Protecting over 230 million PCs, Macs, & Mobiles – more than any other antivirus


Posts Tagged ‘hacking’
April 30th, 2013

avast! Antivirus gets cameo role in Movies vs. Life viral video

A YouTube video called Movies vs. Life compares scenes embellished with movie magic to their real-life equivalents. We like to think that an avast! Antivirus cameo during a computer hacking scene (pay attention around 0:22 seconds) is one of the reasons that this hilarious video has gone viral. ;-)

A round of applause from avast! to French comedy troupe Golden Moustache for producing this funny video.

Make sure you turn on captions for the English subtitles.

February 14th, 2013

Malware: Dollar Equals Tilde Square Brackets

Recently we encountered a very suspicious piece of code on some Joomla-powered webpages. The code looks as if garbled and without any special meaning, and starts like this:


Upon closer observation, several strange things are to be noted. First, there are no alphanumerical symbols to be seen in any part of the code. Second, on the line before this code starts, there is actually an HTML tag indicating a start of Javascript code (<script>), preceded by 37 tabs. Therefore, when opening an infected file in a text editor, one cannot normally see the starting tag, because it is shifted all the way to the right. To be able to see it, you either have to horizontal scroll, or have word wrap on. The same trick is performed with the script closing tag as well. Why would anyone try to hide these tags? The answer is simple, to trick people into thinking this is not actually a Javascript code.

Read more…

Comments off
January 7th, 2013

“Watering Hole” attacks targeting political sites

Last month we wrote about a flaw in Microsoft’s Internet Explorer that could allow cybercrooks to take control of a Windows-based computer if the user browses to a malicious website. The website making news for that attack was the US-based think tank, the Council on Foreign Relations (CFR). Avast Virus Lab has since discovered that two Chinese human rights sites, a Hong Kong newspaper site, a Russian science site, and weirdly, a Baptist website (see the recent tweet) are also infected with the Flash exploit of IE8.

You can imagine the interesting audience that frequents sites such as these. The CFR, for example, attracts high ranking government officials including former presidents and secretaries of state, ambassadors, journalists, and leaders of industry. These sites were chosen on purpose; instead of targeting the general masses, like in a phishing attack, the perpetrators of a so-called “watering hole attack” target specific topics like defense or energy and lie in wait for persons of interest to visit, similar to a predator at a watering hole waiting for its victims to come to it. Read more…

Comments off
December 6th, 2012

Hotel key hacker picks a new lock

When it comes to hotel security, I usually check two things: 1. Does the door open to an inside hallway or directly to the outside?, and 2. Does the room have a safe to store my passport and other valuables? Now, it seems, I have a third thing to think about: The electronic key.

Those sturdy plastic keycards have always seemed secure, and up to now, my only concern has been losing it, and having to ask the clerk at the front desk for a replacement. But recently, burglaries in American hotel rooms were linked to an electronic ‘hack’ which can open 4-5 million electronic locks in 200 hotel chains worldwide.

Back in July, at the Black Hat security conference, a Mozilla software developer exposed flaws he discovered in hotel room locks from the lock manufacturer Onity. He demonstrated the ability to break into rooms with a simple, cheap device that could be hidden in an iPhone case. Read how he did it. Since the summer, others have perfected the technique, and now thefts have taken place and an arrest was even made in Texas.

Your data is more important than the device it’s on

With all the devices we carry with us these days – I have a smartphone, laptop, and tablet – securing these gadgets is important. The most important thing about these devices is the data that’s on them, so before you leave on your travels, make sure you backup your files, photos, music, etc. Avast! BackUp is an online backup and recovery service that allows you to select sets of data or individual files you want to back up.  You can quickly and easily restore files with the avast! BackUp software on your computer and you may also log in to your account online to restore files. Download a free trial here.

For your Android smartphones and tablets, make sure you install and setup avast! Free Mobile Security, our anti-theft and anti-malware app. It has special “stealth” and remote-access features, including lock, wipe and siren, as well as remote text commands, so you are protected against the loss or misuse of your phone.  Get avast! Free Mobile Security for free from Google Play.

Other valuables, such as travel documents, can be placed in the hotel safe. But be aware that even those aren’t entirely secure. Reports have been made that some can be opened with a default code of all zeroes, 0000. Check it out next time. If you don’t trust the in-room safe or your items won’t fit, consider using the hotel front desk guest safes. If you don’t want to make use of a safe, make sure you bring luggage equipped with locks, so you can secure your valuables inside.

Do you have any other tips to keep your devices and yourself secure while staying in a hotel? Please share them.

October 4th, 2012

“Stranded Traveler” scam still going strong


It mostly happens in London, but I have seen it happen in Manila and Madrid too. My friends seem to travel a lot, and according to the tear-drenched emails, they have a tendency to get mugged. You might have seen it too – the “Stranded Traveler” message from a friend that goes something like this:

I’m writing this email with tears in my eyes, I came down to London for a program unfortunately, i was mugged at the park of the hotel where i stayed, all cash, credit and cell were stolen off me but  luckily for me i still have my passport with me, I have no access to my account. I have been to the embassy and the police here but they are not helping issue at all and my flight leaves tomorrow night but i am having problems settling the hotel bills and the hotel manager won’t let me leave until i settle the bills. Am freaked out at the moment. I need about 2,250 pounds or any amount you can lend me to sort-out the bills, i will refund you as soon as i get back home.

I remember the first time I saw the message. It alarmed me with its urgency, and I felt compelled to help my friend get out of the mess. Questions about how to wire money to her darted through my mind. But then I remembered that I had just seen her post something on Facebook hours before, and she was most definitely not in London getting mugged.

Here’s what happened: Cybercrooks hacked into my friend’s  Facebook and Yahoo accounts. They stole her identity, address books, changed her passwords, then sent out a message to all of her contacts using her email address.

This scam has happened so frequently, and there have been so many complaints, that the FBI issued a warning – over 2 years ago! Amazingly, the scam is still making its way through cyberspace (our CEO received one the other day), and the FBI says that they now have about 150,000 complaints on file. ABC’s Nightline actually answered one of the emails this summer and tracked what happened next. Read their account and watch the video here.

To avoid being a victim of this scam

  • Secure your passwords on all your email and social media accounts. If you have lots of user names and passwords to remember, you might like a password management system like avast! EasyPass.
  • Avoid clicking attachments in unknown emails.
  • If you get an email like this, call your friend to verify the authenticity of the message.
  • Scam victims should file a complaint with the FBI at
Categories: General Tags: , ,
Comments off
August 13th, 2012

World of Warcraft Players Fall Victim to Hack

We have another entry on the growing list of hacks – Blizzard Entertainment, publisher of popular games such as World of Warcraft and the Diablo and Starcraft series, reported last week that a large amount of user account data for gamers was compromised.

“This week, our security team found an unauthorized and illegal access into our internal network here at Blizzard. We quickly took steps to close off this access and began working with law enforcement and security experts to investigate what happened,” wrote Blizzard President Mike Morhaime. “We take the security of your personal information very seriously, and we are truly sorry that this has happened.”

Stolen data includes email addresses, answers to security questions, a database of “cryptographically scrambled” passwords, and data related to dial-in and smartphone app-based two-factor authentication. users should change their account passwords immediately. You can do that here.

Jindrich Kubrec, Avast Virus Lab senior analyst gives some tips for securing your passwords:

1. Avoid anything ‘personal’ such as names and birth dates – see this list for examples of passwords to avoid
2. Avoid overly complex passwords as you don’t want to write them down
3. Don’t reuse passwords anywhere – leaks will happen in the future and you don’t want a single leak giving the bad guys keys to all the online services you use
4. Longer passwords are always better
5. Beware the phishers: always ensure you’re doing sensitive operation on the legitimate site, under a secure and verified connection. I’d also recommend never clicking on links in emails to update sensitive information Instead, manually enter the site and make changes.
6. If you can’t be bothered with steps 1 – 5, try avast! EasyPass to generate strong, unique passwords for every site you visit. The best part is that you access your passwords using one Master Password, so you don’t have to remember lots of passwords.

Comments off
June 7th, 2012

LastFM investigating passwords hack

Yesterday, LinkedIn started investigating a password leak, followed by online dating site eHarmony, and now online music streaming site LastFM has announced on their blog that they too are investigating the leak of user passwords. As a precautionary measure, they are advising all their users to change their passwords immediately. You can do that here.

Yesterday, a Russian hacker reportedly stole 6.5 million LinkedIn passwords and 1.5 million passwords from eHarmony. It is not yet known if the hacking incidents are related.

It’s worth repeating the password tips my colleague Jindrich Kubec wrote in an earlier blog post.

A simple 5 step procedure for creating new passwords:

  1. 1. Avoid anything ‘personal’ such as names and birth dates – see this list for examples of passwords to avoid
  2. 2. Avoid overly complex passwords as you don’t want to write them down
  3. 3. Don’t reuse passwords anywhere – leaks will happen in the future and you don’t want a single leak giving the bad guys keys to all the online services you use
  4. 4. Longer passwords are always better
  5. 5. Beware the phishers: always ensure you’re doing sensitive operation on the legitimate site, under a secure and verified connection. I’d also recommend never clicking on links in emails to update sensitive information Instead, manually enter the site and make changes.
Categories: General, Technology Tags: ,
January 17th, 2012

24M Zappos shoe buyers’ accounts get hacked

Just received cool new suede Pumas from Zappos last week, and this week I received an email explaining that my account was breached.

Turns out that the popular online shoe and clothing retailer was attacked by cybercriminals who gained access to parts of the internal network through one of the servers in Kentucky. One Sunday, Tony Hsieh, CEO of Amazon-owned Zappos wrote on the company blog that 24+ million customers were affected, but critical credit card and other payment data was not affected or accessed. The hackers failed to get payment card numbers, because that data is encrypted, as required by the Payment Card Industry Data Security Standard.

The company sent an email to every one of their customers explaining the situation including what information was stolen: Customer name, email address, billing and shipping addresses, phone number, the last four digits of customers’ credit card number, and/or cryptographically scrambled passwords.

Zappos took swift action by expiring and resetting passwords, and they set up a  password change webpage for customers to create new ones. “We also recommend that you change your password on any other web site where you use the same or a similar password,” the email sent to affected customers states.

As a result of stolen credentials, phishing attacks that try to steal sensitive information like social security numbers or lead you to a website that attempts to install a virus, are more likely. “As always, please remember that will never ask you for personal or account information in an e-mail,” the blog statement says. “Please exercise caution if you receive any emails or phone calls that ask for personal information or direct you to a web site where you are asked to provide personal information.”

avast! EasyPass is a fast, easy way to manage all your passwords. avast! EasyPass generates strong, unique passwords for every site you visit – with just one click. The best part is that you access your passwords using one Master Password, so you don’t have to remember lots of passwords. Learn more about avast! EasyPass.

Comments off
December 19th, 2011

Avast talks about ‘The Girl with the Dragon Tattoo’

It’s no surprise that conversation at Avast is focused on computer security. The Tuesday release of the new film, The Girl with the Dragon Tattoo, has sparked even more talk, because of the tortured heroine, hacker Lisbeth Salander. The movie is based on the first of the best-selling “Millennium Trilogy” crime novels by the late Swedish author Stieg Larsson. It revolves around journalist Mikael Blomkvist who hires the mysterious Lisbeth to help solve a cold case of a missing teenager from decades ago.

Lisbeth works as an investigator from her ordinary laptop. She gains access, and complete control in some cases, to the contents of whomever’s computer she wants and uses information from emails, work documents, bank statements, and browsing history, to satisfy her curiosity, advance the case, and ultimately to loot bank accounts.

I sat down with Jindrich Kubec, senior virus analyst at the AVAST Virus Lab, to talk about hacking, finding information on the internet, and literary license.

(Spoiler alert: elements of the story are about to be revealed) Read more…

November 4th, 2011

The end is near – Facebook’s day of Destruction

T minus 8 hours until we see if the threats of the hacktivist group Anonymous are fulfilled. November 5 is the scheduled demise of Facebook, according to a YouTube “press release” published months ago, and since removed. Last August a rally cry went out to willing hacktivists or guys who want “to protect the freedom of information” to “join the cause and kill facebook for the sake of your own privacy.” It seems that this group has the technical chops to do it too – these are the same folks who brought us publicized attacks on the IMF, Sony and the Iranian government.

However, there is an indication that the big take-down won’t happen. The OP_Facebook account which was fairly active in the beginning has been pretty dead since last month.  And the larger group has distanced themselves from the threat. Earlier today on AnonOps, one of the Twitter accounts regularly used by the Anonymous group, they tweeted, “We told you many times ddosing Facebook was a fake operation.”

So the world’s most popular social networking site will probably live to see another day. But maybe the threat of attack issued by Anonymous was designed to make us think about Facebook and their dalliances with individuals’ privacy. Facebook admitted this September that they had been tracking their 750 million users, even after they logged out of Facebook, using browsing monitoring cookies. The stated reasons were for security and fraud prevention.

We hope to see Facebook survive, if only for our thriving avast! antivirus page. It’s a great way to interact with like-minded people and learn a thing or two from you and share things about avast!. If Facebook is still around tomorrow, please share with a friend.