Category Archives: Antivirus Vendors

Antivirus Vendors

Avast

As Mobile Malware Hits the Million Samples Mark It Becomes More Devious than Ever Before

Mobile malware is growing exponentially. We now have more than 1 million malicious samples in our database, up from 100,000 in 2011. Still relatively young, most mobile malware has a pretty simple structure, yet it is designed to effectively steal people’s money. Newer mobile malware is, however, adapting and evolving, slowly embracing more deceitful and complex tactics to target users.

PC malware authors started in a garage, mobile malware authors in an office

Mobile malware is undergoing a similar development as PC malware did years ago with two significant differences: First, PC malware, in its early stages, was created by hobbyists and has only slowly evolved into a serious business within the last 10 years. Mobile malware, even with its simple structure, has been a serious business from the get-go. Smartphones and tablets are capable of gathering and storing more personalized data than PCs ever did – there is an abundance of valuable data to collect, including personal data and financial information. Thus, the focus of mobile malware has always been on monetization, meaning that even early mobile malware posed real-life threats to its victims, stealing money from them. Secondly, even though malware targeting smartphones and tablets is still young, it’s developing much faster than PC malware did in its initial years.

There are multiple entry points for mobile malware; apart from malicious apps placed in app stores and in-app ads linking to malicious content, malware authors also often take advantage of bugs in mobile operating systems, in popular apps or carrier billing structures. In 2013, around 60 to 70% of malware was tailored to send premium text messages behind users’ backs, a simple trick malware authors took advantage of to get into people’s wallets. The industry is catching up to malware and retaliating – carriers in the US and other countries have banned premium text messaging services. As the industry reacts, mobile malware authors start thinking of and using much more sophisticated and deceitful ways to get to people’s money.

The next generation of mobile malware

Elaborate malware, such as ransomware and spyware, is on the rise and is slowly taking control of mobile devices and the pool of potential victims can only get larger. Google now has more than 1 billion Android users. Formerly only known on the PC platform, a Cryptolocker-like ransomware has recently targeted Android devices for the first time, scaring users by holding their devices hostage, claiming to encrypt files until the user paid the ransom. Mobile spyware, on the other hand, is capable of tracking user location and a variety of other personal data, which can later be used to hack accounts or for identity theft.

We predict that with the emergence of new technologies, malware authors will find new ways of taking advantage of them. For example, as the use of new payment methods like Near Field Payment (NFC) increases, we expect hackers will change the way they go after money.

Users need to become aware of how valuable smartphones really are – not just the hardware, but the data it contains

Mobile threats are increasing – we expect them to reach the same magnitude as PC malware by 2018. However, out of the more than 1 billion smartphones that were shipped globally last year, only a small percentage are currently protected with antivirus software.

To make mobile devices safer and more secure, we need to collectively work together – the security industry, carriers, app store providers and consumers. At AVAST, we are constantly refining our tactics to detect mobile malware, to protect our users with our free and paid solutions. Actions like major carriers in the US, Brazil and the UK no longer billing customers for most forms of commercial Premium SMS messages, thus shutting an important door for malware creators, are a great initiative – and we hope carriers in other countries will follow this step, soon. Also, stricter security rules for apps on Google Play and other app stores could help make some types of malware extinct.

In the end, it’s also up to users to protect their devices and data with security solutions. People need to understand that there are new threats being built to target their mobile devices. Phones and tablets contain people’s personal treasures, in the form of data, whether that be personal information about loved ones or bank details – all of which is interesting for cybercriminals. Therefore, it is essential that people care for their smartphones and tablets in the same way as they protect their PC, the majority of which has antivirus installed.

AVAST Mobile Malware infographic

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.

 

ESET

Chat apps leak: Billion app users from OKCupid to Grindr at risk

Nearly a billion users of a dozen chat apps for Android including popular apps such as Instagram, Oovoo, OKCupid and Grindr could be at risk from eavesdroppers and snoopers after University of New Haven researchers found serious data leakage problems.

With many of the most popular chat apps on Android affected, tech news site CNET calculates that nearly a billion (968 million) users could be putting highly private data in the hands of apps that transmit and store it unencrypted.

Many of the Android apps (the researchers focused on Android rather than iOS, although there is no evidence the iOS apps behave differently), send text wirelessly unencrypted, and store images on servers for weeks without encryption or authentication.

Chat apps leak: 12 Android apps leak text and images

According to CNET’s report, the following apps sent text, images, location maps and video unencrypted – Instagram, OKCupid, OoVoo, Tango, Kik, Nimbuzz, MeetMe, MessageMe, TextMe, Grindr, HeyWire, Hike and TextPlus.

The site notes that not every app sent every form of media unencrypted, but said that all sent at least some forms, from pictures to text in unencrypted forms.

Others stored media such as images on servers unencrypted and without any form of authentication “for weeks”.

‘Sniffer’ software reveals leaks

The researchers used PC ‘sniffer’ software such as Wireshark and Network Miner to monitor the data transmitted by the apps, and found images and text transmitted and stored unencrypted – and potentially at risk from snoopers.

In the series of YouTube videos, one researcher says, “We recorded network traffic in Wireshark, to see if files remained on the server. For Instagram, we found an image stored in their servers, unencrypted and without authentication.”

“Next, we opened up Oovoo and sent the keyword “Sparklehorse,” and it was picked up in Network Miner. Next we had Oovoo send an image. It was also picked up in Network Miner.”

CNET reports that few of the apps had replied to requests for further information, but that Grindr had said, “We monitor and review all reports of security issues regularly. As such, we continue to evaluate and make ongoing changes as necessary to protect our users.”

The post Chat apps leak: Billion app users from OKCupid to Grindr at risk appeared first on We Live Security.

ESET

Home Depot credit cards: chain confirms breach, fraud spikes

The world’s largest home improvement chain store, Home Depot, yesterday confirmed a data breach affecting Home Depot credit cards and debit cards used in stores on the American mainland, which may have continued since April.

Reports by security reporter Brian Krebs and others have said that the malware used in the attack was the same used in the Target breach, and that large-scale fraud is being perpetrated with stolen debit cards, with $300,000 withdrawn from one bank in under two hours, using what appeared to be debit card numbers used in Home Depot.

In an official release, the company said that anyone who used a payment card at a Home Depot store since April 2014 may have been affected, and the chain is to offer free identity protection and credit monitoring to customers who used Home Depot credit cards or debit card in-store. Customers who shopped online or in Mexico have not been affected, the chain said in an official release.

Home Depot credit cards: Who is at risk?

Veteran security reporter Brian Krebs said that the news had been accompanied by a spike in debit card fraud, after a vast haul of Home Depot credit card and debit card numbers were sold on an underground forum last week.

Krebs said, “multiple financial institutions contacted by this publication are reporting a steep increase over the past few days in fraudulent ATM withdrawals on customer accounts. Those same crooks also are taking advantage of weak authentication methods in the automated phone systems that many banks use to allow customers to reset the PINs on their cards.”

Home Depot said that there was no evidence PIN numbers had been compromised during the breach, and that, “Home Depot’s investigation is focused on April forward, and the company has taken aggressive steps to address the malware.”

Technology site GigaOm reports that the malware involved in the breach has been reported as being BlackPOS, the same used in the Target breach earlier this year.

“We apologize for the frustration and anxiety this causes our customers, and I want to thank them for their patience and support as we work through this issue,” said Frank Blake, chairman and CEO.

“We owe it to our customers to alert them that we now have enough evidence to confirm that a breach has indeed occurred. It’s important to emphasize that no customers will be responsible for fraudulent charges to their accounts.”

How criminals withdraw cash without needing PINs

GigaOm reports that the chain is to roll out EMV chip-and-PIN technology by the end of the year, offering a secure chip rather than a magnetic stripe which is more easily copied by malware such as BlackPOS.

Krebs said that the current glut of fraud relies on working out a customer’s ZIP code using criminal services which sell such information, starting from the ZIP code of the Home Depot they shopped at.

Krebs writes, “Countless banks in the United States let customers change their PINs with a simple telephone call, using an automated call-in system known as a Voice Response Unit (VRU). A large number of these VRU systems allow the caller to change their PIN provided they pass three out of five security checks. One is that the system checks to see if the call is coming from a phone number on file for that customer. It also requests the following four pieces of information:the 3-digit code (known as a card verification value or CVV/CV2) printed on the back of the debit card; the card’s expiration date; the customer’s date of birth; the last four digits of the customer’s Social Security number.”

Krebs said that this authentication process was weak enough that one large bank told him that a single West Coast bank had lost $300,000 in less than two hours due to debit and credit card fraud perpetrated with cards stolen in the breach.

ESET researcher Lysa Myers says, “Malware attacks on Point of Sale (PoS) systems are coming thick and fast right now.”

Myers offers a detailed guide for businesses concerned that they may be being targeted with POS malware.

The post Home Depot credit cards: chain confirms breach, fraud spikes appeared first on We Live Security.

Avira

Kyle & Stan Malvertising Hits Amazon, YouTube

The “Kyle and Stan” method is an example of a particular type of exploit known as ‘malvertising’, because it inserts malware into online advertising, so as to infect visitors of legitimate, high-traffic websites. Because online advertisements are served up by a relatively small number of ad-publishing networks that reach many popular websites simultaneously, malvertising is a very efficient means of malware distribution.

This particular exploit is called “Kyle and Stan” because the malware code contains references to specific sub-domains with the URLs “kyle.mxp2038.com” and “stan.mxp2099.com.”

Although most malvertising exploits do not harm individual users directly, they will often make unscrupulous revenue by generating fake advertising clicks, or by redirecting users to other scam websites, or installing spyware or back-doors that are later used to hijack the users’ computers for misuse, for example as botnets. In the case of the Kyle and Stan exploits, users are redirected to websites that offer a legitimate media-player app that, when downloaded, comes bundled with a malicious browser hijacker that installs itself automatically.

Unfortunately, this new threat makes detection extra difficult by creating a unique profile for each and every installation.

In the bigger picture, the Kyle and Stan malvertising exploit may represent a new style of malware distribution that is OS-agnostic and highly efficient. We may soon see an industry call for ad publishers to more carefully scan the ads that are distributed through their networks. Our experts will monitor the progress of Kyle and Stan and will inform you as we learn more.

The post Kyle & Stan Malvertising Hits Amazon, YouTube appeared first on Avira Blog.

Avast

avast! Mobile Security quiz winners!

AVAST recently surpassed a major milestone:  More than 100 million downloads of avast! Mobile Security & Antivirus for Android.

To celebrate the phenomenal popularity of avast! Mobile Security, we organized a test-your-knowledge quiz on our popular avast! Facebook page. Our goal was not only to test your knowledge and award participants, but also bring your attention to and educate users about mobile security. Our knowledge quiz wasn’t easy, but we made sure that you received a hint to answer the questions correctly. Thousands of you submitted answers to our 5 questions as well as shared your thoughts about what the greatest threat to mobile security is today.

Here are the quiz questions and answers:

  • How many Smartphones are lost or stolen every minute of every day?  The correct answer was 100! The answer was found in this blog post.
  • avast! Anti-theft helps you locate your lost or stolen mobile device. There are various methods used. Which of following is NOT one of the methods? The correct answer was ‘Communicate via your GPS device.’  The hint was hidden in this blog post.
  • Based on users’ answers in an AVAST survey, which group of people are more vulnerable to mobile malware? The correct answer was ‘Males.’ The answer was found in this infographic.
  • When was the first version of avast! Mobile Security released? The correct answer was ‘December 2011.’ The hint was hidden in this YouTube video.
  • The AVAST team demonstrated our Mobile Security product at one of the largest mobile conferences in the world. In which great city did it take place?  The correct answer was ‘Barcelona.’ The hint was hidden in the following blog post.

BLOG-en

Here are the results:

  • 2,400 participants answered all the questions correctly
  • 1,900 participants answered four questions correctly
  • 1,400 participants answered three questions correctly
  • 3,300 participants answered one or two questions correctly

We promised to give away 1,000 Premium licenses to participants. However, we changed our mind. We decided that we want to protect your Android phone and tablets, so we well be awarding everyone who answered 3 and more answers correctly with a  free license for the most trusted Android security product in the world! :)

Now check your mailbox and search for the email from us. It will contain a special voucher with instructions on how to activate your Premium license. It might end up in the Junk/Spam folder, so please make sure you double check it too. In the following blog post we will announce winners of our VIP #AVASTteddy and the lifetime license, so please stay tuned!

For those who didn’t succeed this time, we have also something.  Install avast! Mobile Security and Antivirus for FREE from the Google Play store, https://play.google.com/store/apps/details?id=com.avast.android.mobilesecurity

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.

AVG

Entrepreneurs set high standard at The Pitch, UK

Thursday September 4th , 50 budding small businesses and entrepreneurs from around the UK gathered in London to attend Southern leg of The Pitch boot-camp.

The UK’s largest small businesses competition has reached the midway stage and contestants gathered to receive further mentoring and training from industry experts, including AVG at the 15 Hatfields events venue in London.

Click here for our full gallery

The boot camp was broken down into four separate sessions:

Marketing:

This session was led by Jeffrey Ferrazzo from Constant Contact and focussed on some of the most effective strategies that emerging businesses can use to maximise their limited marketing budget. As you might expect, there was a heavy focus on winning social media strategies and how to define a brand and drive engagement in what is a very crowded environment.

Pitch (24)

 

Overcoming objections:

At some stage in its development, every business will encounter roadblocks and objections from potential clients. This lively workshop session, led by Mike Byrne from AVG, prepared each contestant with techniques for mitigating and overcoming common objections to their product or service during the sales process.

Pitch (36)

 

Financial Planning:

You can have the best product in the world but without the proper financial planning, your business may still struggle to turn a profit. A group of helpful tutors from the Institute of Chartered Accountants (ICAEW), also sponsors, were on hand in this session to help the contestants set up clear and sustainable financial numbers to back up their business plans.

Pitch (40)

 

Pitching and Presentation:

Pitching and being able to sell your business idea in as short a time as possible can often make the difference between getting investment or sales and falling short. Contestants at this year’s The Pitch were given mentoring and individual feedback from one of the leading pitch experts in the UK, Annette Kramer.

Pitch (47)

 

 

The Pitching:

After a busy day of thorough training and preparation, all 50 competitors had only 90 seconds to pitch their business, on camera, to the rest of the attendees. The business ideas were as varied as the competitors themselves and there were excellent pitches for everything from lifesaving medical equipment to artisan marshmallows to workplace pension brokers.

Click here for our full gallery

The next phase:

The next step of The Pitch will be the Northern leg of the boot-camp to be held in Manchester later in September. After both boot camps have taken place, the video pitches will be narrowed down from 100 to 30 applicants to proceed to the final where a winner will be chosen by a panel of judges including AVG’s own Judith Bitterli.

The overall winner of The Pitch will win a priceless prize package that includes expert mentoring from business leaders and free access to world leading products and services including free AVG CloudCare services for two years.