Is the convenience of open Wi-Fi worth the risk of identity theft? Most Americans think so.
In a recent survey, we found that only 6% of Americans protect their data by using a virtual private network (VPN) when using public Wi-Fi with their smartphone or tablet. That leaves a whopping 94% unprotected. Why is this?
Do people not know the risks of using unsecured public Wi-Fi?
Is avoiding data overages or the convenience of no password more important than the data on their devices?
Are they not aware that there is protection available?
Are they scared they won’t understand how to use VPN because of the technical sounding name?
The truth about open, public Wi-Fi
The truth is that using unprotected Wi-Fi networks could end up costing you your privacy and identity when you use them without protection like Virtual Private Network (VPN) software. This is because unsecured networks, those are the ones that do not require registration or a password, give cybercrooks easy access to sensitive personal information.
“As mobile cloud storage becomes more popular and the quest for free Wi-Fi continues to grow, open networks that require no passwords place unprotected consumers at great risk of compromising sensitive personal data,” said Jude McColgan, president of mobile at Avast.
“The majority of Americans don’t realize that all the personal information on their mobile devices becomes defenseless over public Wi-Fi if used without protection. These networks create an easy entry point for hackers to attack millions of American consumers on a daily basis.”
Avast can protect you and it’s not hard or expensive
“Unfortunately hacking isn’t a complicated process – there are tools available online that anyone can easily use to steal personal data,” says Ondrej Vlček, Chief Operating Officer at Avast. “Avast SecureLine VPN allows users to browse the web anonymously and safely, especially while using open Wi-Fi.”
Avast SecureLine VPN protects your Internet connections with military-grade encryption and hides your IP address. If that sounds like mumbo-jumbo to you, what it means is that essentially our VPN protection makes your device invisible to cybercriminals. In addition to that, using the VPN hides your browsing history, so no one can monitor your behavior online. We assure you, it’s as easy as can be to use.
Just because logging in with your finger is convenient doesn’t mean it’s the best method to use.
Some days ago we told you about increasing your security on sites and in services by using two-factor authentication. More and more services are using this two-factor log in method. They require that you use “something you know” like a PIN or a password, “something you have” like a token app in your smartphone, and even “something you are” like your fingerprints, for instance.
Many top smartphones – starting with iPhone 5s and newer Androids – are moving to fingerprint authentication technology. That means you can unlock your phone using your finger. It’s more convenient than typing a PIN or password because you always have your finger with you (we hope!). And you would think that it is more secure than using a gesture or pattern to unlock it.
Unfortunately, it’s not. Here’s why:
The authentication process requires that a site or a service (or your smartphone) could recognize you for a thing you know: A PIN or a password. This information must be stored in the service server (or hardware) and it must be matched, i.e., the combination of two pieces (generally username and password) must match to allow access to the right person.
Both you and the service must know this secret combination. But that’s the problem; nowadays, a lot of sites and services have been compromised and pairs of username/passwords have been hacked and sold on the black market.
But what about using your fingerprint? It’s the same scenario. The information about your finger and the technology to match your fingerprint is stored in servers. If they are hacked, your exact, and only, information would be in their hands.
It gets worse.
You can change your credentials to log into a site or service, but you can’t just change your finger! Well, most of us have 9 more chances after the first one is compromised, but still - there are more than just 10 services you want to use. You can change your passwords indefinitely, you can use a stronger password, you can use a password generation service - you’ve got the idea… But you don’t have that many choices with your fingerprint.
It gets even worse.
Everything you touch reveals you. You’re publishing your own secret.
Can you imagine banks or stores letting you use your fingerprint to gain access to your account without even a card? Coincidentally, just hours ago a news report was published saying the Royal Bank of Scotland and MasterCard recently made announcements regarding fingerprint authentication services. They announced that customers can log into the banks’ mobile banking app using their fingerprint. It’s interesting that this article says 16- to 24- years olds are driving this decision because
they want to avoid security slowing down the process of making a payment, with 64% of those surveyed saying they found existing security irritating.
This decision by major banks does not give us confidence in the security of the younger generation and their bank accounts. We venture to wonder about the police with their databases full of prints. What could be done with millions of fingerprints stored by the government?
By the end of last year, young researchers from the Chaos Computer Club showed that your fingerprints could be obtained by photos of your hands and from anything you touched. See the full presentation in this YouTube video. If you have the curiosity to see all the video, you’ll see that using your iris could also be simulated with high quality printed photos. At 30:40 starts the iPhone fingerprint hacking. They took 2 days to develop the method and presented it in a few minutes. Amazing and scary.
Here’s another video with a quick summary of the research.
How to make yourself and your phone more secure
This blog is a source of great information. Earlier this month, we shared 14 easy things you can do right now to make your devices more secure. Please read 14 easy tips to protect your smartphones and tablets – Part I and Part II.
As always, make sure your Android device is protected with Avast Mobile Security. Install Avast Mobile Security and Antivirus from the Google Play store, https://play.google.com/store/apps/details?id=com.Avast.android.mobilesecurity
Android Malware Xbot Spies on Text Messages
In the past few weeks, the Avast Mobile Security analysts have been focusing on Android malware which targets users in Russia and Eastern Europe. One of the families that caught our interest was the Xbot malware.
The name Xbot comes from the sample itself as the string Xbot was found in all variants of this malware. Xbot uses a variety of names and package names but this string was, with different levels of obfuscation, in every single file we analyzed so we decided to name the malware after it.
Xbot is not an app itself, but is included in different apps. We didn’t identify it in apps available on Google Play, but on local Russian markets like www.apk-server12.ru. Users in Eastern Europe use markets other than Google Play more than West European and U.S. users do, that might be one of the reasons why the cybercriminals chose this distribution channel. Xbot tries to hide behind apps that look like legit apps, like Google Play or the Opera Browser. It collects tons of permissions which allows it to spy on user’s SMS and the malware could potentially spy on people’s phone calls in the future, too. It also sends premium SMS behind the user’s back, so basically it is malicious through-and-through.
From the beginning of February we have seen 353 Unique Files with more than 2570 Unique Install GUIDs. These numbers are not the highest ones we’ve ever seen but still, it allows us, unfortunately, to see the potential of Android malware and social engineering.
The author hides a message
One interesting thing we discovered is that the malware author is not shy about expressing his anger with the antivirus companies who detect his masterpiece. Sometimes we find embedded messages addressed to Malware analytics. This one is quite strong. See if you can spot it: //9new StringBuilder (“FUCK_U_AV” )).append(“1″).toString();. Messages like this are nothing new in malware samples because security companies like Avast can really cut into the bad guys’ income from this type of malware.
The author tries to cover his tracks
As a part of anti-analysis protection, the author(s) try to obfuscate these samples to make them harder to read. But this protection is fairly simple, as it usually consists of adding additional junk characters which are excluded at runtime or the Proguard, which mangles the method names and file structure. Read more…
There are two noteworthy risks associated with owning a smartphone or a tablet. The first one is malware and the second is loss. You need to protect yourself against both, and these days there are plenty of choices for each. Some are free security apps and some are paid-for solutions.
Protect your smartphone or tablet with mobile antivirus software
Last year more than 1 billion Android devices were shipped out to customers around the world. With Android winning the majority of the smartphone market, it offers a tempting target to malware authors. I have read in some publications that the average users need not worry about being infected with a virus on their phone or tablet, but with 2,850 new mobile threats being created every day by hackers the odds are getting worse.
Even if you think your chances are low, we suggest that you go ahead and install a good mobile antivirus software. The great thing about Avast Mobile Security is that it’s free, so your investment is minimal – just a few minutes of setup and you’re done.
Avast Mobile Security includes antivirus protection which scans your apps to see what they are doing, and a Web shield that scans URLs for malware or phishing. Malicious apps allow malware to enter your phone, so it’s good to have Avast on your side to detect when a bad one slips by on Google Play or another app store.
To compare the choices of mobile antivirus software, you can look at the January 2015 “Mobile Security Test” conducted by the independent labs at AV-TEST. They looked at 31 popular Android security apps. Avast Mobile Security tops the list because it detected 100% of malicious apps without any impact on the battery life or slowing down of the device.
Protect your smartphone or tablet against loss or theft
Hackers aren’t the only risk – theft or loss of your device is more probable. In a famous stat from 2 years ago, Norton figured that 113 phones were lost or stolen every minute at the tune of $7 million a day! With all the personal and maybe even company data you have stored, losing your phone could be devastating.
You can protect your device and the data on it by following some easy tips and installing Avast Anti-theft. Avast Anti-theft is an app that you can download with Avast Mobile Security for free. The anti-theft feature is hidden from thieves and allows you to remotely control your smartphone using SMS or via your MyAvast account. You can back up personal data and track your phone or sound an alarm if it’s lost or stolen.
In June 2014, we told you about mobile ransomware called Simplocker that actually encrypted files (before Simplocker, mobile ransomware only claimed to encrypt files to scare users into paying). Simplocker infected more than 20,000 unique users, locking Android devices and encrypting files located in the external storage. Then, it asked victims to pay a ransom in order to “free” the hijacked device. It was easy to decrypt the files affected by this variant of Simplocker, because the decryption key was hardcoded inside the malware and was not unique for each affected device.
Dangerous unique keys
But now there is a new, more sophisticated variant of Simplocker in town that has already infected more than 5,000 unique users within days of being discovered. The reason why this variant is more dangerous than its predecessor is that it generates unique keys for each infected device, making it harder to decrypt infected devices.
To use an analogy, the original variant of Simplocker used a “master key” to lock devices, which made it possible for us to provide a “copy of the master key” (in the form of an app, Avast Ransomware Removal) to unlock already infected devices. The new variant however, locks each device with a “different key” which makes it impossible to provide a solution that can unlock each infected device, because that would require us to “make copies” of all the different “keys”.
Why would anybody install Simplocker?!
The reason why people install this new variant of Simplocker is because it goes undercover, meaning people don’t even realize that what they are installing is ransomware!
In this case, the new variant of Simplocker uses the alias “Flash Player” and hides in malicious ads that are hosted on shady sites. These ads mostly “alert” users that they need Flash Player installed in order to watch videos. When the ad is clicked on, the malicious app gets downloaded, notifying the user to install the alleged Flash Player app. Android, by default, blocks apps from unofficial markets from being installed, which is why users are notified that the install is being blocked for security reasons.
Users should listen to Android’s advice. However, users can go into their settings to deactivate the block and download apps from unknown sources. Once installed, a “Flash Player” app icon appears on the device and when it is opened the “Flash Player” requests the user grant it administrator rights, which is when the trouble really begins.
As soon as the app is granted administrator rights, the malware uses social engineering to deceive the user into paying ransom to unlock the device and decrypt the files it encrypted. The app claims to be the FBI, warning the user that they have found suspicious files, violating copyright laws demanding the user pay a $200 fine to decrypt their files.
What should I do if I have been infected?
We do NOT recommend you pay the ransom. Giving into these tactics makes malware authors believe they are succeeding and encourages them to continue.
If you have been infected by this new strain of Simplocker, back up the encrypted files by connecting your smartphone to your computer. This will not harm your computer, but you may have to wait until a solution to decrypt these files has been found. Then boot your phone into safe mode, go into the administrator settings and remove the malicious app and uninstall the app from the application manager.
Avast protects users against Simplocker
Avast Mobile Security protects users against both the old and new variant of Simplocker, the new variant is detected as: Android:Simplocker-AA.
A more technical look under the hood:
As the fake FBI warning is being shown to users, the malware continues working in the background, doing the following: Read more…
More easy things you can do to secure your smartphone and tablet.
On our blog last week, we shared the first 7 easy security measures to protect your Android devices and the data stored there. But we haven’t finished them. Let’s go a little further.
8. Keep an eye in your phone or, if you can, set Geofencing protection
Don’t put your phone down and go somewhere else. And if you’re having fun in a bar and drinking a beer with friends, have a lucid thought before starting: Turn the Avast Geofencing module on. It’s easy. Open Avast Premium Mobile Security > Anti-Theft > Advanced Settings > Geofencing.
9. Be aware of what permissions apps require
Why should a flashlight app need access to your contacts? Why would a calculator need access to your photos and videos? Shady apps will try to upload your address book and your location to advertising servers or could send premium SMS that will cost you money. You need to pay attention before installing or, at least, uninstall problematic apps. It’s not easy to find a way (if any) to manage permissions in a non-rooted Android phone.
We have written about this before as apps could abuse the permissions requests not only while installing but also on updating. Read more to learn and be cautious: Google Play Store changes opens door to cybercrooks.
10. Keep your device up-to-date
Google can release security updates using their services running in your devices. Developers can do the same via an app update. Allow updates to prevent vulnerabilities, the same as you do in your computer. But pay attention to any changes. See tip #9.
You can encrypt your account, settings, apps and their data, media and other files. Android allows this in its Security settings. Without your lockscreen PIN, password or gesture, nobody will be able to decrypt your data. So, don’t forget your PIN! Nevertheless, this won’t encrypt the data sent or received by your phone. Read the next tip for that.
12. In open/public Wi-Fi, use a VPN to protect your communication
Cybercrooks can have access to all your data in a public, open or free Wi-Fi hotspot at the airport or in a cafe. Avast gives you the ability to protect all inbound and outbound data of your devices with a secure, encrypted and easy-to-use VPN called Avast SecureLine. Learn more about it here.
13. Set the extra features of Lollipop (Android 5)
If you’re with Android Lollipop (v5), you can set a user profile to allow multiple users of the same device. You can create a restricted user profile that will keep your apps from being messed with by your kids or your spouse.
You can also pin the screen and allow other users to only see that particular screen and nothing more. It will prevent your friends and coworkers from accidentally (or on purpose) looking into your device.
14. Backup. Backup. Backup.
Well, our last tip is common digital sense. If everything fails, have a Plan B, and C and D… With Avast Mobile Backup you can protect all your data: contacts, call logs, messages, all your media files (photos, musics and videos) and your apps (with their data if you’re rooted) in safe servers. If your device gets broken, lost or stolen, everything will be there, encrypted and safe, for you to restore to your new device.
Have you followed all our tips? Are you feeling safe? Do you have an extra protection or privacy tip? Please, leave a comment below.
Avast Mobile Security includes many handy anti-theft features that can help you locate your stolen or lost phone. You can wipe it remotely, it informs you if your SIM card has been stolen, and even allows you take pictures of the person who took your phone. Another cool feature of Avast Anti-Theft is the siren. I decided to test the siren with my friend, who had just downloaded Avast Mobile Security, to see how it could affect a phone thief.
What does the Avast Anti-Theft siren do?
The Avast Anti-Theft siren was developed by the Avast mobile team to be activated when you either lose your phone (even if it is misplaced in your room and on silent) or if it gets stolen. The siren continuously and loudly says the following, by default, when activated: “This device has been lost or stolen!”. In the advanced settings of Avast Mobile Security you can customize what message the siren will sound, if you do not want to use the pre-set message. You can do this under “Select Sound File” or “Record Siren Sound”.
The siren is designed to frighten phone thieves, or to warn people surrounding the thief that the phone might be in the hands of the wrong person. When the first siren cycle began, we tried to turn down the volume. However, the alarm would begin again at the loudest possible volume. We then decided to see what would happen if we took out the battery, this stopped the siren of course, but as soon as we put the battery back in, the siren started to go off again. To say the least, we agreed that it would effectively frustrate and annoy a thief too.
How to turn off the siren
After a minute of testing the app, we decided to turn off the siren using one of these two possible methods:
MyAvast: You can control your phone remotely via your MyAvast account. In your MyAvast account you can keep track of all your devices that have Avast products installed on them. From within your MyAvast account you send numerous Anti-Theft commands to your phone, including activating and deactivating the Anti-Theft siren. Once you are logged into your MyAvast account click on the name of the mobile device you want to control and then click on the siren symbol. From there you can send a command to turn the siren on and off.
SMS command: Using the Avast PIN you set up when you downloaded Avast Mobile Security, you can send SMS commands to your phone to remotely control it. To turn the siren off, text your Avast PIN followed by “SIREN OFF” to your phone.
Have fun checking out Avast Mobile Security’s cool and handy Anti-Theft features, but, please, use caution when testing the siren
Avast is the leader in the cyber security arms race.
There are others fighting the fight, but a 21.4% share makes Avast the leader in the antivirus vendor market as reported in OPSWAT’s quarterly market share report.
That’s good news for individuals and business owners concerned about protecting themselves from vulnerable networks, swiped passwords, pilfered finanical data, erased online identities, and stolen Social Security or national ID numbers. Opinions about the future of cyber-attacks range from doom and gloom to optimism about the steady progress in security, but the fact remains that in today’s world, we have to work around the Internet’s vulnerable design and motivated hackers challenging businesses and home users.
“Installing an antivirus product is the first, not last, step to having a safe and secure computer,” said OPSWAT’s Gears product manager, Adam Winn. “Avast’s popular antivirus and security products are helping to improve security for all. Creating accessible antivirus products for home users contributes to an overall improved security status for everyone, even businesses.”
The OPSWAT report contains the latest figures on antivirus market share and usage, as well as analysis of compromised devices. A disturbing finding from the report stated,
More than 90% of Windows PCs have not run an antivirus full system scan in the last 7 days. Of these, 15% hadn’t even had their antivirus definitions updated within the previous three days which might explain why over3% were found to be seriously infected.
“It’s reasonable to assume in an organization with 400 PCs, a full dozen are compromised,” said Winn as an illustration of the seriousness. “The interconnected state of computing has blurred the lines between home and business, especially with BYOD, remote working, and SaaS. For this reason, it’s in everyone’s best interest that traditional antivirus protection continues to be in place to deter casual and commodity attacks.”
A lack of regular updates and full system scanning is especially problematic. Organizations without robust endpoint management and solutions in place to identify and remediate these risks are giving insecure devices access to their networks and could find themselves in violation of data security regulations.
The data for the report was collected by OPSWAT GEARS, a free device security and management tool. You can add your computer to the sample if you don’t mind them collecting information regarding the applications installed on your computer. Check it out here, https://www.opswatgears.com/
A couple of days ago, a user posted a comment on our forum regarding apps harboring adware that can be found on Google Play. This didn’t seem like anything spectacular at the beginning, but once I took a closer look it turned out that this malware was a bit bigger than I initially thought. First of all, the apps are on Google Play, meaning that they have a huge target audience – in English speaking and other language regions as well. Second, the apps were already downloaded by millions of users and third, I was surprised that the adware lead to some legitimate companies.
The Durak card game app was the most widespread of the malicious apps with 5 – 10 million installations according to Google Play.
When you install Durak, it seems to be a completely normal and well working gaming app. This was the same for the other apps, which included an IQ test and a history app. This impression remains until you reboot your device and wait for a couple of days. After a week, you might start to feel there is something wrong with your device. Some of the apps wait up to 30 days until they show their true colors. After 30 days, I guess not many people would know which app is causing abnormal behavior on their phone, right?
Each time you unlock your device an ad is presented to you, warning you about a problem, e.g. that your device is infected, out of date or full of porn. This, of course, is a complete lie. You are then asked to take action, however, if you approve you get re-directed to harmful threats on fake pages, like dubious app stores and apps that attempt to send premium SMS behind your back or to apps that simply collect too much of your data for comfort while offering you no additional value.
An even bigger surprise was that users were sometimes directed to security apps on Google Play. These security apps are, of course, harmless, but would security providers really want to promote their apps via adware? Even if you install the security apps, the undesirable ads popping up on your phone don‘t stop. This kind of threat can be considered good social engineering. Most people won‘t be able to find the source of the problem and will face fake ads each time they unlock their device. I believe that most people will trust that there is a problem that can be solved with one of the apps advertised “solutions” and will follow the recommended steps, which may lead to an investment into unwanted apps from untrusted sources.
Avast Mobile Premium detects these apps, protecting its users from the annoying adware. Additionally, the apps’ descriptions should make users skeptical about the legitimacy of the apps. Both in English and in other languages such as German, were written poorly: “A card game called ‘Durak‘ – one of the most common and well known game“.
The apps‘ secure hash algorithm (SHA256) is the following: BDFBF9DE49E71331FFDFD04839B2B0810802F8C8BB9BE93B5A7E370958762836 9502DFC2D14C962CF1A1A9CDF01BD56416E60DAFC088BC54C177096D033410ED FCF88C8268A7AC97BF10C323EB2828E2025FEEA13CDC6554770E7591CDED462D
The Avast Mobile Security Team will be introducing its latest suite of apps and solutions at this year’s Mobile World Congress in Barcelona, March 2 – 5.
The team, including Jude McColgan, President of Mobile, and Daniel Cheng, Head of Worldwide Mobile Sales and Marketing, will be participating in this must-attend conference for mobile industry leaders, visionaries, and innovators.
The Avast team are leaders in securing the mobile ecosystem as it expands into the retail, banking, and health services industries. Along with interesting discussions about the latest security threats and vulnerabilities for Android and iOS devices and how users can protect themselves from those threats, our team will show users how they can free their phone from unnecessary files to gain valuable storage space on their mobile devices.
New threats and trends
Mr. McColgan and Mr. Cheng will introduce a solution that addresses Wi-Fi security issues. Many people don’t know that connecting to Wi-Fi networks on-the-go at cafes, airports, or hotels make them vulnerable to hackers. Without the protection of a virtual private network (VPN), hackers can gain access to people’s emails, browsing history, and personal data. Now, routers are increasingly becoming targets for hackers, harboring new risks for iOS and Android smartphones and tablets. Avast will be revealing new research data, then introducing a solution for this threat at Mobile World Congress.
Storage on your smartphone and tablet can be a challenge especially when social media, video, music streaming, and news reader apps pile up data that eats up valuable storage space. Avast will showcase a new solution that addresses this problem.
If you are attending Mobile World Congress, please stop by and visit the Avast team at stand 5K29 in Hall 5.
For the rest of us not lucky enough to travel to Barcelona during the Mobile World Congress, visit the Avast blog and Facebook page where we will keep you updated on all the announcements and happenings. Take a look at some of the fun from last year’s event.