Tag Archives: Android

Google to remove support for old versions of Android WebView

Earlier this week, Google announced that they will no longer release patches for WebView versions JellyBean and older.

WebView is a core Android component which is used to display web pages on mobile devices and has been a target for exploitation from hackers. Google’s decision to stop patching old versions of WebView could potentially leave millions of users at risk.

Here is a video of Elad Shapira, one of our mobile security experts, executing an exploit on WebView.

Video

Demonstrating a WebView exploit

 

How many people are affected?

While it’s quite common for companies to pull support for legacy products, Android is a special case as there are many devices still running old versions of the operating system.

In fact, the latest mass-market version of Android (4.4, KitKat)- only makes up 40% of the overall Android market meaning that up to 60% of all Android devices might receive no further WebView patches.

Image courtesy of  securitystreet

 

Why does this matter?

Support in the form of patches and security fixes are one of the most important ways to keep our devices safe. New vulnerabilities in operating systems and apps are found all the time and can cause privacy and security concerns for end users.

Software developers use security patches to protect fix these vulnerabilities and protect users from harm.

Having said that, Android is by its very nature open source, so there is always the possibility for newly discovered vulnerabilities to be patched by the Android community but that is a Band-Aid fix at best.

What can be done to help you keep safe?

The most straightforward step to help stay safe (and the one Google is likely hoping we all adopt)  is to upgrade to the latest version of Android. For some however, this would prove prohibitively expensive and would require the purchase of a new device.

Those with recent devices should be able to upgrade to KitKat without much problem and people with brand new devices should be on version 5, Lollipop.

As a complementary measure, having a fully updated security app running on your device will help keep you safe from most scams and malware.

AVG’s Top Blogs of 2014

2014 was a big year for the security industry and a busy one for AVG. There were high profile security breaches, some incredible new apps for our smartphones and huge game releases that pushed the performance of our devices to the limit.

 

Threats:

Heartbleed was arguably the most significant security story of the year after a crucial vulnerability was found in Open SSL, the technology used to encrypt data online. Potentially, OpenSSL estimate that as many as 66% of all websites were vulnerable.

Our blog post on how to stay safe from Heartbleed was our most popular post of the year and a follow up post later in June showing that many websites were still vulnerable comes in at number two.

One of the year’s most prevalent malware breakouts, known as GameOver Zeus was also amongst our top stories. GameOver Zeus picked up a lot of media coverage as experts gave a two week countdown until a massive suspected cyber-attack would be unleashed.

 

Mobile:

AVG had a big year for mobile with exclusive deals to protect Sony Xperia devices and we even created custom apps specifically designed for the Amazon Fire Phone’s ‘Dynamic Perspective’.

We also sealed the acquisition of Location Labs which has brought powerful security and device management features to millions of people.

In November, we release our first ever Android App Performance Report which detailed the secret ways that the apps we use can affect our smartphones. How much space they take up, how much battery they use and how much data they send.

 

Gaming:

Gaming also enjoyed a big year in 2014 with the release of many big name titles including Watch Dogs, where you play a hacker in a beautifully rendered open world. Our performance expert Sandro Villinger’s Ultimate Watch Dogs performance guide for the PC was our third most popular post this year.

Sandro also created a simple nine step guide to maximizing PC gaming performance which helped users of all abilities squeeze the most out their machines whether top of the range or 3 years old!

If you are a gamer, check out Sandro’s Ultimate performance guide to

Gaming looks set to have another big year in 2015, keep an eye out for Sandro’s GTA 5 performance review coming soon!

 

2014 was a great year at AVG and we’re looking forward to bringing you more big stories in 2015.

Happy New Year!

Improve your smartphone battery life with smart profiles

We’ve just released a new update to our AVG Cleaner for Android PRO.

In version 2.2.1 we’ve tweaked one of your favorite features, Battery Profiles, and now support Android L to help you clean up, speed up and especially boost battery life even better than before and on all the bleeding-edge devices out there.

 

So what’s new?

Despite that it started out as a cleaning app, we’ve made it a super-powerful tool to help you speed up and boost the battery life of your Android and even tell which apps drain your devices mobile data traffic, battery and storage. We’ve continued this tradition in our latest update even more.


Smarter Battery Savings with Battery Profiles

First and foremost, for the folks who love to improve battery life manually, we added a new button called “Choose Manual Settings” which puts you in charge of what features and built-in devices of your Android can drain your battery, such as Wi-Fi, Bluetooth, Mobile Data or the automatic synchronization of your files:

As you can see, we’ve also added new “On/Off” buttons to make it more clear what’s enabled and what’s not – the green indicator now shows you exactly how much battery life you can save with each tweak.

Plus, there’s a new profile called “Low Battery” which is available in the PRO version and kicks in when battery life hits a certain threshold, such as “20%” (you have to run it once and then set it up):

That’s super important when you’re nowhere near a power outlet and the phone is running on fumes. It saved my digital life more than once…

Overall, we’ve also made the “Profiles” easier to set up. Once you select a profile for the first time, such as “Car” (for when you’re on the road), we’ll walk you through what conditions and settings you can set up. In the example of car, I set it up so that AVG Cleaner for Android always disables Wi-Fi, auto-sync, screen rotation and screen time-out whenever it’s connected to the Bluetooth of my car:

That’s because I don’t need any Wi-Fi in my car. Plus, I’m using the phone as my GPS so I don’t want the screen rotating randomly or turning itself off after a while.

Download AVG Cleaner for Android now.

Mobile advertising firms spread malware by posing as official Google Play apps

As a malware analyst, I find new pieces of malware day in and day out. In fact, I see so many new malware samples that it’s difficult for me to determine which pieces would be really interesting for the public. Today, however, I found something that immediately caught my attention and that I thought would be interesting to share.

Mobilelinks

The three URLs listed above are websites that offer mobile monetizing kits, which are advertising kits that developers can implement in their mobile apps. The goal for developers is to monetize from advertisements. If a user clicks on one of the ads delivered by one of the above listed providers, he may be lead to a malicious subdomain.

The most visited of the three URLs is Espabit. According to our statistics, we know that Espabit’s servers get around 150,000 views a day and nearly 100% of the views are from mobile devices. This may not seem like that much compared to the number of Android users there are in the world, but it is still a considerable number. Espabit is trying to position themselves as a world leader in advertising, and their website may appear innocent, but first impressions can be deceiving.

 

espabit

The most visited Espabit subdomain, with more than 400,000 views during the last few months, leads app users to pornographic sites via the ads displayed in their apps. The site displays a download offer for nasty apps (no pun intended) that have malicious behavior.

image

 

The above is just one example of the malicious links; there are many others hosted on the same server. The majority of the links lead to pornography or fake apps that all have one thing in common: They all steal money from innocent users.

How do they convince people to download their app? By posing as official Google Play apps. The apps are designed to look like they are from the official Google Play Store – tricking people into trusting the source. Since Android does not allow users to install apps from untrusted sources, the sites offer manuals in different languages, like English, Spanish, German, and French, explaining how to adjust Android’s settings so that users can install apps from untrusted sources, like these malicious apps. How considerate of them.

image_1

 

Now let’s take a deeper look at what the apps are capable of doing:

All of the “different” apps being offered by the three sites listed above are essentially the same in that they can steal personal information and send premium SMS. So far, we know about more than 40 of them stored on the websites’ servers. Most of the apps are stored under different links and, again, are offered in different languages (they want everyone to be able to “enjoy” their apps). The goal behind all of the apps is always the same: Steal money.

apps code1

 

 

 

 

Some of the permissions the apps are granted when downloaded…

apps code2

 

Once you open the apps, you get asked if you are 18 or older (they are not only considerate in that they offer their product in various languages, but they also have morals!).

sexyface

 

 

sexyface2

 

After you click on “YES” you are asked to connect your device to the Internet. Once connected to the Internet your device automatically starts sending premium SMS, each costing $0.25 and sent three times a week. That’s all the app does! The amount stolen a week does not seem like much, but that may be done on purpose. People may not notice if their phone bill is $3.00 more than it was the month before and if they don’t realize that the app is stealing money from them and don’t delete the app it can cost them $36.00 a year.

This malware is actually not unique in terms of the technique it uses. However, collectively, the three websites have around 185,000 views daily, which is a lot considering there is malware stored on their servers. Not everyone is redirected to malware, but those who are, are being scammed. Considering that the most visited malicious subdomain had around 400,000 views in the last quarter, it tells us that a large number of those visitors were infected. This means these ad providers are making a nice sum of money and it’s not all from ad clicks and views.

Although many mobile carriers around the world block premium SMS, including major carriers in the U.S., Brazil, and the UK, this case should not be taken lightly. These malware authors use social engineering to circumvent Google’s security and target innocent app users via ads. Think of how many apps you use that display ads, then think of all the valuable information you have stored on your phone that could be abused.

All malicious apps we found and described here are detected by Avast as:

Android:Erop-AG [Trj]
Android:Erop-AJ [Trj]|
Android:Erop-AS [Trj]

Some of SHA256:
DBEA83D04B6151A634B93289150CA1611D11F142EA3C17451454B25086EE0AEF
87AC7645F41744B722CEFC204A6473FD68756D8B2731A4BF82EBAED03BCF3C9B

Android scam: Firms fined over $500,000 for malicious apps’ hidden subscriptions

Three UK firms have been fined over $500,000 for a scam that involved Android apps signing up to a subscription service, and suppressing notifications informing the victim they were being charged, according to The Guardian.

The post Android scam: Firms fined over $500,000 for malicious apps’ hidden subscriptions appeared first on We Live Security.

Protect your Sony Xperia for free with AVG

Having AntiVirus on your Android device is one of the most important ways to protect your data, contacts and privacy from hackers, thieves and scams. Some can even help you locate and recover your phone if you lose it.

It’s now even easier for Sony Xperia users to protect their phones as they now have unlimited access to PRO features for six months

Sony Xperia Z3 has AVG installed straight out of the box while Sony Xperia Z1 and Z2 users can download the app for free from Google Play.

When you protect your Xperia device with AVG, you get so much more than AntiVirus protection from malware and scammers.

Performance:

  • Kill tasks that are slowing down your device
  • Powerful battery saving mode to help your Xperia go further
  • Data plan tracking to help you avoid unwanted costs

Anti-Theft

  • Locate, lock and wipe your phone remotely
  • Make your phone ring even if it is on silent
  • Camera Trap will discreetly email you a picture of anyone trying unlock your phone

Privacy

  • Password protect any private apps
  • Back-up your data onto your SD card
  • Advanced call blocking and spam filtering

 

Watch our AVG Academy video on why it’s important to protect your Android smartphone:

Video

Michael McKinnon’s Mobile Safety Tips