Avira has filed a lawsuit against the German Freemium.com download site for unfair business practices and misleading consumers into installing unwanted programs (PUA). We’re the first security vendor to stick up for customer rights and go directly after a software publisher.
The post Avira starts lawsuit against adware distribution site appeared first on Avira Blog.
Is something not right with your browser, but you can’t quite figure out what?
Here’s another reason to slow down when installing software, especially free software. A new Potentially Unwanted Program (PUP) disguised as the Google Chrome browser is sneaking onto users computers bundled with legitimate software, hidden deep within the ‘Custom’ or ‘Advanced’ settings that most people skip over. Once installed, eFast, as it has been called, serves up ads and tracks your online activities and sells personally identifiable information to advertisers.
“Read the installer screens to make sure what they actually install,” warns Michal Salat, researcher in the Avast Virus Lab. ” The Next->Next->Next->Done approach is exactly why we deal with PUPs daily. If there isn’t an option not to install some additional software, terminate the installer immediately. Better safe then sorry.”
Researchers at Malwarebytes says that eFast actually installs a new browser rather than hijacking your existing one. If you already have Chrome installed, it will replace it making itself the default browser. The fake browser uses the same source code for the user interface as the real thing making it difficult to tell the difference. It is so tricky that it even replaces shortcuts on your desktop that look similar to Google Chrome.
In addition to all that, eFast hijacks some file associations, so that it can open as many times as possible therefore having the opportunity to show you more ads! If you open a file like JPEG, PDF, or PNG, it will be opened with eFast, resulting in pop-ups, more ads in your searches, and other adware. You can see the list of file associations on Malwarebytes security blog.
Open your browser and type in chrome://chrome. The authentic Chrome browser will take you to the ‘About’ section and check if your browser software is up-to-date. It looks like this.
If you have a fake version of Chrome, then you will be taken to a fake About page, get an error, or the link won’t work. In that case, check out the removal instructions on PCrisk.
eFast is classified as a Potentially Unwanted Program, also known as a PUP. PUPs are annoyances like search bars, intrusive adware, etc. that Avast does not detect by default. However, the option can be enabled.
Follow Avast on Facebook, Twitter, YouTube, and Google+ where we keep you updated on cybersecurity news every day.
As Google Play tightens their security measures on mobile apps, hackers are moving to third party app stores. Fake apps imitating popular apps were found on the Windows Phone Store earlier this week. Now a new batch of infected Android apps imitating the real deal have been found on unofficial third-party Android app stores.
image via the FireEye blog
The new malicious adware, dubbed Kemoge, reported Wednesday by security researchers at FireEye, also disguises itself as popular applications. The apps trick the user into installing them through in-app ads and ads promoting the download links via websites. The legitimate appearing apps aggressively display unwanted advertisements which seem annoying, but in the FireEye blog researcher Yulong Zhong writes, ” it soon turns evil.”
The fake apps gain root access and gathers device information such as the phones IMEI, IMSI, and storage information, then sends the data to a remote server.
Infections have been discovered in more than 20 countries, including the United States, China, France, Russia, and the United Kingdom. Because of Chinese characters found in the code, it is believed that the malware was written by Chinese developers or controlled by Chinese hackers. The apps included Talking Tom 3, WiFi Enhancer, Assistive Touch, PinkyGirls, and Sex Cademy.
Follow Avast on Facebook, Twitter, YouTube, and Google+ where we keep you updated on cybersecurity news every day.
“I know it when I see it,” is how US Supreme Court judge Steward Potter described his definition of pornography. But when it comes to adware, the description is far less titillating: You know it when you CAN’T see how to get rid of it.
The post Know the difference between adware and porn? appeared first on Avira Blog.
Since the start of Android mobile applications growth in 2004, the number of applications which have a build-in advertisement functionality has been increasing dramatically, most of them targeting the user via mobile shop platforms.
The post Shedun: adware/malware family threatening your Android device appeared first on Avira Blog.
Lenovo has announced that LSE,a virtually unremovable software, is no longer being installed on its products.
The post Lenovo disables ‘unremovable software’ appeared first on We Live Security.
Hackers have exploited a zero-day vulnerability in the latest version of Apple’s OS X.
The post Hackers exploit OS X zero-day vulnerability appeared first on We Live Security.
Although it’s possible to use third-party apps stores safely and securely, the fact that scams do still occur in a variety of app stores shouldn’t be ignored. On Sunday, a threat was discovered by a user who posted the issue on our forum. The scam, located within the Windows Phone Store, advertised three fraudulent versions of Avast Mobile Security. These fake apps not only include the Avast logo, but also feature actual screenshots from AMS in their image galleries. Our fast-acting team has since blocked the pages and has labeled them as malicious.
Fake AMS apps collect personal data and redirect users to adware
If downloaded, these fake versions of AMS found on the Windows Phone Store pose a risk to users’ security. Here’s how they work:
The fun doesn’t stop there!
After doing some additional research, our malware analysts discovered that TT_Game_For_All, the same user that published the fake AMS apps, isn’t solely impersonating Avast. Instead, this cybercriminal has published a large collection of close to fifty apps, the majority of which cost around the equivalent of 1.99 USD. Certain apps even claim to be from other well-known companies such as Qihoo 360, APUS, and Clean Master.
Keep your eyes open for app store threats
This case goes to show that when it comes to mobile malware, it’s not only the Android platform that is vulnerable to attacks. Although Windows Phone devices aren’t currently as widely used as that of Android, it’s important to be careful regardless of the platform that you use. Finally, keep in mind that Google Play isn’t the only app store users should be paying attention to when it comes to avoiding mobile scams and threats — these threats can occur within any app store.
Follow Avast on Facebook, Twitter, YouTube, and Google+ where we keep you updated on cybersecurity news every day.
People love to try and get something for nothing, especially on the Internet where there’s all kinds of things available for nothing. But a lot of those free things are illegal and attackers have become very adept at taking advantage of users’ desire for free episodes of Gilmore Girls or bonus Dragon Ball Z content. Researchers […]
The court order sets a legal precedent for how Internet security companies like Avira can protect their consumers from potential ad-ware injection, malware, and unintended downloads introduced by installer companies like Freemium.
One of Freemium’s major investors, ProSiebenSat.1 Media AG, hosts a suite of gaming sites and download sites, as well as Axel Springer’s Computerbild.de download portal, which all use Freemium’s installer software to earn money on the downloads of products they offer. Our antivirus software detects and flags unintended downloads with a safety warning, so Freemium filed a cease-and-desist letter against Avira GmbH claiming anti-competitive practices, and demanding that we should not be allowed to block the downloads.
The courts disagreed.
According to the terms of the legal judgment, our antivirus software is allowed to continue to provide a safety notice flagging these downloads as ‘potentially unwanted applications’ (PUA), in keeping with our recently published security policies. Freemium was denied its request for a cease-and-desist and, as the losing party, was ordered to pay all court costs.
“This ruling establishes a major legal milestone in the fight against misleading consumers into unintentionally installing unwanted software onto their computers,” said Travis Witteveen, CEO of Avira GmbH. “Earlier this year we established clear guidelines defining unethical software behaviour, and defining what our security software will block. We believe in ‘freemium’ and advertising-supported business models, however they must remain transparent and ethical in their implementation.”
The post Avira vs. Freemium(dot)com – We Will Protect You Against PUA appeared first on Avira Blog.