Tag Archives: Android

AVG

Are these the world’s greediest apps?

Leave a comment

On a typical business or vacation day, my phone barely makes it through the day: A bit of Googling here, a bit of research there, some email and gaming in between and before I know it, my battery life is down to 10% and it’s only 4pm!

It’s not necessarily my smartphone’s fault, but likely a consequence of the demanding apps that I run, often completely invisibly in the background. These apps drain not just battery life but also fill up my storage or cause a ton of mobile traffic.

Turns out, I’m not alone.

When looking at one million of our anonymous AVG AntiVirus and AVG Cleaner users, we discovered the most resource-hungry apps in the first quarter of 2015. Plus, we found the most-used apps in each category! Curious as to what’s new this quarter?

 

Key findings:

Dating & chatting apps surge into the Top 10

Android owners worldwide were trying to meet Mr or Mrs Right in the first three months of 2015. POF Free Dating entered the Top 10 and there was a new entrant at number six from the chat category, OoVoo Video & Text, which also had a noticeable impact on battery life.

 

Facebook Messenger is now the top communication app:

Facebook Messenger has previously been ranked as the third most popular communication app behind WhatsApp and Google Mail but has since overtaken them and now sits top of the pile.

Facebook Messenger

 

Samsung Knox, Samsung Push, and Beaming Service are the top battery drainers

Samsung’s KNOX security service drains the battery of your Galaxy smartphone invisibly in the background.

Knox

In addition, the built-in Samsung Push Service now also runs in the background and made it to 7th position. This service is required for ChatON, a WhatsApp rival that packaged with almost all of the company’s handsets. The good news for your batter is that Samsung turned it off on February 1st.

The top spot among battery draining apps is a background service called Beaming Service by Mobeam Inc., which also comes bundled with many Samsung phones.

Tip: See our all-new AVG Android Optimization Guide to identify and turn off such resource-hungry apps.

 

Cleaning and security apps that drain your phone

People looking to protect and clean their phone should know some of the top used apps, including Lookout Security & Antivirus and Clean Master, show up in the top spots on our lists of top battery drainers and traffic consuming apps. What’s interesting is that 88% of all measured apps in the traffic consumption category consume less traffic than Clean master, which clocked in at several hundred megabytes of data per user.

Clean Master

 

New gaming style on the rise: casino games start a new trend

In the first three months of 2015, we identified a massive spike in the use of card and casino games as well as big blockbuster arcade games.

While the casino category didn’t even exist previously due to its low usage, in the January to March period of 2015, it featured as up to 7% of usage, and arcade games also grew to 12% usage from 1.6% in the previous quarter. Solitaire and Zynga’s Livepoker stood out as particularly popular.

Conversely, we spent far less time playing casual, strategy, puzzle or family games. See graph below:

Usage Chart

Find a full list and all the data in our app report here.

 

So what are you supposed to do if you’ve got one or even many of our resource drainers installed? Our AVG Android Performance Guide will help you out with great tips to improve battery life and clean up space in no time!

For highlights from the report, check out the infographic below.

Android App Report Q1 2015

Panda Security

The Police Virus strikes again! Android systems attacked!

Leave a comment

The Spanish Police has warned of the reappearance of the Police Virus for Android.

Here we explain you how can they attack your cell phone, and what can you do to protect it!

android virus police

*** Posted June 2, 2014

A few days ago a new Android malware showed up, Android/Koler.A. It was in the news as it was actually a Police Virus / ransomware attack, similar to the ones we have seen in Windows computers, but this time it was targeting mobile phones.

Although in this case this piece of malware cannot encrypt any of the phone data, it is nasty and it is really difficult to get rid of it (without antivirus for Android), as the warning message is always on top and the user has only a few seconds to try to uninstall it.

While we were studying it, we found a new variant exactly the same as the first one but this one was connecting to a different server, in order to download the proper warning. And this server was still up… It turns out that the cybercriminals made a small mistake configuring it and left the door half-opened  Sadly, we could not get access to all the information there (there was a mysql database with all the payments, infections, etc. that we couldn’t reach ) but still we were able to download some files from the server and take a look at how it works.

I won’t go into details about the mistake they made to leave that door half-opened, as of course we do not want to help them ;)

Unsurprisingly, the way it works from the server side is really similar to the ones targeting Windows and that we have seen in the past: a number of scripts to geolocalize the device and show the message in the local language and with the images of local law enforcement. It saves information from all infected devices in the database and it takes the IMEI number of the mobile phone, adding the MD5 of the malware that is infecting the device. Doing this they can track the number of infections per malware variant and measure the success of their different infection campaigns.

This Trojan is targeting users from 31 different countries from all around the world; 23 of them are Europeans:
Austria, Belgium, Czech Republic, Germany, Denmark, Finland, France, Greece, Hungary, Ireland, Italy, Latvia, Netherlands, Norway, Poland, Portugal, Romania, Spain, Sweden, Switzerland, Slovenia, Slovakia and United Kingdom.

Users from these countries are also being targeted: Australia, Bolivia, Canada, Ecuador, Mexico, New Zealand, Turkey and United States of America.

What if you have already been infected?

Well, probably you won’t have an antivirus installed in your phone, which makes the clean up a bit difficult. The “infection” screen will be on top of everything, and this malware also disables the Back key. However the Home button will still work, so you can give it a try, push the Home buttom, go to the App menu and uninstall the malicious app:

Android ransomware

 

The bad news is that you will only have 5 seconds to do this, as the warning screens pops up every 5 seconds. What can you do then? Well, you just need to restart your phone in “safe mode“. Depending on the mobile phone you have, it can be made in different ways. Those running pure Android versions (Nexus, Motorola) only need to go to the shutdown menu and press for a couple of seconds on shutdown, until the following message shows up:

reboot mode

 

Click OK, and once the phone is restarted you can uninstall the malicious app. To go back to normal just restart the phone in the usual way. If you are using a phone with a custom Android version (Samsung, etc.), you can easily use Google to find out how it is done in your device.

We managed to grab the ransom message screens for every country, where you can find a number of known people, such as the Obama (president of the United States), François Hollande (president of France), Queen Elisabeth… It was also funny to see in the US one that they mention Mandiant (the company who showed up how China had in their army a cyber-espionage unit).

The post The Police Virus strikes again! Android systems attacked! appeared first on MediaCenter Panda Security.

AVG

Android’s factory reset may leave data behind

Leave a comment

We’ve given tips in the past about what you could do with an older smartphone, and a few of those involved donating it to charity or selling it. A vital step before doing either of these is to perform a factory reset to clear out your data. New research has emerged that says that a factory reset may not be enough to keep your data safe from some more advanced data retrieval techniques.

Researchers at Cambridge University have just released a study outlining several flaws in the way most Android handsets handle factory resets. The issue arises from the way devices store information on flash memory. Reading data has a negligible impact on flash drives, but writing new data to them can cause considerable wear.

To prolong the drive’s health, instead of deleting content directly (“writing off” the data), flash drives will instead designate memory blocks where the data resided as “logically deleted”–meaning they are available to be overwritten.

So when you perform a factory reset, those “logically deleted” content blocks aren’t being overwritten, as they are already considered “empty” by the system. Given enough time and the right tools, the researchers were able to retrieve personal data such as photos and chat logs. They were also able to retrieve the master tokens for automatically signing in to Gmail and other Google apps as well as Facebook apps an alarming 80% of the time.

 

How to protect your data

If you are looking to sell or donate your phone, there are a few things you can do  to help keep your data private. We suggest you do all of these steps:

 

Encrypt your phone before factory resetting your data.

Devices running Android 3+ or above all allow you to encrypt your phone. The option can generally be found in the settings under the Security tab. Encrypting your phone before the reset ensures that any data that survives the factory reset has to be decrypted.

The Cambridge researchers were able to retrieve some encrypted data and run brute strength attacks until they found the right passwords. So make sure you create a long password of over 15 characters, using upper and lower cases, numbers and symbols: a longer, more complex password would take years to crack. Ideally, use a password generator: you don’t have to remember this password, since you’re “erasing this data”. Now complete the factory reset.

 

Remove your device from your Google account

From a browser on a new device, go to myaccount.google.com. Under Sign-in & Security you’ll find the Device activity & notifications section, which allows you to review all the devices currently connected to your account.

Device Activity

Select your old device, and Remove it. This will prevent any automatic sign-ins from your old device.

Remove device

 

Change your account passwords

Changing passwords regularly is simply good digital hygiene, so it makes a lot of sense to change your passwords when changing devices. Even if a hacker were to somehow retrieve your passwords to your Facebook or Google accounts after the factory reset, they would no longer work.

 

Though the risks of your data being exploited this way are relatively low, it pays to take extra precautions. With these three steps, you should be reasonably secure from even a determined criminal.

As always, stay safe out there!

 

Avast

The Internet of Things (to be hacked)?

Leave a comment
The Jetsons (via philosophymatters.org)

Soon, we’ll be living like The Jetsons (image via philosophymatters.org)

By the end of the decade, everyone on Earth will be connected.
–Eric Schmidt, Google chairman

As a rule of thumb, it’s good to keep in mind that anything and everything that can be connected to the Internet can be hacked. Poorly designed or implemented systems could expose serious vulnerabilities that attackers can exploit. Now, most of us are fairly familiar with certain gadgets that can be connected to the Internet, such as mobiles devices and/or laptops, smart watches, and cars, but what about the things that are still emerging within the Internet-connected world? Some of these new items include routers, sensors, and everyday gadgets such as alarm clocks, wearables, microwaves, and grills.

When dealing with the devices that we’ve come to know and love, such as our Android phones or iPads, we already encounter a multitude of shortcomings within privacy policies, unintentional data leakages, and the transmission of tracking and personal data in clear text. Taking this a step further, it’s both intriguing and frightening to think about the challenges we will face as the Internet of Things (IoT) becomes more and more of a reality. In a recent article published by the Guardian, author Marc Goodman paints an evocative picture of a world powered by the IoT:

Because your alarm clock is connected to the internet, it will be able to access and read your calendar. It will know where and when your first appointment of the day is and be able to cross-reference that information against the latest traffic conditions. Light traffic, you get to sleep an extra 10 minutes; heavy traffic, and you might find yourself waking up earlier than you had hoped.

When your alarm does go off, it will gently raise the lights in the house, perhaps turn up the heat or run your bath. The electronic pet door will open to let Fido into the backyard for his morning visit, and the coffeemaker will begin brewing your coffee. You won’t have to ask your kids if they’ve brushed their teeth; the chip in their toothbrush will send a message to your smartphone letting you know the task is done. As you walk out the door, you won’t have to worry about finding your keys; the beacon sensor on the key chain makes them locatable to within two inches. It will be as if the Jetsons era has finally arrived.

So how can we use these space-age technologies to our advantage? Although most software is still in the process of being optimized for wearables and other emerging smart gadgets, there are three main things to be on the lookout for as we move into the IoT’s heyday:

  • Issues on devices that could result in device loss, poorly programmed apps, or attacks driven by social engineering
  • Transmission issues caused by low-level encryption on Wi-Fi or Bluetooth that could result in traffic sniffing, man-in-the-middle and redirection attacks
  • Storage issues in the cloud that could directly result in data breaches

The sure-fire way to defend yourself against these vulnerabilities is to use a VPN when connecting to open, unsecured Wi-Fi networks. Avast SecureLine VPN is available for Windows, Android and iOS.

Avast

Where is my phone? Avast Anti-Theft knows.

Leave a comment
Giri got his stolen phone back because of Avast Anti-Theft

Giri got his stolen phone back because of Avast Anti-Theft

A stranger broke into Giri C’s house last September. The thief looked through Giri’s belongings for something of value. He found a MotoE Phone and grabbed it. Mobile phones are an easy target because the thief can just slip in a new SIM card and resell the phone on the black market.

What this thief didn’t know was that Giri had installed Avast Anti-Theft protection. Avast Anti-Theft allows you to set up your desktop account or use a friend’s phone to remotely locate your device, lock it, activate the remote siren, or wipe its data clean.

When the SIM card is changed without the right permissions, Anti-Theft recognizes it and notifies you of the new number and geo-location so you can maintain contact with your phone. You can also activate a loud, customizable siren, which screams at maximum volume if the thief tries to silence it.

Giri reported the robbery to the local Bangalore police, and after a few days he received a call saying that someone had turned the phone into the station.

”When I received the phone from the police,” Giri told us, “the phone was giving the SIREN sound that my mobile is stolen due to the settings I have configured. I understand that the person who had stolen it might have tried replacing the SIM but he was not able to do it as it has locked the phone and the weird sound frightened him.”

Avast Anti-Theft has a loud alarm

The siren continuously and loudly says the following, by default, when activated: “This device has been lost or stolen!”. In the advanced settings of Avast Mobile Security you can customize what message the siren will sound, if you do not want to use the pre-set message. You can do this under “Select Sound File” or “Record Siren Sound”.

“I feel I recovered my stolen mobile only because of AVAST,” said Giri. “I thank your company for such a wonderful and useful product.”

Giri added a tip for other Android phone owners:

“More than using just anti-virus, it’s better to use software with proper tracking available which will be useful to avoid misuse of the phone, as similar features are not available in Android.”

Avast Anti-Theft is available on Google Play, where it can be downloaded for free.

 

Share your story with Avast

Share your story with Avast

Have you experienced  an attack or breach of your home network? Had your phone lost and/or stolen? We’d like to hear from you about your experience and how Avast saved the day — write to us with your story at [email protected].  If we post it on our blog, then we will send you an Avast goodie box. :-)

Avira

Scamware or why you shouldn’t believe in miracles

Leave a comment

We normally make fun of this, or just totally ignore it. We know that it probably is a scam. So, if we don’t believe those ads, why do we believe in some apps? Apps that advertise things like:

  1. Get free stuff in our shop through your favorite social network with the ‘Just click and win’!
  2. Fix your computer; increase your RAM and hard disk space all in one click with ‘Ultra Optimizer Plus’!
  3. Install this app on your phone to get ‘Sexy videos on your phone for free 😉😉 ‘!
  4. Buy the NEW SUPER SHINY (not official) Video ‘Not-Fake Player’!

Nowadays Social Networks appear to be the best places to find victims for scams. Who hasn’t seen offers like “Like and share to win an iPhone”, “See the leaked video of the last Pop Star”, “New Facebook features!” and so on Facebook? These are – of course – usually tricks to make you fall for a scam.

facecrooks has a huge list of Facebook related scam. Below are just two of the countless examples:

Free iPhones: Like the Facebook page and share the picture. It is easy to win a phone right? Wrong. There is no iPhone and you will be spammed from this page (pages can be sold as advertising spaces) because you gave them a like.

2 Picture from facecrooks.com

 
Profile viewer: Don’t you want to know if the girl from school or the boy from work is seeing your pictures? So better ask them because these kinds of plugins/features/apps don’t work. Normally behind these links you will find some PUA or Adware ready to be downloaded and installed on your computer.

3 Picture from facecrooks.com

Then there are applications that can improve the performance of your computer. We offer you Avira System Speedup. This program can defragment your hard drive or delete useless folders and registry entries. It works perfectly well and WILL speed up your PC – to some degree. But there is just no application that will perform wonders on your PC. If it is 8 years old and slow, it will just never feel like a newer machine with more RAM and a better CPU despite your efforts and you paying €50 to improve it with a random program that promises you just that. Those scam apps, apart from not fixing your computer, also create errors or problems that didn’t exist before, in order to make you pay even more money for fixes you would not have needed in the first place.

Optimizer Pro (another real world example) could be classified as scareware as well; it tells us that the computer needs to fix things that, in fact, are working correctly. It uses our fear to get us to pay for the product.

4

Scam is not getting old. It is also very present on our smartphones. Do you want an app that does things for free where others take money? It is possible, but be careful. With these applications you will usually be walking on thin ice.

Porn app for Android for example is an app that allows users to watch porn videos for free. Just accept the conditions, give them permissions and run the app as soon as you can! Ooops! Did you think ransomware was only affecting your PC? Now you also have your phone blocked.

5

When you want to get an application, try to download it from the original source if possible. Also check different sites first, since lots of applications are actually for free.

Even on a well-known and trusted site like Amazon it is easy to find scam regarding original software. VLC is a popular video player which can be downloaded for free – but believe it or not, there are actually people trying to sell it to you to make some quick bucks.

6

If you don’t trust the source, or if it looks just a tiny bit suspicious, turn around and run as fast as you can. Regarding scam applications: If you are looking for something specific, first check for another users opinions and more information, compare it with other products, and if you are still not sure, just leave it be.

In conclusion, Scamware is a waste of time and money and never does the things you were promised it was going to do. So don’t believe in these false promises of “eternal life potion”, “Ferraris for free” or “1 click super computer”.

Links:

The post Scamware or why you shouldn’t believe in miracles appeared first on Avira Blog.

AVG

Dating, Chatting and the Weather: Are These the World’s Greediest Smartphone Apps?

Leave a comment

AMSTERDAM – May 18, 2015 – AVG Technologies, N.V. (NYSE: AVG), the online security company™ for 200 million active users, releases today its latest app performance report for January to March 2015. During the first three months of the year, AVG tracked a surge in dating and chatting apps including POF Free Dating, WeChat and ooVoo Video Call in the top social installs, top battery drainers and top data plan consumption lists. In addition, no less than four weather apps, such as Yahoo Weather and Weather Channel, also appeared for the first time, making the top 10 list of Android apps most likely to burn through your data allowance, while Weather & Clock Widget Android also appeared in the top battery drainers table.

The top findings from the report are:

  • Casino games topped the charts for most overall time spent per app: This quarter saw a massive spike in time spent on Card and Casino games as well as blockbuster Arcade games, with the likes of Solitaire and Zynga’s Livepoker entering the charts. On the flip side, we spent far less time playing casual, strategy, puzzle or family games.
  • Dating app enters Top 10 installed social apps: With Valentine’s Day falling within this quarter, it’s no surprise a free dating app, POF Free Dating, entered the Top 10 most installed apps.
  • Chat apps are still the greediest apps: Mirroring previous reports, social media and chat apps continue to rank as the greediest Android apps, with Facebook, BBM, Instagram, Facebook Messenger and WeChat accounting for five of the top six most resource-hungry ‘auto-running’ apps.

 

With the host of new apps entering the charts for popularity and impact on our smartphones, AVG broke down the top 10 overall impact findings to identify impact differences between apps which require the user to initiate them and apps that auto-run all the time.

 

Autorun                                   User Run

# Name # Name
1 Facebook 1 Spotify Music
2 BBM 2 Amazon Kindle
3 8 Ball Pool 3 LINE: Free Calls & Messages
4 Instagram 4 Samsung WatchON (Video)
5 Messenger 5 Snapchat
6 WeChat 6 Netflix
7 Facebook Pages Manager 7 SoundCloud – Music & Audio
8 ooVoo Video Call Text & Voice 8 Clean Master (Speed Booster)
9 KakaoTalk: Free Calls & Text 9 Tumblr
10 Vine 10 PicsArt Photo Studio

 

  • Silent smartphone sapping apps: Facebook kept its top slot in the list for apps that drain phone resources, but a more surprising entrant was the 2D game, 8 Ball Pool, which wouldn’t seem necessary to register as a startup app and run constantly in the background.
  • Start up and drain down: although users may choose to start these apps, they may not be aware of the potential impact of using them. For example, Spotify allows 3,333 songs to be stored locally which can eat up storage, while its data-heavy music and video service can drain your data plan allowance. Many of the other apps in this category are also content-heavy and should be used with care.

 

“Many of us take every day practical apps like weather and chat for granted and despite spending little time on them, the impact on our devices is actually quite significant,” said Tony Anscombe, Senior Security Evangelist, AVG Technologies. “A number of unexpected apps such as these are consuming battery, storage, and data traffic without users knowledge – and, in many cases, for no good reason. So if you’re wondering why you’re not getting the best performance out of your device, this could well be why.”

Analyzing aggregated, anonymous data from over one million AVG Android app users, the quarterly AVG Android App Performance Report aims to reveal the top performance-affecting apps worldwide – analyzing their overall impact and performance against three key categories – battery drain, storage consumption, and data traffic use.

The full report, which breaks down the performance impact further according to battery drain, storage consumption and data traffic, can be downloaded from AVG Now.