Most Internet users are familiar with this problem all too well: After downloading a video player, Java, Flash updates or other software, the browser has suddenly changed. New buttons and icons in all colors and sizes along with an URL entry bar take up valuable real estate on your browser. The browser runs noticeably slower – and the results look different. Most annoying is that the advertising becomes more prominent.
Over the past two years, Avast Browser Cleanup has identified more than 60 million different browser add-ons which are often bundled with other free software, such as video players, Java and Flash updates. These toolbars typically occupy the horizontal space below a user’s browser and can include buttons, icons, and menus. Despite removing and re-installing a browser, toolbars will often remain, which is a behavior similar to malware.
Earlier this year, we told you about the return of CryptoWall, malware that encrypts certain files in your computer and, once activated, demands a fine around $500 as a ransom to provide the decryption key. These kinds of financial fraud schemes target both individuals and businesses, are usually very successful and have a significant impact on victims. The problem begins when the victim clicks on an infected advertisement, email, or attachment, or visits an infected website.
Recently, a click fraud botnet with ties to CryptoWall has been discovered. The malware, nicknamed ‘RuthlessTreeMafia‘, has been being used to distribute CryptoWall ransomware. What first appears as an attempt to redirect user traffic to a search engine quickly mutates into an alarming threat as infected systems begin to download CryptoWall and system files and data become encrypted, rendering them useless by their owners. Click fraud and ransomware are two types of crimeware that are usually quite different from one another and typically don’t have many opportunities to join forces; therefore, the result of this unlikely yet powerful collaboration can be detrimental to its victims.
Just about a year after a plethora of celebrities’ nude photos were leaked online, two homes in south Chicago have been raided and investigators have named one of the suspected hackers. As this controversial story and investigation continues to unfold, Avast researchers have come up with a few speculations regarding the origin and motivation behind the initial hack. We’ve discussed the case with one of Avast’s security researchers, Filip Chytry, who has put in his two cents about the situation:
GR: Why might have Apple not flagged or investigated an IP address’ 572 iCloud logins and attempted password resets?
FC: “Putting it simply, Apple just doesn’t have security implemented on this level. Even though they might sound large to us, attempting to track this number of logins and attempts to reset passwords is similar to discovering a needle in a haystack when it comes to Apple’s ecosystem. Read more…
Earlier this week, Microsoft confirmed that the Windows 10 official launch date will be on July 29 and will be available as a free upgrade to Windows 7 and Windows 8.1 users (for one year). This latest OS will be available to pre-order in the upcoming weeks when it launches in 190 different markets across the globe. In anticipation of Microsoft’s exciting new OS, this Techradar article takes a brief look at the operating system’s past:
With Windows 8 and today Windows 8.1, Microsoft tried – not entirely successfully – to deliver an operating system (OS) that could handle the needs of not only number-crunching workstations and high-end gaming rigs, but touch-controlled systems from all-in-one PCs for the family and thin-and-light notebooks down to slender tablets.
Now, Windows 10 has emerged as an operating system optimized for PCs, tablets and phones in unique ways – a truly innovative move from Microsoft’s side. Its big reveal is now quickly approaching, and tech enthusiasts everywhere are curious to see how this OS will measure up.
Will Avast be compatible with Windows 10?
By the end of the decade, everyone on Earth will be connected.
–Eric Schmidt, Google chairman
As a rule of thumb, it’s good to keep in mind that anything and everything that can be connected to the Internet can be hacked. Poorly designed or implemented systems could expose serious vulnerabilities that attackers can exploit. Now, most of us are fairly familiar with certain gadgets that can be connected to the Internet, such as mobiles devices and/or laptops, smart watches, and cars, but what about the things that are still emerging within the Internet-connected world? Some of these new items include routers, sensors, and everyday gadgets such as alarm clocks, wearables, microwaves, and grills.
For those of us who are self-employed and/or work from home, our houses are sacred spaces on both personal and professional levels. Although often overlooked, our routers hold the key to our productivity, as they provide the powerful and consistent network connection that we depend on in order to get our work done. Unfortunately, we often take these little guys for granted, and because of this, routers have become the weakest security point in many home and small business networks these days.
“Unsecured routers create an easy entry point for hackers to attack millions of American home networks,” said Vince Steckler, chief executive officer of Avast. “If a router is not properly secured, cybercriminals can easily gain access to an individual’s personal information, including financial information, user names and passwords, photos, and browsing history.”
Just because logging in with your finger is convenient doesn’t mean it’s the best method to use.
Some days ago we told you about increasing your security on sites and in services by using two-factor authentication. More and more services are using this two-factor log in method. They require that you use “something you know” like a PIN or a password, “something you have” like a token app in your smartphone, and even “something you are” like your fingerprints, for instance.
Many top smartphones – starting with iPhone 5s and newer Androids – are moving to fingerprint authentication technology. That means you can unlock your phone using your finger. It’s more convenient than typing a PIN or password because you always have your finger with you (we hope!). And you would think that it is more secure than using a gesture or pattern to unlock it.
Unfortunately, it’s not. Here’s why:
The authentication process requires that a site or a service (or your smartphone) could recognize you for a thing you know: A PIN or a password. This information must be stored in the service server (or hardware) and it must be matched, i.e., the combination of two pieces (generally username and password) must match to allow access to the right person.
Both you and the service must know this secret combination. But that’s the problem; nowadays, a lot of sites and services have been compromised and pairs of username/passwords have been hacked and sold on the black market.
But what about using your fingerprint? It’s the same scenario. The information about your finger and the technology to match your fingerprint is stored in servers. If they are hacked, your exact, and only, information would be in their hands.
It gets worse.
You can change your credentials to log into a site or service, but you can’t just change your finger! Well, most of us have 9 more chances after the first one is compromised, but still - there are more than just 10 services you want to use. You can change your passwords indefinitely, you can use a stronger password, you can use a password generation service - you’ve got the idea… But you don’t have that many choices with your fingerprint.
It gets even worse.
Everything you touch reveals you. You’re publishing your own secret.
Can you imagine banks or stores letting you use your fingerprint to gain access to your account without even a card? Coincidentally, just hours ago a news report was published saying the Royal Bank of Scotland and MasterCard recently made announcements regarding fingerprint authentication services. They announced that customers can log into the banks’ mobile banking app using their fingerprint. It’s interesting that this article says 16- to 24- years olds are driving this decision because
they want to avoid security slowing down the process of making a payment, with 64% of those surveyed saying they found existing security irritating.
This decision by major banks does not give us confidence in the security of the younger generation and their bank accounts. We venture to wonder about the police with their databases full of prints. What could be done with millions of fingerprints stored by the government?
By the end of last year, young researchers from the Chaos Computer Club showed that your fingerprints could be obtained by photos of your hands and from anything you touched. See the full presentation in this YouTube video. If you have the curiosity to see all the video, you’ll see that using your iris could also be simulated with high quality printed photos. At 30:40 starts the iPhone fingerprint hacking. They took 2 days to develop the method and presented it in a few minutes. Amazing and scary.
Here’s another video with a quick summary of the research.
How to make yourself and your phone more secure
This blog is a source of great information. Earlier this month, we shared 14 easy things you can do right now to make your devices more secure. Please read 14 easy tips to protect your smartphones and tablets – Part I and Part II.
As always, make sure your Android device is protected with Avast Mobile Security. Install Avast Mobile Security and Antivirus from the Google Play store, https://play.google.com/store/apps/details?id=com.Avast.android.mobilesecurity
Question of the week: I use two-factor authentication when logging into my accounts to keep them safe, but what happens if I lose my phone? Can I still access my accounts?
Security-minded individuals know the benefits of using two-factor authentication to keep their online accounts safe. For those of you who are not familiar with it, two-factor authentication is a security process which uses a combination of two different components, like something that you know, a master password or PIN, for instance, and something that you possess, like a token which can generate a number code or, more conveniently, your smartphone.
Using these two things in combination can provide unique identification when entering a site because you provide the password as well as a one-time use security code generated by your security token. If someone learns your password, your accounts are still protected because they need the security code too. Two-factor authentication can reduce the incidence of identity theft and phishing, and we suggest the use of it.
There are a number of authenticator apps made for Android smartphones. For example, Google Authenticator lets you use a security code and your own password for sites and services like Facebook, Dropbox, Evernote, and WordPress. The app creates a link between your account and your device.
I lost my phone. How do I access my accounts?
If you are so security-minded that you use two-factor authentication to begin with, then you have probably taken precautions before you lose your phone. The majority of authenticator services allow a way to recover your access and remove the authorized device from your account. That is, if you change your mobile device, then you can disable the two-factor authentication from your account before doing so. Most commonly, you would use backup codes, send the codes via SMS to a trusted backup phone, or use a trusted computer. Sometimes, the service providers take several business days to verify your identity and, if possible, grant you access again.
But, if you failed to plan ahead and you lose your phone or if you buy a new smartphone without disabling the account, to use two-factor authentication again, you’ll need to install an authenticator app on your new device. The old device and the old backup codes won’t work anymore. Some of the sites you have synced to may also have their own procedure, for example, Dropbox.
Recently, an app is making the use of this security measure much more convenient. Authy is an app that manages your two-factor accounts on Android devices, iPhones, and even your PC. Any of these devices could be used to generate tokens and sync with each other. One authorized device could de-authorize a stolen one. A master password could block the access to Authy in these multiple devices and your settings are all kept encrypted locally. Neither Authy’s developers nor hackers would be able to access the tokens.
Maybe this complex recovery process is what does not make two-factor authentication omnipresent. But, after all, you just need to take a few precautions to increase your security a lot.
Of course, it’s better not to lose your devices and for this, you should install and configure Avast Anti-Theft, which can help you find a lost device and even recover a stolen one with its tracking features. It can be downloaded and used for free from the Google Play Store.
One small Android application shows lots of determination and persistence. Too bad it’s evil.
The year 2014 was significant with a huge rise in mobile malware. One of the families impacting our users was malware Fobus, also known as Podec. This malware poses as a more or less useful application, but for sure it won’t be what the user expects. This malware usually has two language versions, English and Russian, and applications seem to be generated automatically.
All that, and a bag of chips
From the permissions in the manifest, we can see that once Fobus is installed on the victim’s device it cannot only send SMS and call premium numbers, which may cost a lot of money, but it also works as Spyware and can steal personal data from the infected device. That’s a lot of bad stuff packed into one small application.
Next up is a bit more technical stuff. If you are really eager, skip to Me thinks that something is amiss section to see how it works. Read more…
We simply need to follow some rules to control and prevent system penetration and also bandwidth theft (and losing money!). Safeguard your valuable information available through your home wireless connection and do not be easy target for hackers!
Here are 12 ways to boost your router’s security:
1. Install your router in a safe place where the wireless signal is available only inside your own house. Avoid placing it near to a window.
2. Turn off WPS, the automated network configuration method that makes your wireless password more vulnerable to hacker attacks. Turn on WPA2 encryption and, if you can, protect it with a strong password.
3. Change the default admin username and password to a strong password. Do not use default passwords because they’re generated from well-known algorithms that makes hacker attacks even easier. Do not use your name, date of birth, home address or any personal information as the password.
4. Upgrade your router firmware to fix known vulnerabilities of the router.
5. Don’t forget to log out after managing the router, avoiding abuse of the authenticated browser sessions.
6. Disable remote management of the router over the internet. In a business environment, if you need this management, it will be safer to use NAT rules allowing SSH or VPN access only.
7. To prevent CSRF attacks, don’t use the default IP ranges. Change the defaults 192.168.1.1 to something different like 10.8.9.7.
8. To prevent ROM-0 abuse of your router (i.e., access to the secret data stored in your router: your ADSL login/password combination and WiFi password), forward port 80 on the router to and non-used IP address on your network. Check how-to here.
9. Set your router DNS servers to automatic mode (or DHCP) or for a static value that you manually set exactly according to your ISP.
10. Disable IPv6 on the router or, if you really need IPv6 services, replace the router with a IPv6 certified one.
11. You can save bandwidth and allow only specific computers or devices to access your WiFi even if they have the security key to enter. Find the computer MAC address (the “physical address” listed with the command line ipconfig/all at a cmd window). Into your router settings, you should look for the Mac filtering settings to add this identifier there.
12. Use a secure VPN in open/public Wi-Fi hotspots. You can read more on how Avast SecureLine can protect PC, Mac and Android devices in these situations. If you cannot avoid using public Wi-Fi, then try not to log in or enter your credentials (specially banking or credit card ones), but also your email and phone number. If you really need it, always prefer the secure protocol HTTPS (check the browser address bar).