Protecting over 230 million PCs, Macs, & Mobiles – more than any other antivirus


March 11th, 2015

Avast hacks devices at Mobile World Congress

MWC15 Avast logoThe Avast Mobile Security team demonstrated how easy it is to hack smartphones and tablets at the Mobile World Congress.

 

The sleekest smartphones, the coolest wearable devices, and the best in mobile security were debuted at the Mobile World Congress in Barcelona last week. But it was hacking user’s devices at the Avast booth that had the journalist’s buzzing.

Hacking unsecured Wi-Fi is easy enough for any IT college student

Filip Chytry, a mobile malware researcher that you are familiar with if you visit our blog, set up a wireless hotspot in the Avast booth that allowed visitors to track the online activity of any device that connects.

“The site will let Avast capture passwords, messages and other information people type on the websites, and Chytry can even create dead ringers for Gmail or Facebook sign-in screens – - down to the little green padlock icon that indicates a secure connection…,” reported Bloomberg Business in The Easiest Way to Get Hacked: Use Phone at Phone Show.

The hacking demonstration illustrated what Avast found out during a global Wi-Fi hacking experiment conducted right before MWC.

“The study found that people around the world overwhelmingly prefer to connect to unsecured and unprotected Wi-Fi networks instead of password-protected networks,“ wrote Help Net Security in Global experiment exposes the dangers of using Wi-Fi hotspots.

Avast at MWC15

Most people connect to a completely unsecured public Wi-Fi hotspot without a second thought.

Security experts from Avast traveled to 9 cities on 3 continents, and found that Wi-Fi users in Asia are the most prone to attacks. Chicago and London are the most vulnerable in the USA and Europe. Avast’s spokesperson Marina Ziegler told E&T Engineering and Technology magazine, “…in London we found that 54 per cent of routers were weakly encrypted and easily accessible to hackers.”

“That means that if a hacker walks into a pub, he can access the router’s settings and for example reroute the traffic via another malicious server,” said Chytry. “That’s very easy. Every IT college student can do that.”

 


March 10th, 2015

5 ways to thwart the thief who stole your Android

Avast Anti-Theft is free

Remote recovery options help you keep control of your device, even when it’s lost.

Avast Anti-Theft is a free app designed for Android smart phones and tablets. It’s main purpose is to help you locate your lost or stolen mobile device, allowing you to track it on a map and control it remotely. You recover your phone by controlling it remotely with SMS commands or via the internet by logging in to your My Avast account.

If your phone is lost or stolen, here are some things you can control remotely:

  1. 1. Locate your device on a map – Whether you misplaced your phone, left on the bus, or a thief grabbed it and ran, the GPS on your phone can be enabled so you can receive continuous GPS location updates.

Avast Anti-Theft user Ducky Boy wrote about his experience finding his phone that he dropped on the highway while riding his motorcycle using the GPS feature. Read about it in On the road with avast! Mobile Security.

  1. 2. SIM card change notification – Thieves usually change the SIM card after stealing a phone. Anti-Theft recognizes when this happens and notifies you of the new number and geo-location so you can maintain contact with your phone.

Partier and Avast user Andreas lost his phone during a particularly fun party. The next morning he remembered he had installed Avast Anti-Theft. Here’s how he got his phone back, Don’t be sorry for party rocking – install Avast Anti-Theft! Read more…


March 9th, 2015

Don’t be sorry for party rocking – install Avast Anti-Theft!

Andreas L. lost his phone at a party, but that’s not the end of the story. Avast Anti-Theft helped him find the thief and get his phone back.

A lot can happen when you go to a party: you may bump into old friends, make new ones, or dance like there is no tomorrow. Losing track of your personal belongings can also happen when you party, which is exactly what happened to Andreas from Bangkok.

Andreas recently commented the following on our Facebook page:

We were happy to hear Avast Anti-Theft helped Andreas get his phone back and asked him what happened and how exactly he used Avast’s features to get his phone back. Here is his story:

Andreas went to a party in Bangkok where he made new friends, had a few drinks and at the end of the night Andreas responsibly took a taxi home. When he woke up the next morning he realized that every smartphone owner’s worst nightmare had happened to him, his phone was missing! Losing a smartphone is not only frustrating because the hardware is expensive, but because it contains so much personal information.

Avast Anti-theft can help you find your lost phone.

Find your lost phone with Avast Anti-Theft like Andreas did.

Avast Anti-Theft to the rescue!

While Andreas worried about his phone, he received a message from Avast. The message informed him that his phone’s SIM card had been changed and provided him with the new SIM card’s number and service provider. That is when Andreas realized he could use Avast’s other anti-theft features to GPS locate his phone and perform commands like wiping his phone remotely. Luckily, Andreas did not have to go as far as wiping his phone, but the option did help him in his efforts to get his phone back.

I will look for you, and I will find my phone

With his phone’s new number in hand, Andreas called the thief to confront him and demand he return his phone. Andreas let the thief know that he knew his location (and more) and could render the phone useless and go to the police if the thief did not cooperate. The thief gave in and sent Andreas his phone.

Andreas’ story is one of many lost and found stories we have received from Avast Anti-Theft users and each story gets more interesting! From this experience we can only recommend partiers install Avast Anti-Theft before going out, we will have your back so you can party worry free!

You can install Avast Anti-Theft for free from the Google Play Store.

If you have a story to share, write us on our Facebook or Google+ page. We could share it in our blog.

 


March 6th, 2015

Why you need to protect your small business from hackers

Avast Free Antivirus protects small and medium sized businesses for free.

IT pros have used Avast Free Antivirus at home for years. It’s not a huge leap to use free Avast for Business at their place of business.

Small and medium-sized businesses face a challenge when it comes to keeping their data secure. Many companies don’t have the budget to hire a Managed Service Provider (MSP) to take care of their IT needs, and often, they think they do not have enough knowledge or time to handle it themselves, therefore the path of least resistance is to not have any security at all. At the very best SMBs use a consumer version of antivirus software.

But these days, neither of those options is a good idea. Having no protection leaves you too vulnerable, and the problem with using a consumer product in a work environment is whoever is managing the network cannot look across all computers at once and implement policy changes or updates.

Do hackers really target small businesses?

The media coverage of big time data breaches like Target, Neiman Marcus, and Home Depot may have many SMB owners thinking that they are not at risk, but even small and medium-sized businesses need to make sure that their data and that of their customers is protected.

Here’s a statistic that should get your attention: One in five small businesses are a victim of cybercrime each year, according to the National Cyber Security Alliance. And of those, nearly 60% go out of business within six months after an attack. And if you need more convincing, a 2014 study of internet threats reported that 31% of businesses with fewer than 250 employees were targeted and attacked.

Why do hackers target small businesses?

Hackers like small businesses because many of them don’t have a security expert on staff, a security strategy in place, or even policies limiting the online activity of their employees. In other words, they are vulnerable.

Don’t forget that it was through a small service vendor that hackers gained access to Target’s network. Hackers may get your own customer’s data like personal records and banking credentials and your employee’s log in information, all the while targeting the bigger fish.

While hackers account for most of the data lost, there is also the chance of accidental exposure or intentional theft by an employee.

Avast for BusinessWhat can I do to protect my small business?

For mom-and-pop outfits, Avast for Business, a free business-grade security product designed especially for the small and medium-sized business owner, offers tremendous value. The management console is quite similar to our consumer products meaning that the interface is user-friendly but also powerful enough to manage multiple devices.

“Avast for Business is our answer to providing businesses from startup to maturity a tool for the best protection, and there’s no reason for even the smallest of companies not to use it, because it starts at a price everyone can afford, free,” said Luke Walling, GM and VP of SMB at Avast.

Some companies may still opt to pay for a MSP, and in many cases, especially for medical or legal organizations, handing over administration to a third-party may be a good way to go. Either way, our freemium SMB security can be used, and if you use a MSP then the savings can be passed on to you.

Is free good enough for a business?

Many IT professionals have been using free security on their home computers for years. It’s not such a huge leap of faith to consider the benefits of making the switch in their businesses as well.

“I have been using Avast since 2003 at home, with friends, with family. You really come to trust and know a product over the years. It lends itself to business use really well, nothing held back,” said Kyle Barker of Championship Networks, a Charlotte-area MSP.

How do I get Avast for Business?

Visit Avast for Business and sign up for it there.


March 5th, 2015

Malvertising is bad for everyone but cybercriminals

One rotten malvertisement not only ruins the bunch, but can damage your SMB's reputation.

One rotten malvertisement not only ruins the bunch, but can damage your SMB’s reputation.

Malvertising, sounds like bad advertising right? It is bad advertising, but it doesn’t necessarily include a corny jingle or mascot. Malvertising is short for malicious advertising and is a tactic cybercriminals use to spread malware by placing malicious ads on legitimate websites. Major sites like Reuters, Yahoo, and Youtube have all fallen victim to malvertising in the past.

How can consumers and SMBs protect themselves from malvertising?

Malvertising puts both website visitors and businesses at great risk. Site visitors can get infected with malware via malvertising that either abuses their system or steals personal data, while businesses’ reputations can be tarnished if they host malvertisments. Even businesses that pay for their ads to be displayed on sites can suffer financial loss through some forms of malvertising because it can displace your own ads for the malicious ones.

To protect themselves, small and medium sized businesses should make sure they use the latest, updated version of their advertisement system, use strong passwords to avoid a dictionary attack and use free Avast for Business to discover and delete malicious scripts on their servers. Consumers should also keep their software updated and make sure they use an antivirus solution that will protect them from malicious files that could turn their PC into a robot, resulting in a slowed down system and potential privacy issues. Avast users can run Software Updater to help them identify outdated software.

How does malvertising work?

Businesses use ad systems to place and manage ads on their websites, which help them monetize. Ad systems can, however, contain vulnerabilities. Vulnerabilities in general are a dream come true for cybercriminals because vulnerabilities make their “jobs” much easier and vulnerabilities in ad systems are no exception. Cybercriminals can take advantage of ad system vulnerabilities to distribute malicious ads via otherwise harmless and difficult to hack websites.

Why cybercriminals like malvertising

Cybercriminals fancy malvertising because it is a fairly simple way for them to trick website visitors into clicking on their malicious ads. Cybercriminals have high success rates with malvertising, because most people don’t expect normal looking ads that are displayed on websites they trust to be malicious. Targeting well-visited websites, not only raises the odds of ad clicks, but this also allows cybercriminals to target specific regions and audiences they normally wouldn’t be able to reach very easily. Another reason why malvertising is attractive to cybercriminals is because it can often go unnoticed, as the malicious code is not hosted in the website where the ad is being displayed.

Examples of malvertising

An example of an ad system platform with a rich history of vulnerabilities is the Revive Adserver platform, formerly known as OpenX. In the past attackers could obtain administrator credentials to the platform via an SQL injection. The attackers would then upload a backdoor Trojan and tools for server control. As a result, they were able to modify advertising banners, which redirected site visitors to a website with an exploit pack. If the victim ran outdated software, the software would download and execute malicious code.

Another malware family Avast has seen in the wild and reported on that spread via malvertising was Win32/64:Blackbeard. Blackbeard was an ad fraud / click fraud family that mainly targeted the United States. According to our telemetry, Blackbeard infected hundreds of new victims daily. Blackbeard used the victim’s computer as a robot, displaying online advertisements and clicking on them without the victim’s knowledge. This resulted in income for botnet operators and a loss for businesses paying to have their ads displayed and clicked.


March 4th, 2015

Avast Battery Saver extends your Android’s battery life

New intelligent app from Avast learns individual user behavior and optimizes features to maximize battery life.

Avast Battery Saver app for Android

Get Avast Battery Saver for free from Google Play

Avast is excited to announce the release of our newest app, Avast Battery Saver. Battery Saver is the first intelligent battery-saver app for Android that increases battery life by an average of 7 hours. Avast Battery Saver optimizes your device’s settings, adjusting data connections, screen brightness and timeouts based off of its ability to learn about individual usage behavior.

“Everyone needs more battery life for their mobile devices, but most battery savers shut down the wrong apps,” said Jude McColgan, Avast’s President of Mobile. “Avast Battery Saver learns which apps are most important to the user, and shuts down only those that are less used.”

In contrast to other battery-saver applications, Avast Battery Saver learns about your daily routine and thus suggests the best smart profiles for your phone. It doesn’t require you to change your behavior or usage, nor does it affect voice calls, text messages, or the ring volume of your phone.

Avast Battery Saver significantly improves battery life, saving up to 20% on one charge — and it’s free from the Google Play Store.

This improved battery manager will take care of your battery’s health the same way a doctor takes care of yours. The result is more battery life with less hassle.

The app’s convenient features make Android devices significantly more efficient

  • Smart profiles activate automatically based on time, location, and battery level.
  • App consumption detects and permanently stops apps that drain too much battery life.
  • Precise estimate of remaining battery life based on actual phone usage and historical data. Battery level is displayed in a percentage and time remaining in status bar notification.
  • The application can turn off Wi-Fi when there are no known hotspots nearby.
  • Your phone limits connections to the Internet to every 5, 10, 15 or 30 minutes, based on your current profile configuration, when its screen is turned off.
  • Emergency mode is activated when your battery level is very low, and it turns off all functions that require significant energy, saving power for when you really need it (e.g. Wi-Fi, data connection, Bluetooth or GPS).

The app currently works with these profiles: Home, Work, Night, and Super-Saving Emergency Mode. You can easily switch from one mode to another and manage them within the app. Avast Battery Saver is now available for download in the Google Play Store.


March 3rd, 2015

Behind the Scenes of Avast’s Global Wi-Fi Hack Experiment: How we collected and analyzed Wi-Fi data

Wi-Fi and encryption

 

Data transmitted over a wireless network can be either unencrypted or encrypted. While both options are available to users, the use of open, unprotected Wi-Fi networks has become increasingly popular across the globe. In the case of open wireless networks, the transmitted data are unencrypted and might be visible to others, as is shown in the screenshot below. To resolve this issue, many wireless networks use password protection. However, the method and strength of these passwords matter: if a weak encryption method, such as WEP, is used, an attacker can simply crack the password and decrypt the device’s communication. Hence, the use of a strong encryption such as WPA/WPA2 is suggested. The length of a password is another important factor to its strength — a strongly encrypted communication with a short key length can still be cracked by hackers within a short amount of time. Because of this, a key length of longer than 8 characters is strongly recommended.

network

(Figure 1: List of available wireless networks featuring both encrypted and unencrypted options.)

Read more…

Categories: analyses Tags: , ,

March 3rd, 2015

Avast Launches Memory Saving Cleaner App for Android

Today, Avast announced the launch of Avast GrimeFighter at the Mobile World Congress in Barcelona. The new application helps Android users free extra memory on their devices with just a few taps so they can save the data that matters to them while enjoying a faster, smoother performance on their devices. 

GrimeFighterHow Avast GrimeFighter works

Avast GrimeFighter begins by scanning all applications on an Android device, identifying unimportant or unnecessary data that could be eliminated without damaging applications’ functionalities. Using GrimeFighter’s easy-to-use interface, users can choose from two modes that allow them to eliminate excess files with ease: Safe Cleaner and Advanced Cleaner. Safe Cleaner is a customizable scanner that quickly identifies unimportant data for instant, one-tap removal. Advanced Cleaner runs in parallel to Safe Cleaner, mapping all of the device’s storage and creating a simple overview of all files and applications that take up space. Advanced Cleaner locates inflated or unused applications and arranges them by file type, size, usage, or name, so users can permanently remove the files and free up storage space.

In addition to cleaning up unwanted data, Avast GrimeFighter helps maximize storage capacity by syncing with personal cloud storage accounts so users can manage their device’s storage without having to delete valuable data. Users can drag files to the cloud icon and GrimeFighter will instantly transfer them to a safe folder in the cloud. Avast GrimeFighter is currently compatible with Dropbox and can assist users in setting up a Dropbox account. Additional popular cloud storage solutions will be added soon.

How does excess data get accumulated?

Bits and pieces of data accumulate on your device, whether you are aware of it or not. GrimeFighter helps you locate excess data that you wouldn’t typically be able to find, such as data left over from initiated app downloads, residual data, thumbnails, and app caches. Popular apps, like Facebook and Instagram, also create excess data on your device as they inflate from their original download size when used regularly. Avast tested some of the most popular Android apps and found that their size can grow exponentially during one week of heavy usage:

                                                                         install size:          additional data accumulated:

1)    Facebook                      36.7MB                        153MB

2)    Flipboard                    12.6MB                        71.1MB

3)    Google Maps            23.21MB                       68.8MB

Avast GrimeFighter will help the more than one billion Android users free up anywhere from 500MB to 1GB of storage per device to enjoy faster performance and is available for download on Google Play.  


March 2nd, 2015

New Avast SecureMe app protects iOS and Android users from Wi-Fi Hacking

Avast mobile security experts launched a new app today at the Mobile World Congress in Barcelona.

Avast booth at MWC15

Avast launches SecureMe app for iOS and Android at Mobile World Congress 2015

Avast SecureMe is the world’s first application that gives iPhone and iPad users a tool to protect their devices and personal data when they connect to Wi-Fi networks. The free app automatically locates Wi-Fi networks and tells users which of them are safe. Since many users connect without knowing the status of the Wi-Fi network – whether it’s protected or not – Avast SecureMe will create a secure connection in order to keep them safe.

“Public Wi-Fi and unsecured routers have become prime targets for hackers, which presents new risks for smartphones and tablets – even iOS devices aren’t immune,” said Jude McColgan, President of Mobile at Avast.

Avast SecureMe will be available in a invitation-only public beta test within the next few weeks. Please sign up here, and the SecureMe team will contact you.

The app notifies you if it finds security issues

Avast SecureMe includes a feature called Wi-Fi Security. (This feature is also available for Android users within the Avast Mobile Security app available on Google Play.) People who use open Wi-Fi in public areas such as airports, hotels, or cafes will find this helpful. This feature’s job is to scan Wi-Fi connections and notify you if it finds any security issues including routers with weak passwords, unsecured wireless networks, and routers with vulnerabilities that could be exploited by hackers.

“Avast SecureMe and Avast Mobile Security offer users a simple, one-touch solution to find and choose safe networks to protect themselves from the threat of stolen personal data,” said McColgan.

What’s the risk that my personal data will be stolen?

If you use unsecured Wi-Fi when you log in to a banking site, for example, thieves can capture your log in credentials which can lead to identify theft. On unprotected Wi-Fi networks, thieves can also easily see emails, browsing history, and personal data if you do not use a secure or encrypted connection like a virtual private network (VPN). See our global Wi-Fi hacking experiment to see how widespread the threat really is.

The SecureMe app includes a VPN to protect your privacy

Avast SecureMe features a VPN to secure your connections while you conduct online tasks you want to remain private, especially checking emails, doing your online banking, and even visiting your favorite social network sites. Avast SecureMe automatically connects to the secure VPN when it detects that you have connected to a public Wi-Fi making all transferred data invisible to prying eyes. For convenience, you can disable the protection for Wi-Fi connections you trust, like your home network.

Beta Testing

Avast SecureMe for iOS will be available soon in the iTunes Store. Before it’s widespread release, we will conduct an invitation-only public beta test. Please sign up here, and the SecureMe team will contact you.

The Wi-Fi Security feature is now also included in the Avast Mobile Security app for Android, available on Google Play.


March 2nd, 2015

Avast study exposes global Wi-Fi browsing activity

The use of open, unprotected Wi-Fi networks has become increasingly popular across the globe. Whether you’re traveling around a new city and rely on public Wi-Fi networks to get around or you’re at your favorite coffee shop and connect to its Wi-Fi, you’re left in a vulnerable situation when it comes to protecting your data. Just as you lock the door of your house when you leave, you should also use a security app if using public Wi-Fi.

Couple taking selfie

Using unsecured Wi-Fi can easily expose photos and other personal information to hackers.

 

Avast’s hack experiment examines browsing habits of people across the globe

The Avast team recently undertook a global hacking experiment, where our mobile security experts traveled to cities in the United States, Europe, and Asia to observe the public Wi-Fi activity in nine major metropolitan areas. Our experiment revealed that most mobile users aren’t taking adequate steps to protect their data and privacy from cybercriminals. In the U.S., the Avast mobile experts visited Chicago, New York, and San Francisco; in Europe, they visited Barcelona, Berlin, and London; and in Asia, they traveled to Hong Kong, Seoul, and Taipei. Each of our experts was equipped with a laptop and a Wi-Fi adapter with the ability to monitor the Wi-Fi traffic in the area. For this purpose, we developed a proprietary app, monitoring the wireless traffic at 2.4 GHz frequency. It’s important to mention that there are commercial Wi-Fi monitoring apps like this available in the market that are easy-to-use, and available for free.

wifi experiment Bundestag

In front of the German Bundestag, Berlin: On public Wi-Fi, log in details can easily be monitored.

The study revealed that users in Asia are the most prone to attacks. Users in San Francisco and Barcelona were most likely to take steps to protect their browsing, and users in Europe were also conscious about using secure connections. While mobile users in Asia were most likely to join open networks, Europeans and Americans were slightly less so; in Seoul, 99 out of 100 users joined unsecured networks, compared with just 80 out of 100 in Barcelona.

1)      Seoul: 99 out of 100

2)      Hong Kong: 98 out of 100

3)      Taipei: 97 out of 100

4)      Chicago: 96 out of 100

5)      New York: 91 out of 100

6)      Berlin: 88 out of 100

7)      London: 83 out of 100

8)      Barcelona: 80 out of 100

9)      San Francisco: 80 out of 100

Our experiment shed light on the fact that a significant portion of mobile users browse primarily on unsecured HTTP sites.  Ninety-seven percent of users in Asia connect to open, unprotected Wi-Fi networks. Seven out of ten password-protected routers use weak encryption methods, making it simple for them to be hacked. Nearly one half of the web traffic in Asia takes place on unprotected HTTP sites, compared with one third U.S. traffic and roughly one quarter of European traffic. This can most likely be attributed to the fact that there are more websites in Europe and the U.S. that use the HTTPS protocol than in Asia.

So, how much of your browsing activity can actually be monitored?

Because HTTP traffic is unprotected, our team was able to view all of the users’ browsing activity, including domain and page history, searches, personal log in information, videos, emails, and comments.  Read more…