Category Archives: Avira

Avira

Avira

Click-fraud evolved, and it has a plan

Leave a comment

We all know what malware is capable of and that’s why we use a good and reliable antivirus like Avira. But while most of the things malware does sounds horrible and scary there are some that … well, do not.

The perfect example would be click-fraud malware, a kind of malware that does exactly what its name says: It clicks on advertisement. Basically the advertiser has to pay each time a real person or – in the case of malware – a bot-infected device clicks on an ad. A recent report claims that businesses are losing as much as $6.3 billion a year to click-fraud. Crazy, right? But still nothing to lose any sleep over since you are not the one paying the bill.

According to the security researchers from Damballa though, click-fraud can evolve: “Click-fraud malware infections can become something more sinister. In May, Damballa Failsafe tracked and recorded the activity of a click-fraud infection that pulled in three additional click-fraud infections plus CryptoWall, which encrypts the files on the host system to render them inaccessible to the user. Within a couple of a couple hours a simple click-fraud infection escalated to a crippling malware infection. Suddenly, that infected device became a high-risk priority.“

If there is one lesson to be learned from all of this: No malware is too small or “unimportant” to become really dangerous at some point.

The post Click-fraud evolved, and it has a plan appeared first on Avira Blog.

Avira

Avira vs. Freemium(dot)com – We Will Protect You Against PUA

Leave a comment

The court order sets a legal precedent for how Internet security companies like Avira can protect their consumers from potential ad-ware injection, malware, and unintended downloads introduced by installer companies like Freemium.

One of Freemium’s major investors, ProSiebenSat.1 Media AG, hosts a suite of gaming sites and download sites, as well as Axel Springer’s Computerbild.de download portal, which all use Freemium’s installer software to earn money on the downloads of products they offer. Our antivirus software detects and flags unintended downloads with a safety warning, so Freemium filed a cease-and-desist letter against Avira GmbH claiming anti-competitive practices, and demanding that we should not be allowed to block the downloads.

The courts disagreed.

According to the terms of the legal judgment, our antivirus software is allowed to continue to provide a safety notice flagging these downloads as ‘potentially unwanted applications’ (PUA), in keeping with our recently published security policies. Freemium was denied its request for a cease-and-desist and, as the losing party, was ordered to pay all court costs.

“This ruling establishes a major legal milestone in the fight against misleading consumers into unintentionally installing unwanted software onto their computers,” said Travis Witteveen, CEO of Avira GmbH. “Earlier this year we established clear guidelines defining unethical software behaviour, and defining what our security software will block. We believe in ‘freemium’ and advertising-supported business models, however they must remain transparent and ethical in their implementation.”

The post Avira vs. Freemium(dot)com – We Will Protect You Against PUA appeared first on Avira Blog.

Avira

Office of Personal Management Hacked – US Government Downplays the Event

Leave a comment

The second admission followed a week later. The Office of Personel Management (OPM) announced that on June 4, a hack attack had succeeded on governmental staff – four million people affected. It now appears that an additional 18 million records were stolen. The government, communicated this as two separate events in an apparent attempt to downplay the scale.

So what happened in the alleged second hack? That 18 million Social Security numbers have been compromised, is a “preliminary, unverified, approximate” according to a letter from the Director of OPM, Katherine Archuleta. The number — 18 million – affects people working for a federal agency or who applied for funding. The data, according to US government circles, may be in the hands of spies from the People’s Republic of China. This has been flatly denied by Chinese officials.

Mrs. Archuleta was called to testify before a Congressional committee: Encryptions are not always possible due to the age of facilities. She argued, however, that even encryption would have not sufficed, because the hackers would then have copied keys and passwords.

An article from the Wall Street Journal mentions that the government described the attack as happening in two waves in orde rto downlplay the severity. In addition, the OPM had denied the disclosure of sensitive information twice, even though the FBI had informed the OPM on June 5 about the attack…

The post Office of Personal Management Hacked – US Government Downplays the Event appeared first on Avira Blog.

Avira

We Focus on Customers, Others Play Dirty Tricks

Leave a comment

Our blogpost from a few days ago, NSA and GCHQ Have Been Spying on Antivirus Companies, contained our response to recent revelations that the NSA and GCHQ had been targeting antivirus vendors located outside the US and UK. The original story was published by The Intercept, and contained an image from a PowerPoint presentation listing all the potential targets which included Avira, AVAST, and AVG, among others.

We then issued our blog post indicating that our role as a security company is to keep intruders out – even if they might be governments. So far, so good.

Yesterday though, it was brought to our attention that a German website had published an article telling readers that Avira has been attacked by the NSA and that they should instead download AVAST, AVG, or G-Data, because they are more secure. This in itself is not an uncommon tactic and definitely no reason to go ahead and write a blog post – if it would have ended here. Which it didn’t:  both AVAST and AVG have been removed from the list of targets (we’re not sure why, but perhaps to give the article more gravitas …)

Can you spot the difference?

Spot the difference - AVAST and AVG missing

Original from The Intercept (left) / Falsified image from freeware.de (right)

As you can see in the version reported by freeware.de, only Avira has been carefully encircled, while both AVG and AVAST have been removed.

Who is behind this? We are not sure, but we want our customers to be aware that this information presented is false.

The post We Focus on Customers, Others Play Dirty Tricks appeared first on Avira Blog.

Avira

Time to Patch: Loads of Security Issues in Adobe Reader and Microsoft Windows

Leave a comment

Hacker Mateusz Jurczyk from Google’s Project Zero disclosed 15 remote execution vulnerabilities, most of them for Windows and the Adobe Type Manager Font Driver. He  presented his findings at the Recon security conference and aptly named his research “One font vulnerability to rule them all: A story of cross-software ownage, shared codebases and advanced exploitation”.

According to his blog the most serious and interesting security issue he discovered so far was a really reliable BLEND instruction exploit. Jurczyk writes that “the extremely powerful primitive provided by the vulnerability, together with the fact that it affected all supported versions of both Adobe Reader and Microsoft Windows (32-bit) – thus making it possible to create an exploit chain leading to a full system compromise with just a single bug – makes it one of the most interesting security issues I have discovered so far.”

He also shared two videos in which he shows how he successfully exploits the Adobe Reader 11.0.10 using the BLEND vulnerability (CVE-2015-3052), accompanied by sandbox escapes via ATMFD.DLL in the Windows Kernel as well as a “Registry Object” vulnerability on x64 builds (CVE-2015-0090).

Jurczyk reported all of his discoveres to Microsoft and Adobe which fixed the bugs in security bulletins MS15-021 (March), APSB15-10(May) and  MS15-044 (May).

The post Time to Patch: Loads of Security Issues in Adobe Reader and Microsoft Windows appeared first on Avira Blog.

Avira

Samsung’s SW Update Says “NO” To Windows Update

Leave a comment

Yup, I get annoyed by the Windows Update popup reminders as well. Still – updating is important and at the end of the day I am quite happy that there actually are updates to patch vulnerabilities and fix issues.  Which is why it is so shocking to find out that this time it’s not actual malware that is trying to disable it but a well know company: Samsung.

Microsoft MVP Patrick Barker discovered the issue when assisting a user with a Windows Update issue.  According to him “it was figured out eventually after using auditpol.exe and registry security auditing (shown below later) that the program that was responsible for disabling Windows Update was Disable_Windowsupdate.exe, which is part of Samsung’s SW Update software.”

Luckily the Samsung SW Update tool does not come with PCs by default: Users have to download it from Samsung’s website and install it. But let’s be honest: If you buy a new laptop you often download available tools in order to keep the system up to date as easy as possible. According to VentureBeat doing so is a common practice since there were people complaining about having an update problem before.

Now, Baker even got in touch with Samsung, whose support team had to say the following: “When you enable Windows updates, it will install the Default Drivers for all the hardware no laptop which may or may not work. For example if there is USB 3.0 on laptop, the ports may not work with the installation of updates. So to prevent this, SW Update tool will prevent the Windows updates.”

Well. Disabling the Windows Update does seem a very crass solution when it comes to making sure your updates and drivers will not break with new Windows updates …

The post Samsung’s SW Update Says “NO” To Windows Update appeared first on Avira Blog.

Avira

How safe are the apps on your Android?

Leave a comment

Privacy Advisor

As the name suggests it, the newest feature offered by Avira Antivirus Security for Android allows registered users to increase the level of privacy on their smartphones and tablets by avoiding and potentially uninstalling high risk apps.

The apPrivacy advisor - android appsps that are most likely to be included in this category ask for very sensitive and personal data related permissions during the installation process.

In worst cases, malicious apps can take advantage of SMS permissions to send premium messages and register users for unwanted services, sometimes leading to financial losses.

Even if there are applications that may have an important impact on the users’ privacy, some of them have a high number of permissions related to personal data because their purpose of being demands them. These applications may either be trusted by Avira itself (e.g. Community Trusted applications) due to the developer’s reputation and/or high number of downloads or can be trusted by the user himself if he knows for a fact that the app is not a security risk.

Coming soon… on Android Optimizer

Three months after releasing its Android Optimizer app, we already helped almost 500.000 users optimize the overall speed and performance of their mobile devices. Following users’ feedback, the app has already been localized to three more languages (French, Italian and Portuguese), making it easier to use.

In order to make the app even better, our mobile development team will soon release a version that supports an always-on widget, enabling users to instantly optimize their devices, at the tap of the screen.

12 million downloads and numerous awards

Avira’s efforts of enhancing mobile security are paying off, as Avira Antivirus Security for Android excels in all Independent Labs Test results. Only last month, AV-Test nominated Avira as “The best antivirus software for Android”, with 100% detection rates and a total score of 6/6 on Protection and Usability. PCSL also awarded 5 Stars for Avira in the April edition of its Android Malware Detection Test.

More than that, 12 million users have already downloaded Avira Antivirus Security for Android, making this the best reward for the Product team.

“Avira users should feel safe and protected on every device they use to connect to the Internet. My team has the important mission of securing their mobile devices and preventing all types of attacks from happening. As private data becomes an easier target on smartphones and tablets, protecting the users’ privacy is a top priority for us. We strongly believe that a feature like “Privacy Advisor” will make it easier for people to know which app is interested in their personal information and gives them the power to decide if they agree to share it or not” said Corneliu Balaban, Mobile Development Manager at Avira.

The newest version of Avira Antivirus Security for Android (version 4.1.3643) was uploaded on the Google Play Store and can be downloaded for free.

 

The post How safe are the apps on your Android? appeared first on Avira Blog.

Avira

NSA and GCHQ Have Been Spying on Antivirus Companies

Leave a comment

While not the main target of the operation, Avira was nonetheless mentioned together with several other antivirus and security firms as being at least a target of interest (It’s noteworthy that none of the targets were US or UK companies). Since the revelation we have received various requests vis-à-vis our position and capabilities regarding this affair. We are of course more than happy to share our thoughts with you.

“Avira has frequently seen efforts by governments to write malicious software that attempts to prevent, circumvent, or disable our software from protecting our users. The goal is always the same: installing their programs on the computer users’ systems without detection. These tactics are used by malware authors of all kinds, not just governments.

We at Avira are constantly improving our defense and detection mechanisms to avoid such manipulation. We also use various other systems and utilities to detect such efforts, outside of our own products. Whether a government-funded malware writer, mafia, friend or enemy, the exploitation of applications is something that we are determined to prevent from happening,” says Travis Witteveen, Chief Executive Officer of Avira.

Let’s also not forget that Avira is a founding member of IT Security made in Germany and we pride ourselves in committing, among other things, to:

  • Exclusively provide IT security solutions no other third party can access (no backdoors!).
  • Offer products that do not cause the transmission of crypto keys, parts of keys or access recognition.
  • Eliminate vulnerabilities or avoidance methods for access control systems as fast as possible once detected.

Avira will always strive to keep those commitments, be it against your run-of-the-mill malware or attempts by governments to obtain information.

The post NSA and GCHQ Have Been Spying on Antivirus Companies appeared first on Avira Blog.

Avira

Attack at LOT leaves 1,400 passengers stranded

Leave a comment

The hack happened in the afternoon and targeted the Polish flag carrier LOT. According to a report from Reuters “hackers attacked the airline ground computer systems used to issue flight plans”. The whole situation was resolved a few hours later. Nonetheless 10 national and international flights had to be canceled and even more were delayed. Luckily none of the planes or the airport itself were affected and no one got hurt. LOT took extra care to mention “that it has no influence on plane systems. Aircrafts, that are already airborne will continue their flights. Planes with flight plans already filed will return to Warsaw normally.”

The airline also made it clear that the airport itself was not affected. Once the ‘problem’ was fixed LOT issued the following press release. “The situation after the IT attack on our ground operation system is already under control. We are working on restoring the regularity as soon as possible. Our operating center is already preparing flight plans. We will try to ensure that the largest number of passengers are  informed and continue commenced journeys.”

Spokesman Kubicki said that LOT is using state-of-the-art computer systems, so this could potentially be a threat to others in the industry as well.

The post Attack at LOT leaves 1,400 passengers stranded appeared first on Avira Blog.

Avira

Avira Threats Landscape: Visualizing threats for you

Leave a comment

Every day, thousands of different malicious programs are trying to infect as many devices as possible. The goal is the same for all of them: Get your data and if possible your money as well.

We have always been the firsts to learn about the threats that loom over every owner of a PC, Mac, tablet, or smartphone, but us having all the insights is not enough. While studying threats, keeping an eye on where they appear, and adapting our programs accordingly makes sure we keep our users as safe as possible, it’s still complicated to explain to the rest of the world why being protected is that important.

Sure, one reads about the newest threats, but only other people are affected by them, right? Especially big companies or governmental institutions seem to be the targets, so why bother at all. And that is where people are wrong. While the media most often talks about high profile cases, everyone else is at risk just as well! Every day there are millions of threats which have only one goal, namely to infect your devices. Be it your smartphone, laptop, Mac or PC – each and every one of them is at risk. Just think about the latest iOS and OS X exploits or the different ways cybercriminals try to gain control over what’s on your computer.

Check out the Avira Threats Landscape to find out where danger is lurking. #cybersecurity

Tweet

In order to make our point we decided to share our insights with you in form of an interactive map. Our Avira Threats Landscape allows you to not only see which countries are the top targeted ones but also which threats are popping up the most and how many threats were detected in your country. Take a look at it, you won’t regret it. And when you see just how far reaching and widespread those threats are, make sure to warn your family and friends as well.  The most important thing though: Stay protected!

The post Avira Threats Landscape: Visualizing threats for you appeared first on Avira Blog.