Protecting over 230 million PCs, Macs, & Mobiles – more than any other antivirus

September 24th, 2015

Got an aging parent? Tell them about the Grandparent scam

Scammers rob elderly victims of an estimated $3 Billion per year.

A scam that has been around since at least 2008 is still active and targeting elderly folks. Seventy-four year old Avast evangelist, Bob Gostischa, who knows a thing or two about scams, security, and privacy, received a call just yesterday from a scam artist attempting to steal money. “If it happened to me, I’m sure it’s going to also happen to others,” said Gostischa.

Male Family Members

Scammers target elderly people “because they’re more gullible.”

Here’s the basic premise:

Someone either calls or emails pretending to be your grandchild. The typical story is that they have been wrongfully arrested and need bail money wired right away. Another variation says they are traveling and have been mugged or even in an accident and badly injured. After going through this frantic sob story, and if they sense that their victim is falling for it, the scammer asks for money to be wired through services such as Western Union and MoneyGram.

After the phone call ended, Bob sent us a transcript so we could share it with Avast Blog readers. “I consider myself lucky because the first instinct was wow, how can I help her…?,” he said.  “I guess we all really need to be very vigilant at all times.”

Caller: Hello Grandpa, this is your granddaughter. I have laryngitis so I don’t sound like myself

Bob: You certainly don’t. Which granddaughter?

Caller: What do you mean?

Bob: Well, I have several. Read more…

Categories: General Tags: , ,

September 23rd, 2015

Avast team at Webexpo conference

This past weekend, Prague hosted hundreds of web professionals at the Webexpo conferenceAvast Software was a proud general sponsor of this event.

Avast Webexpo booth

Avast was one of the sponsors of Webexpo

Attendees could meet our team at the Avast booth, try Avast technologies, and chat with our colleagues. They could also learn first hand how it is to work for the Best Czech Employer of 2013!

Read more…

Categories: General Tags: , , , ,
Comments off

September 22nd, 2015

Apple removes malicious apps from App Store

Apple slow internet

image via TechInsider

While the rest of us were soaking up the last of the season’s sunshine, Apple researchers spent the weekend removing hundreds of malicious apps for iPhone and iPad from the iOS App Store.

The recent exploit on Apple has shown us that even Apple’s system can be compromised quite easily,” said Avast security researcher Filip Chytry. “While this time nothing significant happened, it is a reminder that having everything under an Apple system could potentially make a system vulnerable.”

The malware seems to have been focused on Chinese users. Chinese media reported more than 300 apps including the popular instant messaging service WeChat, Uber-like taxi hailing program Didi Kuaidi, banks, airlines, and a popular music service were infected.

The malicious software programs got by Apple’s strict review process in an ingenious way. Hackers targeted legitimate app developers by uploading a fake version of Xcode, Apple’s development software used to create apps for iOS and OS X, to a Chinese server. It’s a large file, and reportedly quite slow to download from Apple’s U.S. servers, so to save time, unwitting Chinese developers bypassed the U.S. server and got their development tools from the faster Chinese server. Once their apps were completed, the malicious code traveled Trojan-horse style to the App Store.

“If hackers are able to exploit one entry point, they are able to attack all of the other iOS devices – and the fact that Apple doesn’t have a big variety of products makes it easier,” said Chytry.

Read more…

Comments off

September 17th, 2015

AirDrop vulnerability is an easy avenue for hackers to exploit Apple devices

Do you own an Apple device? A vulnerability discovered within AirDrop could pose as a risk to your files. (Photo via

Do you own an Apple device? A recent vulnerability discovered within AirDrop could pose as a risk to your files. (Photo via

Recently, an alarming vulnerability has cropped up on iOS devices. This security loophole allows an attacker to overwrite arbitrary files on a targeted device and, when used in combination with other procedures, install a signed app that devices will trust without presenting a warning notification to users.

In a recent article published on Threatpost, it’s noted that the vulnerability is located in a library that lies within both iOS and OS X. In this case, the library in question is AirDrop, the tool featured on Apple devices that allows users to directly send files to fellow Apple device quickly and effortlessly. The problem lies within the fact that Airdrop doesn’t use a sandboxing mechanism in the same way that many other iOS applications do. When making use of a sandbox, every application has its own container for files that it can’t get beyond the so-called “walls“ of.

Read more…

Categories: Mac Tags: , ,

September 14th, 2015

Avast Mobile Security: So much more than just another security app

With millions of applications waiting to be installed in our gadgets, you not only need to be concerned about quality, but you also need to take the proper measures in order to avoid your phone becoming infected by malware. Unfortunately, we already know that Google Play and the Windows Store aren’t immune to malware. Even the Apple Store has its bad days, so we’re not trying to scare you. These days, malware is a continuing, growing threat.

Read more…

September 11th, 2015

Ads: Love or hate?

Ad-injection is an increasingly annoying and dangerous problem

Ad injecting in action on Amazon

Malvertising attacks. Image via Google Security Blog

There are basically two reactions people have when they see ads in their browser. Some think they add interesting content and possibilities, insights and ideas or even, opportunities. The other group considers them as a distraction, an invasion and a disruption to what they were doing.

But most everyone will agree, once you begin something on your laptop or mobile, especially if it’s work-related task, you want to continue what you started. Lots of people get so into what they’re doing that they don’t see or think of anything else, and when an unwelcome ad comes through, it breaks the concentration. Some will say this is a man’s perspective. But even some women I talk to agree; even though they always say they are multitasking and (cough, cough) never lose focus.

When it comes to security, ads are becoming more and more a vehicle for malware. Ad-injecting malware is really a threat nowadays. Once on your device – computer or mobile – the malware will drop new ads into any (or most) sites you visit, sending ad revenue back to remote cybercriminals. For example, malicious porn ads use this type of redirection and clicking techniques.

Research conducted by Google from June to October of 2014 concluded that deceptive ad injection is a significant problem on the web today.  They identified tens of millions of instances of ad injection and detected 5.3 million different IP addresses infected with adware, 5% of the total testing group. The research also found that Superfish, one of the notorious businesses that have ad injection libraries,  was alive and well, not only pre-installed on Lenovo laptops, but breaking SSL protections for any other computer running it in background.

Ways to control unwanted ads in your browser

Read more…

September 9th, 2015

DeepScreen technology protects your business data before it’s at risk

Eliminate the risk of your sensitive business data being hacked.

Avast for Business protects your business data

Avast for Business protects your business data

Most of the truly dangerous malware is designed to harvest valuable business information – especially financial data. So hackers design malware to look like an innocent video, application, or website cookie. Sometimes malware can even be disguised as a exit button on an infected website. Basically, hackers use all kinds of tricks to get unsuspecting people to click, download, or run their malware.

The problem is that malware often ends up on a company computer or network completely by mistake. The file might look like a useful business graphic or tool, but when opened, it unleashes malicious code that takes over the computer and even the network.

So how do you stop this when you have 10, 20, 30, or more PCs, Macs, and servers under your care?

Read more…

Categories: SMB/Business Tags:
Comments off

September 9th, 2015

What does the Avast Sandbox do?

The Sandbox is like a hamster ball. It keeps potential troublemakers isolated.

The Sandbox is like a hamster ball. It keeps potential troublemakers isolated.

The Avast Sandbox lets you run a questionable program without risking your computer.

The Avast Sandbox is a special security feature which allows you to run potentially suspicious applications automatically in a completely isolated environment. This is particularly useful if you don’t completely trust whatever you just downloaded or you visit dodgy websites because programs running within the sandbox have limited access to your files and system, so there is no risk to your computer or any of your other files.

Here’s how it works: By default, if an application is started and Avast detects anything suspicious, it will automatically run the application in the Sandbox.  The advantage of running an application in the Sandbox is that it allows you to check suspicious applications while remaining completely protected against any malicious actions that an infected application might try to perform.

The browser or other application will then open in a special window, indicating that it is being run inside the Sandbox. When the Sandbox is closed, it will be restored to its original state and any downloaded files or changed browser settings will be automatically deleted.

Avast Sandbox

The sandbox window in Avast Premier.

The Avast Sandbox is part of Avast Premier 2015, Avast Internet Security 2015 and Avast Pro Antivirus 2015.


Follow Avast on FacebookTwitterYouTube, and Google+ where we keep you updated on cybersecurity news every day.

September 8th, 2015

No, Tiffany is not giving away diamond rings on Facebook

Diamond rings and an Audi R8 can be mine just for the simple actions of liking and sharing on Facebook. NOT!

In the past week, three fake giveaways have come across my Facebook newsfeed – two of them today! These were shared by otherwise intelligent friends, so that makes me think all kinds of other people are falling for the scam. I’m sharing these with you, so you’ll know what to look out for.

Each scam promises that you could win a valuable prize just by liking and sharing the post. This one is for an Audi R8 V8, and every time I’ve seen it, it’s originates from a different page. The instructions are always the same – for a chance to win, you must like the page, request your desired color in the comments, and share the post with your friends.

Audi R8 Facebook like-farming scam


This type of social engineering scam is called like-farming. It is designed to gather many page likes and shares in a short amount of time, and since Facebook’s algorithms give a high weight to those posts that are popular, they have a high probability of showing up in people’s newsfeeds. Scammers go to all this trouble for two purposes: The pages can later be repurposed for survey scams and other types of trickery that can be served to a large audience. And pages with large numbers of fans can be sold on the black market to other scammers with creative ideas.

Read more…

Comments off

September 7th, 2015

Taking a closer look at cracked Ashley Madison passwords

Photo via The Times UK

Photo via The Times UK

People create terrible passwords. As simple as this might sound it unfortunately remains news to millions — if not billions — of individuals who use the Internet. As proof, we’ll take a look at a selection of passwords that were revealed in the Ashley Madison leak.

Regardless of any shortcomings Ashley Madison had in terms of securing their perimeter against breaches, one thing that they did right (to the surprise of many security researchers and disappointment of many black hats) was encrypting their users’ passwords.

The leak contained a database of around 36 million usernames, with bcrypt-hashed passwords. There is no known way to crack all of these passwords before the heat death of the universe, especially assuming that some are truly random, but we can crack the worst ones.

Conveniently, the web is full of known-password lists that anyone can just download. The two we chose for this crack, which are widely available, are the so-called 500 worst passwords of all time (compiled in 2008) and the 14-million-strong password list from the rockyou hack.

Cracking the bcrypt

It should be noted that we did not use the full list of 36 million password hashes from the Ashley Madison leak; we only used the first million. So, that may skew the results towards passwords created near the beginning of the site’s existence, rather than the end. Also, since the system used contains a 6-core CPU and two GTX 970 GPUs, we set the CPU to test the 500 worst list, and the GPUs to test the rockyou list. Because we’re SMRT, we used the same million for both the CPU and GPU cracks, which therefore produced redundant results in our output files. This has the side-effect of being less efficient overall, but allows us to make an apples-to-oranges comparison of the effectiveness of the two password lists, as well as the CPU vs GPU cracking speed.

Before we get into the results, let’s take a quick diversion to explain why this hack was so difficult and only revealed a small number of passwords.

Read more…