the battery life or slowing down of the device.
AMS Referral Program
In the latest update of Avast Mobile Security, we added a referral program, so you can recommend Avast Mobile Security to your friends and family. Not only can you recommend the best mobile security app available on Google Play, but you will be rewarded for doing so; you can earn up to three months of Avast Mobile Premium for free!
Here is how it works: For every five friends you send an SMS to recommending Avast, you get one free month of Avast Mobile Premium. Cool, huh?
There you have it — we’re huge fans of Avast Mobile Security, and we think you will be too. Download Avast Mobile Security for free on Google Play.
After a long winter, it’s time to throw open the windows and let the fresh air in. But first, you need to do a good Spring Cleaning to wash away the grime that has accumulated. Here’s our favorite tips that go beyond the ordinary vacuum and dust routine. Choose the ones you want to do, and don’t forget that your mobile devices can use a good cleaning too (see tip #10)!
Starting from the top down:
- 1. Dim light fixtures and dull lamps. See the gleam again from your light fixtures. Get a soft microfiber cloth or duster and wipe away dust from ceiling lights, fans, and table lamps. I even use a vacuum attachment on lamp shades.
- 2. Greasy window treatments. Dirt, dust, grease, and bacteria collect on draperies, blinds, verticals, and shades. It is recommended to have your fabric window treatments dry-cleaned every 5-7 years. For metal or plastic blinds, you can take them down and wash them with dishwashing soap in a bucket of water or a solution of half water, half vinegar. Clean wooden blinds with a soft dry cloth wear a pair of cotton gloves or old socks and wipe the slats down.
- 3. Dusty bookshelves. A dusty old library sounds like a romantic notion, but it’s not good in your own home.Working from the top down, remove books and decorative objects from one shelf at a time, dust and return. Maybe you’ll find some old books that are ready to donate while you’re at it.
You walk by it every day:
- 4. Grimy doors, knobs, and handles. Grubby hands and jumping dogs can make your doors pretty awful looking, but because you are walking in and out, you don’t even see the grime. Give knobs and handles a quick wipe down with your favorite cleaner and some paper towels. Make your front door welcoming again by cleaning it inside and out with warm, soapy water. Dry it with a soft cloth.
How does that get there?!
- 5. Crumby kitchen drawers. I can’t ever figure out how the crumbs get in there; but spring cleaning is a good time to remove everything, wipe out the drawers and return only the items you still use.
- 6. Upholstered furniture. After a season of snuggling on the sofa with the dog and a good movie, stick your hand between the cushion and you’ll find old popcorn and plenty of dirt, sticks and leaves. I even found a dead lizard! Get out the vacuum attachments and vacuum upholstered furniture, including under and between cushions. Fluff and rotate cushions and pillows.
- 7. Underneath the rugs. You’ll be surprised what’s under there, so move the furniture off the rug and vacuum underneath. You may want to take your rug outside and give it a good old-fashioned beating too.
- 8. Underneath beds and behind furniture. Dust bunnies as big as the cat are hidden away, so make an extra effort to get the vacuum way up under there. Allergy sufferers have enough to deal with when the pollen comes, so help them out by minimizing dust.
You will feel cleaner, too. Trust me.
- 9. Scummy shower and tub walls. Soap scum builds up after a season of long, hot showers. Choose your favorite cleaning product and leave it on for at least 10 minutes before scrubbing down the tiles.
This is the easiest one!
- 10. Spring Clean your Mobile Devices. We may not be great at washing windows and cleaning floors, but we know how to Spring Clean you Android device! Over time, unnecessary data, system caches, gallery thumbnails, installation files, and residual files can accumulate on your smartphone and tablet. You can regain performance and speed when you clean away all the grime with our free app, Avast GrimeFighter Safe Clean for Android. Install Avast GrimeFighter free from Google Play.
When it comes to cybercrime, it’s always better to be in the know. Here are a few ways that web attacks can find their way onto your device. Don’t be fooled — most cybercrooks design attacks to take place where you’d least expect it.
Social engineering preys on human weakness
“A lot of attacks are still using social engineering techniques; phishing emails – ways of convincing the user to give up valuable information,” said Avast CEO Vince Steckler.
In a phishing or spearphishing attack, hackers use email messages to trick people into providing sensitive information, click on links, or download malware. The emails are seemingly sent from organizations or individuals the potential victims would normally get emails from, making them even more deceptive. Last July, Avast took a look at the Tinba Trojan, banking malware that used spearphishing to target its victims.
An example of an injected form from Tinba Trojan targeting U.S. Bank customers.
Web attacks also take place through SMS Text Phishing, also known as SMSishing. This method has become one of the most popular ways in which malicious threats are transmitted on Android devices. These text messages include links that contain malware, and upon clicking them, the malicious program is downloaded to the user’s device. These programs often operate as SMS worms capable of sending messages, removing apps and files, and stealing confidential information from the user.
Malicious apps attempt to fool you
Malicious programs can disguise themselves as real programs by hiding within popular apps or games. In February, we examined malicious apps posing as games on Google Play that infected millions of users with adware. In the case of malicious apps, cybercrooks tamper with the app’s code, inserting additional features and malicious programs that infect devices. As a result, the malware can attempt to use SMSishing in order to collect additional data.
The Durak card game app was the most widespread of the malicious apps with 5 – 10 million installations according to Google Play.
Ransomware uses scare tactics that really work
Another name that made headlines was a group of malware dubbed ransomware, such as CryptoLocker, and its variants Cryptowall, Prison Locker, PowerLocker, and Zerolocker. The most widespread is Cryptolocker, which encrypts data on a computer and demands money from the victim in order to provide the decryption key. Avast detects and protects its users from CryptoLocker and GameoverZeus.
Make sure you back up important files on a regular basis to avoid losing them to ransomware. Ransomware made its way from desktop to Android during the year, and Avast created a Ransomware Removal app to eliminate Android ransomware and unlocks encrypted files for free.
Count on Avast apps to keep mobile malware at bay
To keep your devices protected from other ransomware, make sure to also install Avast Free Mobile Security & Antivirus from the Google Play store. It can detect and remove the malware before it is deployed.
Install Avast Ransomware Removal to find out if your Android devices are infected and to get rid of an infection. Avast Ransomware Removal will tell you if your phone has ransomware on it. If you are infected, it will eliminate the malware. Android users who are clean can use the free app to prevent an infection from happening.Once installed, you can easily launch the app to scan the device, remove the virus, and then decrypt your hijacked files.
The Avast biweekly wrap-up is a quick summary of what was on the Avast blog for the last 2 weeks .
March Madness wraps up on April 6th. Even if you are traveling abroad, all you basketball fans can watch the game using a VPN service. Stay safe during March Madness using Avast SecureLine explains why you should always use VPN when connecting to a public Wi-Fi hotspot, plus the added benefit of being able to watch geo-restricted content online.
Speaking of Wi-Fi – Just like in real estate, one of the most important things for your router is location, location, location. 5 things you can do to boost your Wi-Fi network shares helpful things that you can do yourself to make your Wi-Fi signal stronger within your home or business.
I run because I really REALLY like Beer!
Team Avast rocked it at the Sportisimo Prague Half Marathon.
World Backup Day was a good reminder that we need to take time to prevent data loss on our PCs and mobile phones. We discovered that one of the main reasons that people do not back up their data is because they are lazy.
The family IT expert knows how frustrating it can be to help someone solve a computer problem over the phone. Avast makes it easier with our Remote Assistance service. Now you can Help others with their computer issues using Avast Remote Assistance.
For those of you who like to DIY, you can learn How to use the Avast Virus Chest and what actions you can perform on files inside the chest.
With all the security improvements in browsers and operating systems, some people have questioned whether they still need antivirus protection. The business of malware has changed, but it can still be devastating if you are targeted. COO Ondrek Vlcek explains why Avast is not your father’s antivirus protection.
Do I really need security on my computer anymore?
Over the years, web standards have improved and the security of operating systems and browsers have become better. Because of these advances, some people question whether they need security protection at all. But you need to remember that in parallel to positive advances in protection, cybercrooks have improved their skills and become more stealthy and targeted.
Hackers are no longer mischievous kids breaking into government agencies because they can. “These days, cybercrooks have to make business driven-decisions like the rest of us because their resources are limited,” said Ondrek Vlcek, COO of Avast.
Current malware is often disguised as legitimate applications, malicious Android apps sneak by protocols of the huge download sites, and home and business networks are being attacked via weakly protected routers.
“Threats are no longer just targeting devices, but accounts and routers. A recent example is the iCloud hack where cybercrooks stole personal photos of more than 100 celebrities, including Jennifer Lawrence and Kate Upton,” said Vlcek. “This attack happened via their account and can as well be the result of a router hack. No matter which device you use, all Internet traffic flows through your router so you have to make sure it is secure. You don’t have to be Jennifer Lawrence to be attacked.
Not your father’s antivirus protection
Antivirus protection has come a long way since it scanned individual files. Avast has taken modern virus protection to a high art with real-time updates and heuristic scans that detect new threats it’s never even seen before.
Avast performs so well in protecting against “real-world” threats such as Trojans, worms and viruses as well as web and email threats, that it just received the AV-TEST certification for our home user products.
Avast scored perfectly in the detection of widespread and prevalent malware discovered in the last 4 weeks, and had very little incidence of disruptions caused by false positives. Our consumer products have basically no measurable impact on the performance of the computer while doing things that the average user does on a daily basis: Visiting websites, downloading software, installing and running programs and copying data.
Where you physically place your router makes a difference – not only to the signal, but to your security.
Think of your router like you would a cordless phone’s base. If you wander too far away from the base station, your call may drop or have static interference. If your wireless devices, like your laptop, are out of your router’s range, then your connection speed can slow down to an annoying crawl or your connection may drop.
Generally, a Wi-Fi router should work well for about 100 ft (30m) in every direction. If your walls are thin or your router is placed in the wrong location, you could be helping a thief steal your bandwidth.
Here are 5 things you can do to optimize your reception and reduce the chance of your neighbor piggy backing on your signal:
- 1. Place your router in a central location. For the optimal coverage, place the router in the middle of the desired coverage area. Think about all the devices you are using along with their location, and place the router at a mid-point and as high as possible so the signal gets dispersed throughout the area.
- 2. Avoid walls, ceilings or shelves. If the signal has to go around corners, or through walls, ceilings or shelves, then it will have a hard time getting to your device. Insulated walls, or ones made of brick or concrete can impede the signal. Even fish tanks (it’s the water that’s the problem) and mirrors can have an effect.
- 3. Place appliances far away from the router. Appliances operate on the same frequency as routers, so avoid placing the router close to cordless phones, microwaves, or TVs.
- 4. Name your Wi-Fi something alarming. Follow the trend to rename your Wi-Fi network to something that will potentially scare would-be thieves from mooching off your Wi-Fi connection. The name “FBI Surveillance Van” was popular a few years ago, or use my favorite c:\virus.exe.
- Better yet – set up a password for your network with WPA2 encryption. Read more about securing your router from 12 ways to boost your router’s security.
- 5. Put up Wi-Fi blocking wallpaper. Decorate your room and block your Wi-Fi signal at the same time. MetaPaper is wallpaper that helps businesses and home users improve the security of their data and protect their Wi-Fi networks from intruders. Re-setting your password is definitely cheaper, but this is a clever innovation especially for business owners concerned about their data security.
Avast Home Network Security scans a user’s home network and routers for potential security issues that could allow a hacker attack. The scan looks for misconfigured Wi-Fi networks, exposes weak or default Wi-Fi passwords, vulnerable routers, compromised Internet connections, and enabled, but not protected, IPv6. It also lists all devices on the network so you can make sure only your known devices are connected.
To run a scan on your home network, open the Avast user interface and click on Scan>Scan for network threats. If Avast finds a vulnerability it will guide you on how to fix it.
The Avast Virus Chest is a safe place to store potentially harmful files. These files are completely isolated from the rest of the operating system, meaning that they are not accessible for any outside process or software application. Files cannot be run while stored in the Virus Chest.
How to open the Avast Virus Chest
To open the Virus Chest, right click on Avast’s little orange ball icon in the system tray in the bottom right hand corner of your computer. Select Open Avast user interface from the menu. Another way to open the user interface is to double click the desktop icon.
From the main menu, select Scan, then Scan for viruses, and then click the Quarantine (Virus Chest) button at the bottom of the screen to open the Virus Chest window.
If Avast 2015 detects an infected or suspicious file, it will try to repair it at first. Unfortunately, some files cannot be repaired so Avast will try to move the file to the Virus Chest. If the infected file refuses to move to the Virus Chest, it will be automatically deleted from your computer.
How to set up quick access to the Virus Chest
For quick access to the Virus Chest, you can assign it to one of the four shortcut squares in the Avast user interface. To change which function you see, click on the drop-down menu icon in the top right hand corner of the square. There you will find a choice to place the Virus Chest right on the Overview of your Avast product.
Once you have the shortcut on the user interface, then simply click it to open the Virus Chest.
You can perform different actions while in the Virus Chest
You can perform different actions on the file inside the Virus Chest by right clicking. For example, you can
- Restore a file
- Exclude it from scanning
- Report it to the virus lab
- Delete the file
Once you have made the decision on which action to take, you will be asked to confirm your choice. When you have finished, close the Virus Chest to exit.
NOTE: Exercise extreme caution when restoring a file from the Virus Chest as it may still be infected. This is a high security risk action that requires advanced skills and experience handling infected files to avoid further potential infection of your computer.
How to manually move a file to the Virus Chest
If you need to move a file manually into the Virus Chest, right click anywhere on the contents table on the Virus Chest screen and select Add from the menu. A navigation dialog will open so all you need to do is locate the desired file that you want to move. Then click the Open button. The desired file will then appear in the contents table on the Virus Chest screen.
How to restore files from the Avast Virus Chest
When you open the Virus Chest, you will see a list of files contained within it. Right click on the file that you want to restore and the drop-down menu will appear. Select the Extract option, then select the location to save the file and click OK to close your window.
Dreaded ransomware, the malware that locks your files and demands payment for the key to unlock them, is now targeting gamers.
In the first report of gamers being targeted by ransomware, more than 2o different games, including World of Warcraft, League of Legends, Call of Duty and Star Craft 2, various EA Sports and Valve games, and Steam gaming software are are on the list. This variant of ransomware looks similar to CryptoLocker according to a report from a researcher at Bromium Labs.
What is CryptoLocker?
CryptoLocker is “ransomware” malware that encrypts files on a victim’s Windows-based PC. This includes pictures, movie and music files, documents, and certain files, like the gamer’s data files, on local or networked storage media.
A ransom, usually paid via Bitcoin or MoneyPak, is demanded as payment to receive a key that unlocks the encrypted files. In previous cases, the victim has 72 hours to pay about a relatively small amount of money, usually in the low hundreds of dollars, but after that the ransom rises to over thousands of dollars. We have seen reports that says the gamers are demanded a ransom of about $1,000 via PayPal My Cash Cards or 1.5 bitcoins worth about $430.
“There’s mostly no way to get the data back without paying the ransom and that’s the reason why bad guys focus on this scheme as it generates huge profit, “ said Jiri Sejtko, Director of Avast Software’s Virus Lab Operations last year when ransomware was making the news. “We can expect some rise in ransomware occurrences,” predicted Sejtko. “Malware authors will probably focus on screen-lockers, file-lockers and even on browser-lockers to gain money from victims.”
That prediction came true, and now ransomware authors are targeting narrower audiences.
How do I get infected with CryptoLocker?
Infection could reach you in various ways. The most common is a phishing attack, but it also comes in email attachments and PDF files. In the new case targeting gamers, the Bromium researcher wrote, “This crypto-ransomware variant has been getting distributed from a compromised web site that was redirecting the visitors to the Angler exploit kit by using a Flash clip.” There is a detailed analysis in the report.