Category Archives: Avast

Avast

Avast

Fake mobile antivirus apps promise rainbows and safety forever

Leave a comment

fakeAVads4.pngAnnoying popups advertising fake antivirus apps appear in mobile browsers.

Those evil popups. We all know them, we all see them every day on our PCs while we are reading news, watching videos, or just generally – clicking. As tempting as they might sound, let me assure you that you’re not a 1000000th visitor and you certainly just didn’t win a lottery. Also no magic diet pills for you. Popups are not your friend. Close them, block them, and never trust them.

Avast

TGIF: Avast security news wrap-up for March 2016

Leave a comment

Get your Avast update on ransomware, mobile security, social media, and enterprise security.

Mac ransomware demands paymentMac users get first taste of ransomware

Mac users got attacked by ransomware in the first fully functional attack on OS X. Now that hackers have proven that Mac users are a viable target, it’s time to move on from the myth that Macs are impervious to attack and get protection. 

Locky_campaign_flow-132996-edited.pngA closer look at the Locky ransomware

Ransomware attacks targeting PC users are quite successful. New variants are introduced, but they have the same format- encrypt your files and demand payment for the key to unlock them. The Avast Virus Lab did a deep analysis of ransomware dubbed Locky. This is deep look was followed by Locky’s JavaScript downloader, which describes the phishing campaign that has emerged as the main infection vector.

Avast

Locky’s JavaScript downloader

Leave a comment

Locky is a considerable security threat that is now widely spread.

It seems that Locky’s authors are now predominately using one campaign to spread the ransomware. Last week, we published a blog post about Locky Ransomware, the ransomware that is most likely being spread by the infamous Dridex botnet. In our last blog post, we described three campaigns the Locky authors are using to spread their malware. Now Locky’s authors are mainly using the campaign with javascript packed into a zip file sent to people through phishing emails.

Avast

The top 3 things to look for in a mobile security app

Leave a comment

CEO Vince Steckler gave the crowd at CeBIT an eye-opening statistic yesterday. He said,

Avast currently has over two million malicious samples in its mobile threat detection database, and we see 12,000 new samples every day.

That fact means that your Android device needs protection. Avast Mobile Security secures your smartphone or tablet against infected files, phishing, malware, spyware, and malicious viruses such as Trojans without bogging down performance or annoying you with false warnings.

Download Avast Mobile Security for free from the Google Play Store.

AV-Test awards Avast Mobile Security

Avast

A closer look at the Locky ransomware

Leave a comment

Today, we bring you a deep look into the latest ransomware called Locky. This new file encryptor, targeting PC users, has most likely been created by authors of the well-known Dridex botnet and is spread the same way.

Locky uses all “top class” features, such as a domain generation algorithm, custom encrypted communication, TOR/BitCoin payment, strong RSA-2048+AES-128 file encryption and can encrypt over 160 different file types, including virtual disks, source codes and databases.

We monitored the Locky family this past month and discovered a second variant of the malware, which has new features and program code improvements. Locky’s authors added a new hard-coded seed to the domain generation algorithm, which allows them to deactivate Locky on Russian PCs.

Infection vector

Locky is spreading via spam email campaigns that are similar to those used by the Dridex botnet. They use similar file names, obfuscation, email content and structure of download URLs.

We have observed three different campaign versions of Locky and have described them below.

Below is an example of one of the spam emails. The emails are designed to make people believe they were sent from large companies such as Nordstrom, Symantec and Crown Holdings.


Avast

Avast at Mobile World Congress 2016

Leave a comment

Avast went to Barcelona to participate in the Mobile World Congress, the world’s largest exhibition for the mobile industry.

booth-2.jpgThis year we made a few changes and added new apps to show. Our main change was the Avast Mobile Security booth. Last year we were in Hall 5, but this year we were located in the App Planet, Hall 8.1, and we had a bigger booth! It’s a beautiful one, right? 🙂

More than 95,000 people attend the MWC and a lot of them visited our booth to discover our new apps, like Avast WiFi Finder, Avast Passwords and Avast Virtual Mobile Platform.

Avast WiFi Finder helps you connect to a widespread collection of reliable, fast, safe hotspots which are crowd-sourced by people just like you – all around the world, so you can save on monthly bills and roaming fees.

Avast Passwords helps you create strong, unique passwords for each of your accounts and save and store all your login details in a secure place. Now you don’t need to memorize or write down a bunch of different passwords.

Avast Virtual Mobile Platform lets businesses create a virtual mobile infrastructure (VMI) that streams standard mobile apps to any device. Since apps run on corporate servers, your data can’t be lost or stolen – even if your device is.

Of course, we were not only showing our new apps, everybody who came to our booth was able to see a demo of all our popular apps Avast Mobile Security and Avast SecureLine VPN.

Avast

Mac users get first taste of ransomware

Leave a comment

“The main threats targeting Mac users are mostly adware, but this new threat shows that the trend may change.”

ransomware_removal_suitcase_no_text.jpg

For Mac users, hell has finally frozen over. The first case of working ransomware targeting OS X was reported this past weekend.

“This is the first one in the wild that is definitely functional, encrypts your files and seeks a ransom,” said Palo Alto Threat Intelligence Director Ryan Olson in a Reuters interview. The researchers dubbed the ransomware “KeRanger.”

Ransomware has successfully attacked Windows and Android users, usually when a user is tricked into clicking an infected link in an email or an infected ad on a website. The ransomware then locks all the files in the system and demands money for a key that will unlock the files. (another good reason not to click on links in emails.)

Any ransomware that gets onto your device, whether a Mac, PC, or smartphone, is a serious threat. Most people are scared when they see their device has been locked and their data has been encrypted so they pay the ransom,” said Jan Sirmer, a researcher from the Avast Virus Lab. “We generally advise against paying the ransom, because this rewards the malware authors for their work and encourages them to continue spreading ransom, but sometimes it can’t be helped.” 

One of the most recent attacks locked up the servers of the Hollywood Presbyterian Medical Center in Los Angeles. Because their patient records are vital to hospital operation, they opted to pay $17,000 in bitcoin, the preferred digital currency of cybercrooks, to get them back. Law enforcement offices have been victims as well.