Protecting over 230 million PCs, Macs, & Mobiles – more than any other antivirus


Posts Tagged ‘apps’
June 22nd, 2015

Looking back at WWDC 2015


Apple’s Worldwide Developers Conference kicked off June 8 at San Francisco’s Moscone West.

Earlier this month, I was lucky enough to attend Apple’s Worldwide Developers Conference (WWDC) in San Francisco, where mobile developers from far and wide came together to learn about the future of iOS and OS X systems. Along with being the first time I was able to participate in this sought-after conference, it was also my first time visiting San Francisco.

Once you get past its glitz and the glamour, the majority of the event revolves around waiting in a series of queues — long before the actual event began, the line for the event’s keynote lectures had formed around an entire city block. Although I wasn’t one of the first people to camp out there, I did arrive around 5:30 a.m. on Monday to stake out my spot. While the masses of people at WWDC can be a bit overwhelming, there really isn’t a better place to meet thousands of like-minded developers with whom one can strike up an interesting conversation discussing the ins and outs of of iOS development. Read more…

Categories: General Tags: , , , , , ,
Comments off
May 1st, 2015

TGIF: Avast news wrap up for April 18 – May 1

The Avast bi weekly wrap-up is a quick summary of what was on the Avast blog for the last two weeks.

Woman using smartphoneMost everyone knows their PC needs antivirus protection, but they don’t think about their smartphone. These days smartphones are just about as powerful and have as much or more personal information as our desktop PC at home. We answer the question do Android devices really need protection?

Avast finds porn clicker app named Dubsmash 2 on Google PlayThe answer is a resounding YES. The Avast Virus Lab gives us an example from a trusted download source, Google Play: A porn clicker app slipped into Google Play imitating the popular Dubsmash app. If we cannot completely rely on trusted app stores to weed out nasty apps, then it’s time to add an extra layer of security.

AV-Comparatives internet study 2015Once you decide that you do want to protect your Android device, you can be confident in Avast Mobile Security, Avast’s free security app available on Google Play. A survey by AV -Comparatives said that Avast was the #1 choice for mobile security in the entire world. No need to wait any longer to protect your smartphone or tablet.

newABSOne of the challenges with using a smartphone for so many activities, is that the battery gives out before we do. Our new free app Avast Battery Saver raises the bar with new Wi-Fi based smart profiles that can increase battery life by an average of 7 hours.

battery-saver-infographics-EN one sectionAvast Battery Saver has only been available for a month or so but already 200,000 customers have downloaded it from the Google Play Store. For Earth Day we highlighted battery saver users for their positive impact on the environment. Who knew that Avast Battery Saver would be so green? A cool infographic shows just how much they saved -  not only from their own battery -  but in energy costs too. Now Earth Day can be everyday!

office-workersSmall and medium-sized businesses (SMBs) run the risk of data breaches just like there Enterprise cousins. Luke Walling, the General Manager of Avast for Business, explains that the biggest threat to SMBs is not actually hackers sitting somewhere far away. The biggest threat to your SMB could be sitting in your office!

blog3-enSpeaking of Avast for Business, our new disruptive free security offering for SMBs has 75,000 new customers in just 2 months. If you have a start-up, a small business, if you work in a school or non-profit organization, then it’s time to stop paying for security protection.

Cybercrooks use lots of tricksOur researchers are constantly surprised by the creativity of malware authors. Recently, they found a new way cybercrooks trick people in giving up their banking information. It’s a crafty combination of spam email, social engineering, and a macro code embedded in an innocent looking Word document.

usb_hub_robotMost people have security protection on their computers. That’s great when there are things like the banking malware we wrote about. With all that great protection why is it that they don’t trust the warnings? The Avast Virus Lab explored why some people would rather be right than believe a malware warning.

April 14th, 2015

Fear and loathing on Google Play: An in-depth look at today’s battery saving and cleaning apps

Aavst Battery Saver saves battery power.

Install Avast Battery Saver on your Android device for free from Google Play!

Avast Battery Saver quickly and easily helps you to save your Android’s battery life

Mobile devices are currently evolving at an exceptional rate. Processor speed, display quality and connectivity options have changed dramatically over the past few years. However, battery capacity still seems to be struggling to keep up with the evolving capacity needed to power the enormous amount of new processors and displays.

According to a recent survey answered by 20, 000 people, 60% of Android owners are not satisfied with their device’s battery life.

There are a huge amount of Android applications trying to solve that problem, yet most of them fail to do so. When examining the features available on these apps, it becomes easy to see why many of them haven’t achieved complete success.


Task-killing is the most popular feature available not only within many battery saving apps, but also within cleaners and phone boosters. It most likely originated in Windows’ desktop operating system. Since users had first become accustomed to closing programs on Windows when their PCs began to slow down, this behavior transferred over to mobile devices when the users began to use Android.

However, Android’s system works differently. Android aims to keep RAM full in order to switch between applications more quickly. If there is no free RAM left, Android kills less recent applications. Thus, there is no need for the user to shut down the apps manually. Furthermore, task-killing actually slows down devices because each time an app is shut down, its data must be loaded to RAM again.

Try it yourself

Here’s a small test that you can try: install a task-killer, RAM booster or battery saving app that “cleans” RAM. Click the main button (it’s usually called “Optimize” or “Boost”). You’ll see several apps killed. Then, wait for a few seconds and try it again. Nothing will happen, as you’ve just killed everything.

Now, uninstall or clear the data in the tested app. After you click the “Optimize” button again, almost all of the apps you’ve just killed are shown to be killed again. Looks strange, huh? It might appear that the “Optimize” button doesn’t do anything. In reality, it does kill applications. The trick is that many apps start directly after being killed using Android’s WakeLock feature. Apps with an “Optimize” button have a timer which prevents users from seeing that killed apps are running again after a few seconds. Because of this, there is no sense in using “Optimize”.

More info about task-killing can be found here:



How can I actually save my device’s battery life?

A couple main factors that contribute to saving battery is turning off certain features of your device including Wi-Fi and mobile data and limiting display brightness and timeout.

Avast now brings you Avast Battery Saver, an application which saves power without hassle. It optimizes phone settings such as Internet connectivity, screen brightness, and timeout according to your needs. Smart power profiles are activated automatically based on time, location, and battery level without sacrificing the activities you love most.

Avast Battery Saver also contains a powerful tool to solve the issue of apps draining your battery’s lifespan while not being used. You have the ability to see how much battery every app is draining and force stop any that you’re not currently using. Unlike task-killing, force-stopping is Android’s native solution to prevent apps from unnecessarily running in the background. Once force-stopped, an app will not run again until it’s next manually opened.

Ready to save? Download Avast Battery Saver for free on Google Play.

April 7th, 2015

Don’t take the bait: Beware of web attack techniques

Mousetrap with cheese

When it comes to cybercrime, it’s always better to be in the know. Here are a few ways that web attacks can find their way onto your device. Don’t be fooled — most cybercrooks design attacks to  take place where you’d least expect it.

  1. Social engineering preys on human weakness

“A lot of attacks are still using social engineering techniques; phishing emails – ways of convincing the user to give up valuable information,” said Avast CEO Vince Steckler.

In a phishing or spearphishing attack, hackers use email messages to trick people into providing sensitive information, click on links, or download malware. The emails are seemingly sent from organizations or individuals the potential victims would normally get emails from, making them even more deceptive. Last July, Avast took a look at the Tinba Trojan, banking malware that used spearphishing to target its victims.


An example of an injected form from Tinba Trojan targeting U.S. Bank customers.

Web attacks also take place through SMS Text Phishing, also known as SMSishing. This method has become one of the most popular ways in which malicious threats are transmitted on Android devices. These text messages include links that contain malware, and upon clicking them, the malicious program is downloaded to the user’s device. These programs often operate as SMS worms capable of sending messages, removing apps and files, and stealing confidential information from the user.

  1. Malicious apps attempt to fool you

Malicious programs can disguise themselves as real programs by hiding within popular apps or games. In February, we examined malicious apps posing as games on Google Play that infected millions of users with adware. In the case of malicious apps, cybercrooks tamper with the app’s code, inserting additional features and malicious programs that infect devices. As a result, the malware can attempt to use SMSishing in order to collect additional data.


The Durak card game app was the most widespread of the malicious apps with 5 – 10 million installations according to Google Play.

  1. Ransomware uses scare tactics that really work

Another name that made headlines was a group of malware dubbed ransomware, such as CryptoLocker, and its variants CryptowallPrison LockerPowerLocker, and Zerolocker. The most widespread is Cryptolocker, which encrypts data on a computer and demands money from the victim in order to provide the decryption key. Avast detects and protects its users from CryptoLocker and GameoverZeus.  

Make sure you back up important files on a regular basis to avoid losing them to ransomware. Ransomware made its way from desktop to Android during the year, and Avast created a Ransomware Removal app to eliminate Android ransomware and unlocks encrypted files for free.

Count on Avast apps to keep mobile malware at bay

To keep your devices protected from other ransomware, make sure to also install Avast Free Mobile Security & Antivirus from the Google Play store. It can detect and remove the malware before it is deployed.

Install Avast Ransomware Removal to find out if your Android devices are infected and to get rid of an infection. Avast Ransomware Removal will tell you if your phone has ransomware on it. If you are infected, it will eliminate the malware. Android users who are clean can use the free app to prevent an infection from happening.Once installed, you can easily launch the app to scan the device, remove the virus, and then decrypt your hijacked files.

Comments off
February 3rd, 2015

Apps on Google Play Pose As Games and Infect Millions of Users with Adware

A couple of days ago, a user posted a comment on our forum regarding apps harboring adware that can be found on Google Play. This didn’t seem like anything spectacular at the beginning, but once I took a closer look it turned out that this malware was a bit bigger than I initially thought. First of all, the apps are on Google Play, meaning that they have a huge target audience – in English speaking and other language regions as well. Second, the apps were already downloaded by millions of users and third, I was surprised that the adware lead to some legitimate companies.

Durak App Google Play The Durak card game app was the most widespread of the malicious apps with 5 – 10 million installations according to Google Play.

Durak interface
When you install Durak, it seems to be a completely normal and well working gaming app. This was the same for the other apps, which included an IQ test and a history app. This impression remains until you reboot your device and wait for a couple of days. After a week, you might start to feel there is something wrong with your device. Some of the apps wait up to 30 days until they show their true colors. After 30 days, I guess not many people would know which app is causing abnormal behavior on their phone, right? :)

Threats detected malcious appsEach time you unlock your device an ad is presented to you, warning you about a problem, e.g. that your device is infected, out of date or full of porn. This, of course, is a complete lie. You are then asked to take action, however, if you approve you get re-directed to harmful threats on fake pages, like dubious app stores and apps that attempt to send premium SMS behind your back or to apps that simply collect too much of your data for comfort while offering you no additional value.

An even bigger surprise was that users were sometimes directed to security apps on Google Play. These security apps are, of course, harmless, but would security providers really want to promote their apps via adware? Even if you install the security apps, the undesirable ads popping up on your phone don‘t stop. This kind of threat can be considered good social engineering. Most people won‘t be able to find the source of the problem and will face fake ads each time they unlock their device. I believe that most people will trust that there is a problem that can be solved with one of the apps advertised “solutions” and will follow the recommended steps, which may lead to an investment into unwanted apps from untrusted sources.

Avast Mobile Premium detects these apps, protecting its users from the annoying adware. Additionally, the apps’ descriptions should make users skeptical about the legitimacy of the apps.  Both in English and in other languages such as German, were written poorly: “A card game called ‘Durak‘ – one of the most common and well known game“.

The apps‘ secure hash algorithm (SHA256) is the following: BDFBF9DE49E71331FFDFD04839B2B0810802F8C8BB9BE93B5A7E370958762836 9502DFC2D14C962CF1A1A9CDF01BD56416E60DAFC088BC54C177096D033410ED FCF88C8268A7AC97BF10C323EB2828E2025FEEA13CDC6554770E7591CDED462D

December 12th, 2014

Mobile advertising firms spread malware by posing as official Google Play apps

As a malware analyst, I find new pieces of malware day in and day out. In fact, I see so many new malware samples that it’s difficult for me to determine which pieces would be really interesting for the public. Today, however, I found something that immediately caught my attention and that I thought would be interesting to share.


The three URLs listed above are websites that offer mobile monetizing kits, which are advertising kits that developers can implement in their mobile apps. The goal for developers is to monetize from advertisements. If a user clicks on one of the ads delivered by one of the above listed providers, he may be lead to a malicious subdomain.

The most visited of the three URLs is Espabit. According to our statistics, we know that Espabit’s servers get around 150,000 views a day and nearly 100% of the views are from mobile devices. This may not seem like that much compared to the number of Android users there are in the world, but it is still a considerable number. Espabit is trying to position themselves as a world leader in advertising, and their website may appear innocent, but first impressions can be deceiving.



The most visited Espabit subdomain, with more than 400,000 views during the last few months, leads app users to pornographic sites via the ads displayed in their apps. The site displays a download offer for nasty apps (no pun intended) that have malicious behavior.



The above is just one example of the malicious links; there are many others hosted on the same server. The majority of the links lead to pornography or fake apps that all have one thing in common: They all steal money from innocent users.

How do they convince people to download their app? By posing as official Google Play apps. The apps are designed to look like they are from the official Google Play Store – tricking people into trusting the source. Since Android does not allow users to install apps from untrusted sources, the sites offer manuals in different languages, like English, Spanish, German, and French, explaining how to adjust Android’s settings so that users can install apps from untrusted sources, like these malicious apps. How considerate of them.



Now let’s take a deeper look at what the apps are capable of doing:

All of the “different” apps being offered by the three sites listed above are essentially the same in that they can steal personal information and send premium SMS. So far, we know about more than 40 of them stored on the websites’ servers. Most of the apps are stored under different links and, again, are offered in different languages (they want everyone to be able to “enjoy” their apps). The goal behind all of the apps is always the same: Steal money.

apps code1





Some of the permissions the apps are granted when downloaded…

apps code2


Once you open the apps, you get asked if you are 18 or older (they are not only considerate in that they offer their product in various languages, but they also have morals!).






After you click on “YES” you are asked to connect your device to the Internet. Once connected to the Internet your device automatically starts sending premium SMS, each costing $0.25 and sent three times a week. That’s all the app does! The amount stolen a week does not seem like much, but that may be done on purpose. People may not notice if their phone bill is $3.00 more than it was the month before and if they don’t realize that the app is stealing money from them and don’t delete the app it can cost them $36.00 a year.

This malware is actually not unique in terms of the technique it uses. However, collectively, the three websites have around 185,000 views daily, which is a lot considering there is malware stored on their servers. Not everyone is redirected to malware, but those who are, are being scammed. Considering that the most visited malicious subdomain had around 400,000 views in the last quarter, it tells us that a large number of those visitors were infected. This means these ad providers are making a nice sum of money and it’s not all from ad clicks and views.

Although many mobile carriers around the world block premium SMS, including major carriers in the U.S., Brazil, and the UK, this case should not be taken lightly. These malware authors use social engineering to circumvent Google’s security and target innocent app users via ads. Think of how many apps you use that display ads, then think of all the valuable information you have stored on your phone that could be abused.

All malicious apps we found and described here are detected by Avast as:

Android:Erop-AG [Trj]
Android:Erop-AJ [Trj]|
Android:Erop-AS [Trj]

Some of SHA256:

Comments off
August 16th, 2014

Facebook Messenger app stirs privacy pot

Lately, you may have noticed that when you try to send messages through Facebook’s mobile app on your phone and tablet, you are prompted to download the standalone Facebook Messenger app. It’s a cool app which allows you to message your Facebook friends, send picture and video messages, and call any of your Facebook friends for free using your Wi-Fi connection. It has also stirred up some controversy about all the permissions it requires.

avast! Mobile Security protects your Android device

Messenger needs permission to take pictures and videos using your camera, record audio, directly call phone numbers, receive/send/read/edit your text messages, access the internet, look into your address book, and keep track of your precise location. When we take a look at the permissions listed on the Google Play store, there are other creepy, but not really threatening, things like preventing your phone from sleeping and controlling the vibration.

The privacy controversy that is stirring is around the question of what Facebook may do with all that data. For example, do they really need to see your address book? Don’t they already know who your friends are on Facebook?

The thing is – nothing has changed about Facebook Messenger permissions. The previous version required the same access as the standalone app. You can read Facebook’s explanation about the permissions here.

We wrote about the changes in the way Google Play manages permissions earlier this summer, pointing out that most people blindly accept whatever app developers want without question. Each of us needs to decide how much we are willing to give in order to get. But please be aware, dear avast! users, that your smartphone combined with social media is a mecca for hackers. Our lives in data are stored on our mobile devices and without strong security and some common sense, cybercrooks can harvest it and use it as they please.

Make sure you protect your devices with the proper security. avast! Mobile Security is for Android phones and tablets, and it’s free. The Application Shield keeps you safe from malicious apps by scanning them on two levels – on installation and on execution. With App manager you can see your running apps, check their permissions, and if they display ads. Download avast! Mobile Security & Anti-theft from the Google Play store.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitterGoogle+ andInstagram. Business owners – check out our business products.






Comments off
August 14th, 2014

The Fine Line between Malicious and Innocent Apps: Part 2

Malware has increased on mobile devices 900% since 2011. As dramatic as that number is, as we explained in part 1 of this post, your Android device is unlikely to become infected with malicious malware.

Nowadays, cybercrooks use more subtle and insidious techniques to steal money and personal data from you.


We explained about PUPs and snoopy apps that want too much information from you. Here are a few more sneaky methods that you should be aware of:

Information hungry ads

App developers are not the only information hungry players in the app game. Ad kits can be found in 80% of free apps. Ads are used to monetize free apps, just like websites display ads to monetize. Unfortunately, not all ad networks play fair. Some ad networks collect and share your personal data.

At the beginning of the year Rovio, maker of Angry Birds, came under fire for allegedly sharing user information with the NSA. They, however, denied this and stated that Ad Networks used by “millions of commercial websites and mobile applications” leaked information to the U.S. intelligence agency.

avast! Mobile Premium, the premium version of avast! Mobile Security, includes an Ad Detector feature. This feature provides full details of an ad network’s capabilities. Ad network permissions are mixed in with the app’s permissions, so it is difficult to differentiate where certain information is being sent and who is accessing your device. App downloaders should therefore always review app permissions thoroughly, as app developers are not the only players on the app’s field.

Empty promise apps

There are apps on the market that are not after your personal data, but are more interested in deceiving you for financial gain. These apps trick people into downloading something different than what they advertised. There are various ways this can be done with various levels of severity.

The most innocent of them being seemingly normal apps that when downloaded only display ads, not even offering the service they advertised. We found apps like this around the time of the World Cup. Games like Corner Kick World Cup 2014 displayed a white screen with ads popping up now and then. This is not necessarily malicious, but frustrating and annoying for the user. If the app had been called Ad Roulette it would be acceptable, but app developers gain a small profit from advertisers when users click on ads displayed within their app. Displaying ads continuously boosts the likelihood that users will click on the ads, thus increasing the app developer’s profit.

More malicious and misleading apps warn people that their device is infected, deceiving them into downloading either an app to remove the “virus” on their device or in some cases downloading actual malware. AVAST discovered an adult app, available on an underground app market that forced users to “scan their device for viruses.”. Subsequently, the app displayed a fake version of avast! Mobile Security, which in reality was ransomware that locked victim’s out of their devices until they paid up.

Apps that gain users by offering a solution to remove non-existent infections, on the other hand, may offer a legitimate app, like a security or other category of app, but the tactic they use to gain users is deceitful and unethical.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitterGoogle+ andInstagram. Business owners – check out our business products.

Comments off
August 9th, 2014

Our pressing need for ‘now’ does not translate to a want for security breaches

instant-gratificationRecode is running a series leading from its “I want it now” piece about people who have grown accustomed to having their desires met on a whim through the aid of savvy entrepreneurs and tech innovators eager to cash in.

We can all relate to “I want it now”.

I feel myself growing impatient in coffee shops when someone has found a spot to connect their laptops or mobile devices to power points – and I have not. As we often spend hours in the one coffee shop sipping from the same latte we ordered more than an hour ago, it’s inevitable from time to time that we’ll want to check our personal affairs.

What’s happening on facebook? I should message my friend. Let’s browse my favorite news and music sites – that concert looks good, I think I’ll buy a ticket. What, my credit card has been rejected? Best do some online banking.

This type of activity in public spaces can be open playing field for the ill-intentioned: The hacker or the “steal your data” money or identity thief.

We would all agree the “I want it now” mentality does not include: ‘I want’ cyber snoops and criminals ‘now’.

We’ve heard the warnings about our mobile devices – the smartphone is a walking computer in your back pocket, and yet one that can easily be lost or stolen. The plethora of text messages, contact lists, photos, online search history – all this information can be found and used against us if it falls into the wrong hands – even when wiped (as our recent blogpost shows).

Hackers are also targeting our mobile devices with malicious malware. Read more…

Comments off
May 21st, 2014

Does your fitness app track more than your daily workouts?

avast! MobileSecurity checks privacy permissions of appsFor the last few years, I have used an app on my Android smartphone to log my training runs. It tracks the distance I ran, the route I took, my running pace, and calories burned. If I want to, I can link it with Facebook or other social networks and share my workouts, or I can pay to have my stats broadcast live, so for example, during a race, my family can follow my progress.

Using an app like this is motivating and helps me to organize my training better, but until recently I had never considered the privacy and security issues surrounding fitness tracking devices and apps.

“Privacy advocates warn that consumers aren’t always aware of how sensitive the data the apps collect can be or what privacy protections exist,” reported The Washington Post yesterday.

My smartphone is protected by avast! Mobile Security, so I decided to take a closer look at my apps with the Privacy Advisor feature. Privacy Advisor scans the apps in my device and tells me what kinds of information they collect. Application Management tells me what permissions individual apps require. My fitness app requires me to give these permissions:

  • Track GPS location
  • Read contact data
  • Access accounts

Not too bad; at least when I compare it to the fitness app that came with the phone.

My fitness app respects my privacy, but many health and fitness apps sell personal information like usernames, names and email addresses, and information like medical symptom searches, zip codes, geo-location, gender identifiers, and dietary and workout habits. A Federal Trade Commission (FTC) study revealed that ad companies and data miners are among the third parties that buy this data.

Already some employers are rewarding their workers with cheaper insurance plans for joining fitness programs. But there is worry that the data collected could be pieced together to create profiles that would backfire. It’s fine when you’re healthy for your fitness, health and medical data to determine things like insurance rates or drug pricing, but what if your health declines?

The FTC “is concerned consumers could be penalized based on health data; for instance, a financial institution might adjust credit ratings based on the fact someone has a disease.”

“Information about consumers most intimate health conditions is going to be sold to the highest bidder,” Jeffrey Chester, the executive director of the Center for Digital Democracy, told the Washington Post. “Employers might get access to it, insurers might get access to it, or mortgage lenders — which could lead to a vast array of negative discriminatory practices.”

Know what your apps want

Check what the apps that you have allowed on your smartphone require with avast! Mobile Security.  Install it free on Android devices from the Google Play store.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news and product information, please follow us on Facebook, Twitter, Google+ and Instagram. Business owners – check out our avast! Business Solutions.