Protecting over 230 million PCs, Macs, & Mobiles – more than any other antivirus


November 12th, 2015

What happens when Avast engineers spend the night in a parking garage?

A hackathon resulting in creative prototypes of apps and hardware.

Avast engineers have a hackathon

Avast engineers pull an all-nighter

It had all the makings of a classic hackathon: An all-nighter in a weird location fueled by coffee and good ideas. Located in the parking garage of our current Avast headquarters, R&D teams participated in the event with the goal to invent cool things we can implement in our new HQ building, which is nearly completed.

We dubbed the hackathon Párkathon, because our new HQ building has a sausage-like curve to it. In the Czech language sausage is “párek” + hackathon = Párkathon.

Here’s what it looked like:

The Párkathon started on Thursday and continued through the wee hours of the morning all the way through Friday evening. Some people were so psyched about their projects that they continued at home or even stayed at the office during the weekend to finish . On Monday morning, the epic hackathon ended with a demo session and attendees voted for the winning team. The prize was a barbecue party for that team. And they kindly invited all the other Párkathon attendees.

Some of the projects that came out of Párkathon include:

Winning projects

iZasedáček – an interactive version of the office seating plan. This app let’s people quickly find who sits where and localize empty chairs. It includes floor maps of the building.

Stairs vs. Elevators - devices for measuring stairs or elevator usage. Including HW prototype – every time someone crosses two laser beams, his walk through is counted. Other use cases are under development.

Other projects that came out of Párkathon

Waldo – a tool for the real-time search of people within the building using iBeacons and GPS. Users can send messages along with a location request inside or outside the building to quickly organize a meeting.

Hacked Earth – 3D visualization of geo-located data on Earth’s surface. Can be used for real-time display of virus attacks around the world or product information like the visualization of app installations. The plan is to use it at reception, meeting rooms, or for events.

FunMon – the real-time monitoring of table football and billiards usage. Uses HW sensors to detect facility usage and allows short-term booking.

Orchestrované zobrazovátko – a system for streaming content to TVs around the building. This is an easy way to show content on any TV. There is also the option to broadcast the same message on a group of TVs or even all of them.

Zasedačkomat – an app for wall-mounted Android tablets in each meeting room. It shows the room availability and allows you to perform basic tasks like reserving the room or releasing it for use.

3D navigation – printing of custom made direction signs for our new building. This task included learning to work with 3D printer.

MemeGen – system for internal memes and jokes.


Follow Avast on FacebookTwitterYouTube, and Google+ where we keep you updated on cybersecurity news every day.

Categories: General Tags: , ,

November 11th, 2015

The Anatomy of an IoT Hack

Avast researchers hacked a Vizio Smart TV to gain access to a home network.

Avast researchers hacked a Vizio Smart TV

Hackers could gain access to your home or office network through the Smart TV

Co-authors: Ross Dickey and Riley Seaman 

The Internet is everywhere —  in your TV, your light bulb, and even your refrigerator. We are now living in the world of the Internet of Things. With all of our physical devices connected to the Internet, it’s important to understand how someone might access your information or violate your privacy through these devices. As an example, we’ll walk through hacking a Smart TV with the intention of gaining access to the victim’s home network, as well as to illustrate the privacy implications of having Internet-connected devices in your home or office.

Through this experiment, our aim is to show just how much a regular person can be affected by vulnerabilities within a smart device. Throughout our journey, we went through a series of processes that involved (but were not limited to) a simulated Man-in-the-Middle (MITM) attack, the injection of an SSID, and the decoding of the device’s binary stream. We dove straight in, making our way through many avenues and curves with the ultimate goal to “crack the salt” (more on that later).

In the end, we found that the smart TV we were inspecting actually broadcasted fingerprints of users’ activities, whether they agreed to the device’s privacy policy and terms of services when first setting it up. In addition, we uncovered a vulnerability within the device that could serve as a potential attack vector for an attacker attempting to access a user’s home network. Since this all sounds pretty creepy, it’s important to note that Vizio successfully resolved these issues upon being notified of our findings. Now, onto the experiment we go:

Read more…


November 9th, 2015

‘Secret Sister’ gift exchange is a scam

Tis’ the season for scams to circulate on Facebook and other social sites.

It sounds like great fun! Join your friends for a “Secret Santa” type gift exchange, and invite lots of others to the party. Only problem is that it’s a hoax.

Secret Sisters scam on Facebook

Don’t wait by your mailbox for gifts from this exchange

Watch out if you get a message on your Facebook Newsfeed (also spotted on Reddit) inviting you to join a ‘Secret Sister’ gift exchange. And don’t pass it on, either. It’s a scam, it’s against Facebook’s Terms of Service for sharing personal information, and it could very well be illegal.

Read more…

Comments off

November 5th, 2015

DroidJack isn’t the only spying software out there

There’s more than one RAT: Avast discovers that OmniRat is currently being used and spread by criminals to gain full remote control of devices. 

On Friday, I discovered OmniRat, a program similar to DroidJack. DroidJack is a program that facilitates remote spying and recently made news when European law enforcement agencies made arrests and raided the homes of suspects as part of an international malware investigation.

OmniRat and DroidJack are RATs (remote administration tools) that allow you to gain remote administrative control of any Android device. OmniRat can also give you remote control of any Windows, Linux or Mac device. Remote administrative control means that once the software is installed on the target device, you have full remote control of the device.

On their website, OmniRat lists all of the things you can do once you have control of an Android, which include: retrieving detailed information about services and processes running on the device, viewing and deleting browsing history, making calls or sending SMS to any number, recording audio, executing commands on the device and more.

OmniRat

Read more…


November 3rd, 2015

Avast 2016 protects your private information

Avast simplifies how you protect your privacy with new products for 2016.

Avast 2016 has got your back

Avast 2016 introduces new products to protect your privacy

Count the number of devices you own. If you are like most modern digital-age people, you have a smartphone, half of you own a tablet, and most all of us have a desktop or laptop computer connected through a home router.

Now think about all the private information that you have on those devices. Bank account numbers, passwords, photos, messages and emails – all of them needing some form of protection to stay out of the wrong hands.

In a survey we did this year, 69% of you told us that your biggest fear is that the wrong person would see your personal information. In fact, Americans are so scared of having their financial information get into a bad guy’s possession, that 74% said they’d rather have nude photos of themselves leaked on the Internet! The problem is that most people are not doing anything to protect their privacy, for example, 40% of Americans don’t even lock their smartphones.

“While people are rightfully concerned about privacy, there is a disconnect between that concern and the steps they take to protect themselves,” said Vince Steckler, chief executive officer of Avast. “Users have a multitude of devices and passwords to keep track of, which can be overwhelming. When users feel overwhelmed, they tend to default to unsafe practices that put their privacy at risk.”

The new Avast 2016 for PC and Mac, the redesigned Avast Mobile Security, and the new kid on the block, Avast SecureMe, will all help reduce the complex task of protecting your private, personal information.

So time to face your fear and take steps to protect yourself. Here’s some tools that Avast is launching today to help you:

Read more…


November 2nd, 2015

Avast achieves ICSA Labs certification

We’re happy to announce that Avast Free Antivirus on Windows 10 64-bit has been certified by ICSA Labs! After being tested in the ICSA Labs Anti-Virus Certification Testing Laboratory, Avast Free Antivirus on Windows 10 64-bit has satisfied the requirements for the Desktop Server AV Detection module within the Anti-Virus Corporate Certification Testing Criteria.

Read more…

Comments off

November 1st, 2015

“Good Samaritans” return lost phones from Avast experiment

Twenty Android mobile phones were intentionally lost in The Lost Phones social experiment that Avast security analysts ran for 5 months.

The story is about how Avast Anti-Theft was able to track the phones and follow the journey that some of them took after being found. But four of those phones were returned to Avast because of good Samaritans who didn’t feel it was right to keep them.

Quiana W. returned a lost phone to Avast

Quiana W. returned a lost phone to Avast

We spoke to two of them; Quiana W., who found a phone on a park bench in Harlem, New York City and to Michael D. who found one in a public restroom in San Francisco. We asked what they thought when they first spotted the phones.

Quiana: I wanted to check it to see if it was on and see if I would be able to contact someone to return their phone. I know what it feels like to lose things, wallet or a phone, so I was just trying to pay it forward. It doesn’t necessarily have to happen back to me in this way, but it was just something that kind of took my heart.

Michael: My initial reaction was to leave the phone where it was. It seemed a little suspicious – how could someone not hear the phone drop onto the floor? I also thought that someone might mistake me for a thief if I walked out with the phone. But then, partially out of boredom and partially out of honesty, I decided to play detective and find the phone’s owner.

Read more…

Comments off

October 30th, 2015

How the Avast ‘Lost Phone’ experiment worked

We trust our free app Avast Anti-Theft to track down lost phones, but we wanted to put it to the test in a real-world situation. So five months ago, we bought 20 Android smartphones and installed three security apps on all the phones: Our free Avast Anti-Theft app, Lookout Mobile Security, and Clean Master. Each phone was marked with contact information on where to return the device if found. After all was prepared, Avast security analysts traveled to New York City and San Francisco to randomly “lose” them in public places.

Here’s a video that shows what happened.

Over the months, the analysts used the Avast Anti-Theft app to track the lost devices and observed the following:

  • 15 phones were wiped clean using the factory reset feature
  • 11 phones stayed online for more than 24 hours after losing them
  • 7 phones we were able to track for several months
  • 4 phones were returned
  • 4 phones are currently online and used
  • 2 phones ended up abroad
  • 1 phone was never factory data reset

The majority of lost devices were wiped clean using the factory reset feature, but only the Avast Anti-Theft app survived the factory reset.

You can track your missing mobile phones and tablets with Avast Anti-Theft. Get it for free from the Google Play Store.


Follow Avast on FacebookTwitterYouTube, and Google+ where we keep you updated on cybersecurity news every day.


October 29th, 2015

Avast Wi-Fi Finder helps you stay connected wherever you are

Many of us have found ourselves in situations in which we need Wi-Fi connection and are unable to find it easily. Since we’ve become used to being connected to safe and steady Wi-Fi networks at home or in the office, it can become frustrating and inconvenient when we’re unable to establish a quick connection and gain secure online access.

For those seeking a fast, reliable and secure Wi-Fi connection, we’re happy to introduce you to Avast Wi-Fi Finder. Our new app gives you the opportunity to have a fast connection regardless of your location while continuously providing you with privacy and security. Whether you’re at the gym, a hotel, cafe, bus station or library, Avast Wi-Fi Finder has got you covered.

Read more…


October 28th, 2015

What happens to your mobile phone when you lose it?

That’s what we wanted to find out.

Avast security analysts ran a five-month experiment to “lose” and track 20 mobile phones.

More than 3 million phones are lost each year

More than 3 million phones are lost each year

To prepare the phones for the experiment, they activated three security apps: Our own free Avast Anti-Theft, Lookout Mobile Security, and Clean Master. They made sure that each phone was marked with contact information so it could be returned if found. Then, they randomly placed 10 phones around New York City and the other 10 around San Francisco.

It didn’t take long for the phones to be found and tampered with. Fifteen of the 20 phones were wiped clean using the factory reset feature. They only security app that survived the factory reset was Avast Anti-Theft.
That was just what our analysts needed to track the lost devices on their adventures.

And what adventures they had!

On a slow boat to…India?!

One of the phones, lost in Battery Park, New York City, eventually found its way to Mumbai, India. At first, a long, slow journey across the Atlantic Ocean had our analysts baffled, until they theorized that the phone was aboard a transatlantic cargo ship. Read more…