Protecting over 230 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Posts Tagged ‘android’
August 1st, 2015

Free Avast Cleanup app cleans and optimizes Android phones and tablets

Avast Cleanup is a free app for Android

Avast Cleanup is a free app for Android

After a while, your phones and tablets accumulate obsolete files and superfluous data, system caches, gallery thumbnails, and programs. This ‘junk’ slows down your device and eats up precious storage space.

Avast Cleanup identifies and cleans unwanted files from your Android device so it will run like a champ again.

Our new free app, Avast Cleanup & Boost for Android, cleans away all the unwanted files and programs so that your device is running smoothly and quickly with storage space to spare. But don’t take our word for it.

Read more…

July 29th, 2015

Big Brother(s) Could be Watching You Thanks to Stagefright  

Earlier this week, security researchers unveiled a vulnerability that is believed to be the worst Android vulnerability yet discovered. The “Stagefright” bug exposes nearly 1 billion Android devices to malware. The vulnerability was found in “Stagefright”, an Android media library. Hackers can gain access to a device by exploiting the vulnerability and can then access contacts and other data, including photos and videos, and can access the device’s microphone and camera, and thus spy on you by recording sound and taking photos.

All devices running Android versions Froyo 2.2 to Lollipop 5.1.1 are affected, which are used by approximately 95% of all Android devices.

The scary part is that hackers only need your phone number to infect you. The malware is delivered via a multimedia message sent to any messenger app that can process MPEG4 video format – like an Android device’s native messaging app, Google Hangouts and WhatsApp. As these Android messaging apps auto-retrieve videos or audio content, the malicious code is executed without the user even doing anything – the vulnerability does not require the victim to open the message or to click on a link. This is unique, as mobile malware usually requires some action to be taken to infect the device. The malware could also be spread via link, which could be sent via email or shared on social networks, for example. This would, however, require user interaction, as the video would not load without the user opening  a link. This exploit is extremely dangerous, because if abused via MMS, victims are not required to take any action and there are neither apparent nor visible effects. The attacker can execute the code and remove any signs that the device has been compromised, before victims are even aware that their device has been compromised.

A cybercriminal’s and dictator’s dream

Read more…

July 24th, 2015

Malware that Just Won’t Give Up on Google Play

A team of malware authors is playing a cat and mouse game with Google. The game goes like this: they upload their malware, Google Play quickly takes it down, they upload a new mutation and Google takes it down. Current status of the game: the malware is back on Google Play. So far, the malicious apps have infected hundreds of thousands of innocent victims.

In April, we discovered porn clicker malware on Google Play posing as the popular Dubsmash app.

Mutant malware

Two days ago, we reported that a mutation of the porn clicker malware, created by a Turkish group of malware authors, made its way back onto Google Play, but have since been removed from the Play Store.

Once the apps were downloaded they did not do anything significant when opened by the user, they just showed a static image. However, once the unsuspecting victim opened his/her browser or other apps, the app began to run in the background and redirect the user to porn sites. Users may not have necessarily understood where these porn redirects were coming from, since it was only possible to stop them from happening once the app was killed. Fellow security researchers at Eset reported that more apps with this mutation were on Google Play earlier this week. Eset also reported that the original form of the malware was uploaded to Google Play multiple times in May. Our findings combined with that from Eset, prove that these malware authors are extremely persistent and determined to make Google Play a permanent residency for their malware.

I’ll be back…

Read more…

July 22nd, 2015

Creators of Dubsmash 2 Android Malware Strike Again

Malware Writers Can’t Keep Their Hands Off Porn

In April, we reported on a porn clicker app that slipped into Google Play posing as the popular Dubsmash app. It seems that this malware has mutated and once again had a short-lived career on Google Play, this time hidden in various “gaming” apps.

For your viewing pleasure

The original form of this porn clicker ran completely hidden in the background, meaning victims did not even notice that anything was happening. This time, however, the authors made the porn a bit more visible to their victims.

The new mutation appeared on Google Play on July 14th and was included in five games, each of which was downloaded by 5,000-10,000 users. Fortunately, Google reacted quickly and has already taken down the games from the Play Store.

The selection of "gaming" apps affected by Clicker-AR malware on the Google Play Store.

The selection of “gaming” apps affected by Clicker-AR malware on the Google Play Store.

Once the app was downloaded, it did not really seem to do anything significant when opened by the user. However, once the unsuspecting victim opened his/her browser or other apps, the app began to run in the background and redirect the user to porn sites. Users may not have necessarily understood where these porn redirects were coming from, since it was only possible to stop them from happening once the app was killed.

Read more…

July 21st, 2015

Android malware Fobus now targeting users in the U.S., Germany and Spain

Mid January we informed you of a data-stealing piece of Android malware called Fobus. Back then Fobus mainly targeted our users in Eastern Europe and Russia. Now, Fobus is also targeting our users in the USA, United Kingdom, Germany, Spain and other countries around the world.

Fobus can cost its unaware victims a lot of money, because it sends premium SMS, makes calls without the victims’ knowledge and can steal private information. More concerning is that Fobus also includes hidden features that can remove critical device protections. The app tricks users into granting it full control of the device and that is when this nasty piece of malware really begins to do its work. You can find some more technical details and analysis of Fobus in our previous blog post from January.

Today, we decided to look back and check on some of the data we gathered from Fobus during the last six months. We weren’t surprised to find out that this malware family is still active and spreading, infecting unaware visitors of unofficial Android app stores and malicious websites.

The interesting part of this malware is the use of server-side polymorphism, which we suspected was being used back in January but could not confirm. We have now confirmed that server-side polymorphism is being used by analyzing some of the samples in our database. Most of these have not only randomly-generated package names, but it also seems that they have randomly-generated signing certificates.

Number of users who have encountered Fobus

Number of users who have encountered Fobus

Read more…

July 18th, 2015

How to thoroughly wipe your phone before selling it

Make sure your Android phone is wiped clean before you sell it.

Every day, tens of thousands of people sell or give away their old mobile phones. We decided to buy some of these used phones to test whether they had been wiped clean of their data. What we found was astonishing: 40,000 photos including 750 photos of partially nude women and more than 250 male nude selfies, 750 emails and texts, 250 names and addresses, a collection of anime porn, a complete loan application, and the identity of four of the previous phone owners.

How did we recover so much personal data?

The problem is that people thought they deleted files but the standard features that came with their operating system did not do the job completely. The operating system deleted the corresponding pointers in the file table and marked the space occupied by the file as free. But in reality, the file still existed and remained on the drive.

Read more…

July 14th, 2015

Do third-party app stores pose a threat to mobile security?

Android Malware

Malware detected on Android

Over time, we’ve noticed the presence of some fairly heated user debates disputing the necessity of security or antivirus apps for Android devices. This could have been sparked by our recent post which argues that you can’t always rely on the security of Google Play or because of the myth that antivirus companies create viruses to sell more software.

Certain security gurus claim that if users stick to downloading and purchasing apps using only the Google Play Store, nothing bad will happen to their devices. However, we found that this line of thinking is not 100% correct, as was demonstrated through the discovery of a rogue Dubsmash app or in the infamous case of apps on Google Play posing as games and infecting millions of users with adware. Despite these findings, there are some users who still feel that they’re safe whenever using Google Play. This feeling of false security could have negative consequences; for example, when your data or financial information is stolen or when you have to resort to resetting your device in order to cleanse it of malware.

So, we know we can’t rely on the Google Play Store all the time, but are third-party stores more secure? Of course not. In this case, how is it still possible that it’s not a problem to use third-party stores? First of all, it’s necessary to point out that there are certain legitimate and clean third-party stores, such as Amazon and FDroid. At the same time, there are tons of shady stores and even more black market .apk files promising to deliver you the latest features of a cracked app.

Read more…

May 28th, 2015

The Internet of Things (to be hacked?)

The Jetsons (via philosophymatters.org)

Soon, we’ll be living like The Jetsons (image via philosophymatters.org)

By the end of the decade, everyone on Earth will be connected.
–Eric Schmidt, Google chairman

As a rule of thumb, it’s good to keep in mind that anything and everything that can be connected to the Internet can be hacked. Poorly designed or implemented systems could expose serious vulnerabilities that attackers can exploit. Now, most of us are fairly familiar with certain gadgets that can be connected to the Internet, such as mobiles devices and/or laptops, smart watches, and cars, but what about the things that are still emerging within the Internet-connected world? Some of these new items include routers, sensors, and everyday gadgets such as alarm clocks, wearables, microwaves, and grills.

Read more…

May 26th, 2015

Where is my phone? Avast Anti-Theft knows.

Giri got his stolen phone back because of Avast Anti-Theft

Giri got his stolen phone back because of Avast Anti-Theft

A stranger broke into Giri C’s house last September. The thief looked through Giri’s belongings for something of value. He found a MotoE Phone and grabbed it. Mobile phones are an easy target because the thief can just slip in a new SIM card and resell the phone on the black market.

What this thief didn’t know was that Giri had installed Avast Anti-Theft protection. Avast Anti-Theft allows you to set up your desktop account or use a friend’s phone to remotely locate your device, lock it, activate the remote siren, or wipe its data clean.

Read more…

May 20th, 2015

New ASUS ZenPad to come with Avast Mobile Security

ASUS partners with Avast

ASUS partners with Avast

ASUS, the third largest consumer notebook vendor in the world, has selected Avast Mobile Security to be pre-loaded on its new line of Android powered tablets.

These tablets, called ZenPad, will be debuted at the upcoming Computex in Taiwan this June. The much anticipated 7-inch ZenPad 7 will give customers 12 months of Avast Mobile Security and allow free access to premium versions of Avast Backup and Avast Anti-theft.

Read more…