Tag Archives: AVG Technologies

Crypt888 Ransomware Has Facelift as It Seeks Fresh Victims

We’ve been following the slow evolution of an interesting strain of ransomware we have named ‘Crypt888’, which is unlike other strains that have reported on over the past few months.

 

Crypt888 has been focused on experimenting with user interfaces rather than improving its code, serving up ransom instructions in a variety of languages including Italian and, most recently, Czech.

In June 2016, AVG’s Virus Lab released six free decryptors for the recent strains of ransomware. We continue to monitor the situation, ready to update the tools as the ransomware evolved.

Our research uncovered one strain, Crypt888, behaving differently to the others. Instead of improving the code, the malware authors were focused on experimenting with the user interfaces such as changing the language of the ransom message.

This means that the underlying Autolt script remains the same in the previous versions … but oddly, the ransom instructions are served up in the Czech language only in the latest version.

This is how we identified and tracked the evolution of Crypt888’s.

Tracking a threat

Crypt888, also known as MicroCop and Mircop, is one of the many ransomware strains discovered in 2016 and its evolution has been very specific. After analyzing various samples, we found that the wallpaper containing ransom instructions is the only part of Crypto888 that has changed.

The underlying AutoIt script has remained more or less the same in all the known versions of this strain. So too has the encryption algorithm, encryption key, file names, and various other components, which is not so usual. While this means our decryptor can rescue your encrypted files, it means that the way in which Crypt888 presents itself keeps changing. In the latest version, the instructions appear in Czech.

Changing the language in which the ransom message is delivered has been a hallmark of this particular threat. We tracked several evolutions of Crypt888 from its first appearance in June this year.

  • The ‘Guy Fawkes’ version, June 22, 2016: first known version of this ransomware
  • The ‘Business Card’ version, July 8, 2016: this version appears and looks like a test version as there are no payment instructions
  • The ‘Italian’ version, July 29, 2016: this version had several new features and the errors in the language suggest machine translation
  • The ‘Czech’ version, September 21, 2016: the latest variety appears in yet another language, again with errors suggesting the author is not a native speaker

The first encounter

The first known version of Crypt888 appeared as black wallpaper with the image of a Guy Fawkes mask, a notorious symbol usually associated with Anonymous. The message accused the victim of stealing 48.48 Bitcoins ($30,000) from ‘the wrong people’ and requesting its return.

The threat intimated there would be repercussions but there were no details about how to comply with repayment or how the decryption process would work after payment was made. This is probably the reason why we found only one transaction to the provided bitcoin address so far.

/var/www/now.avg.com/18.47.0/wp content/uploads/2016/10/crypt888 ransomware screenshot new

Testing, testing, 1 – 2 – 3

A few weeks later, we identified a second version. This time, the wallpaper with the story and related accusations were gone. In fact, there were no payment instructions at all and instead, the wallpaper contained the “business card” (as seen in this video).

We have no clear explanation why this particular image has been used but we think it was probably a test version based on a fact that there were no instructions or payment addresses provided to victims.

Just in case, however, we released a free Crypt888 decryption tool, which was able to recover files encrypted by both of this and the earlier version.

/var/www/now.avg.com/18.47.0/wp content/uploads/2016/10/crypt888 ransomware screenshot new2

The Italian affair

Three weeks later, we identified yet another version of Crypt888 which had multiple changes. While the AutoIt code was once again similar to the previous versions and the same algorithms used – so our decryption tool is still fully functional for this version –  the code was obfuscated.

There was a new image which contained ransom instructions in Italian, with typos and errors that suggest machine translation. In addition, this version of Crypt888 did not create the text file LEGGIMI.txt, which should contain the payment instructions. This means victims would find themselves left with encrypted files and no instructions as to how to recover them.

/var/www/now.avg.com/18.47.0/wp content/uploads/2016/10/cryptoware

Czech-mate

Malware researcher S!Ri identified this latest version one month after the Italian version. We investigated further and found its code is no longer obfuscated, and essentially, it’s the same as the first two versions with the wallpaper being the only notable difference.

These ransom instructions this time appear in Czech and are a departure from previous versions in terms of content. Firstly, the ransomware claims that it is a ‘Petya ransomware 2017’. But don’t be fooled – it is not. This is probably a maneuver to fool victims hit by Crypt888 that are trying to find a free fix online.

Petya is a much more sophisticated piece of ransomware and it is not decryptable at the moment. This is not the first time one ransomware strain has pretended to be another; we observed lesser known ones have masqueraded as a more famous one, such as TeslaCrypt, CryptoLocker, or CryptoWall on a number of occasions.

The Czech version also differs in that the ransom amount is ‘only’ 0.8 Bitcoin ($480 at the time of writing). The number reflects an apparent fixation with the digit ‘8’ as it is heavily used across the program: in the ransom amounts, the configuration of the encryption algorithm, the created file names, etc. That’s why we chose the name Crypt888 when we identified it.

Another change is that victims are threatened with a five-day deadline to pay, and two email addresses are provided for the victim to send proof of payment (and to receive the decryption tool, allegedly) yet no penalties are mentioned if the deadline is missed.

Finally, the authors hint in the text about the ransomware’s origin with the sentence which, when translated, means “We belong to Czech/Russian Hackers”. Based on the accuracy of the available text and code quality, it is hard to believe those claims, as it contains many typos, incorrect word order, odd mixtures of text with and without Czech diacritics, and other errors. More likely, the text was created by machine translation, like the Italian version.

/var/www/now.avg.com/18.47.0/wp content/uploads/2016/10/crypt888 ransomware screenshot new4

At the time of writing, we have not found any further language variants of this ransomware and can reassure people that our free decryption tool will work for all the versions described here.

We suspect the authors of Crypt888 are still producing new versions of their ransomware. Their technique is in contrast to authors of other ransomware families in that they focus primarily on changing graphics and preparing fake stories rather than on improving their code. We are continuing to monitor for any new variants that will make it necessary to adapt our decryption tool to ensure victims have a means to mitigate a Crypt888 attack.

A Fresh Start for Google’s Pixel: Tips for Your New Android Phone

As the anticipated release of the Google Pixel nears, it may be time to check those old storage habits to ensure your new Android phone performs at its maximum capacity.

 

We’re all waiting with bated breath for Google to release the new Pixel phone tomorrow—it’s rumored to have twelve megapixels in the rear camera and Full HD display to view your photos.

While Android enthusiasts are bubbling with excitement about the new features, better images typically also mean heavier files. And you can bet that one platform agnostic behavior will remain: extraordinary laziness in clearing out bad and/or duplicate photos.

AVG Technologies recently collected data from 1.5 million users of AVG Cleaner for Android—which creates more space, speed, and battery life for your phone or tablet—and found that the app helped users quickly delete 26 million bad photos and 30 million similar photos. The bad photo overload phenomenon is global, and life is too short to spend even a minute manually scrolling through thousands of pictures to identify and remove the trash.

AVG Cleaner is free, and you can install as soon as you get your shiny new Pixel to make sure your old habits don’t mar your new phone. And it isn’t just a one-time solution: Cleaner can also quickly remove hidden clutter, unused apps, call history, your largest files, and more to free up space for the apps, photos, and music you love most. Just turn on Auto Clean Reminders and AVG Cleaner will automatically find the clutter for you and let you clean it with a simple reminder in the notification panel of your phone or tablet. It’s that easy.

Regardless of how you keep your phone running, it’s always fun to start with a clean slate. We can’t wait to see what other features Google unveils at tomorrow’s event!

Avast Closes Acquisition of AVG Technologies

Avast Software, the leader in digital security products for consumers and businesses, today announced it has acquired a majority stake in AVG Technologies after completing the initial offering period.

 

Prague, Czech Republic / Amsterdam, The Netherlands, September 30, 2016Avast Software, the leader in digital security products for consumers and businesses, today announced it has acquired a majority stake in AVG Technologies after completing the initial offering period of its tender offer for all of the outstanding ordinary shares of AVG Technologies N.V. (NYSE: AVG). Therefore, they will operate as a single company as of Monday, October 3, 2016.

Vince Steckler is named the chief executive officer of the new Avast, overseeing more than $700M in revenue for 2016 for the newly-combined entity. Avast has transformed into a full service security company with the largest Consumer installed base in the world, and with significant Mobile, SMB and Mobile Enterprise businesses. As of the completion of the initial offering period of the tender offer, AVG’s CEO Gary Kovacs will be departing, but will be available on a consulting basis throughout the transition.

“The combined company now has over 400 million users, more than 40% of the world’s consumer PCs outside of China and the largest consumer security installed base in the world. If they were a country, we would have the 3rd largest population in the world,” said Vince Steckler, chief executive officer. “The US is now our number one market with 58 million users. We truly have global reach and are proud to be the most popular choice for security in the world.”

“We now have the technical breadth to provide superior protection for our customers. For example, our combined threat labs will have teams dedicated to emerging threats affecting consumers. These include social engineering threats, which are commonly used to target IoT devices, and ransomware, which we are fighting with machine learning technology. We believe we are now better equipped than ever to outsmart those who want to do harm to people online.”

By acquiring AVG, the new Avast has stronger protection for its customers. Avast now:

  • Has the largest threat detection network in the world with more than 400 million endpoints that act as sensors, providing information about malware to help detect and neutralize new threats as soon as they appear
  • Has what is probably the world’s largest security-focused cloud and machine learning network comprising over 9,000 servers and supporting 50 million simultaneous connections to provide instantaneous protection to its users
  • Prevents around 1 billion malware attacks per month
  • Blocks more than 500 million malicious URLs per month
  • Blocks around 50 million phishing attacks per month
  • Processes 9 million new executable files every month, 25% of which are malicious, giving Avast even faster and deeper insights in the threat landscape

With the acquisition, Avast expands its SMB business and adds AVG’s strong reseller base, enabling Avast to support more and larger organizations. Avast is also gaining Location Labs and its carrier business, which Avast plans to invest in and expand overseas. Due to the closed infrastructure of mobile operating systems, mobile security and privacy protection technology is stronger when embedded in the carrier infrastructure. The Location Labs technology essentially provides a cloud-based solution to customers, bypassing the inefficiencies and insecurities of running within the mobile operating system.

Avast plans to create more and better products that will defend against the growing number of threats in the market. The company will continue to offer both the AVG and Avast branded products for the foreseeable future and to support all customers and partners for both product lines.

“We want our customers to be reassured that whether you use an AVG product or an Avast product, we will continue to support you. We are nothing without our customers and partners who have helped us get to where we are today,” said Vince Steckler.

As a result of the acquisition, Avast holds approximately 87.3% of AVG’s outstanding shares acquired upon the closing of the initial offering period for the tender offer. Avast also announced that it has commenced a subsequent offering period to provide AVG shareholders who have not yet tendered their shares the opportunity to do so. The subsequent offering period is scheduled to expire at 11:59 p.m., New York City time, on October 14, 2016, unless extended. As described below, Avast plans to voluntarily delist AVG’s shares from the New York Stock Exchange promptly following the subsequent offering period.

The Transaction

On July 29, 2016, Avast Software B.V. and its parent company, Avast Holding B.V., commenced a tender offer to acquire all of the outstanding ordinary shares of AVG Technologies N.V. at a purchase price of $25.00 per share in cash, without interest and less applicable withholding taxes or other taxes. The initial offering period for the tender offer and withdrawal rights expired at 11:59 p.m., New York City time, on September 29, 2016. Based on information provided by the depositary for the offer, a total of 44,543,555 shares, representing approximately 87.3% of the aggregate number of shares outstanding, had been validly tendered and had not been properly withdrawn as of the initial expiration of the offer (excluding 2,809,498 shares, representing approximately 5.5% of the aggregate number of shares outstanding, tendered pursuant to guaranteed delivery procedures that have not yet been delivered in settlement or satisfaction of such guarantee). Avast Software B.V. and Avast Holding B.V. have accepted for payment all shares that were validly tendered and were not properly withdrawn from the offer, and payment for such shares will be made promptly in accordance with the terms of the offer.

Avast Software B.V. and Avast Holding B.V. also announced today the commencement of a subsequent offering period scheduled to expire at 11:59 p.m., New York City time, on October 14, 2016. Avast may extend the subsequent offering period to provide for a minority exit offering period of up to 10 business days to provide AVG shareholders who have not yet tendered their shares the opportunity to do so. All shares validly tendered during the subsequent offering period will be immediately accepted for payment, and tendering holders will thereafter promptly be paid the same form and amount of offer consideration as in the initial offering period. The procedures for tendering shares during the subsequent offering period are the same as those applicable to the initial offering period, except that (i) the guaranteed delivery procedures may not be used during the subsequent offering period and (ii) no withdrawal rights will apply to shares tendered during the subsequent offering period.

As more fully described in the offer to purchase, if the number of shares purchased during the subsequent offering period (including, if applicable, the minority exit offering period), together with the shares purchased during the initial offering period, is equal to at least 95% of the outstanding ordinary shares of AVG, Avast expects to acquire the ordinary shares of AVG that were not tendered into the tender offer through the compulsory share acquisition process under Section 2:92a/2:201a of the Dutch Civil Code. If the number of shares purchased during the subsequent offering period (including, if applicable, the minority exit offering period), together with the shares purchased during the initial offering period, is less than 95% of the outstanding ordinary shares of AVG, Avast plans to effect an asset sale pursuant to which Avast will acquire substantially all of the assets, and assume substantially all of the liabilities, of AVG promptly following the tender offer. Following the completion of the asset sale, AVG will be liquidated and the remaining minority shareholders of AVG will receive cash distributions with respect to each ordinary share owned by them equal to the per share cash consideration paid in the tender offer less any applicable dividend withholding tax or any other taxes.

As soon as practicable following the completion of the subsequent offering period (including, if applicable, the minority exit offering period), AVG intends to voluntarily delist its shares from the New York Stock Exchange. AVG also intends to deregister its shares under the U.S. Securities Exchange Act of 1934 (as amended, the “Exchange Act”) and to suspend its reporting obligations under the Exchange Act, but will only be eligible to do so upon satisfaction of the applicable requirements for deregistration.

AVG has submitted written notice to the New York Stock Exchange of its intent to voluntarily delist its shares from the New York Stock Exchange in connection with the tender offer. AVG intends to file a Form 25, Notification of Removal from Listing and/or Registration under Section 12(b) of the Exchange Act, with the U.S. Securities and Exchange Commission to delist its shares promptly following the subsequent offering period. Delisting from the NYSE is expected to become effective 10 days after the filing date of the Form 25.

The AVG shares will not be listed or registered on another national securities exchange. Delisting is likely to reduce significantly the liquidity and marketability of any AVG shares that have not been tendered pursuant to the tender offer.

Advisors

Jefferies International Limited is acting as exclusive financial advisor, and White & Case LLP and De Brauw Blackstone Westbroek N.V. are acting as legal advisors to Avast. Morgan Stanley & Co. LLC is acting as financial advisor to AVG, Bridge Street Securities, LLC is acting as financial advisor to the supervisory board of AVG, and Orrick, Herrington & Sutcliffe LLP and Allen & Overy LLP are acting as legal advisors to AVG.

Forward-Looking Statements

This press release contains forward-looking information that involves substantial risks and uncertainties that could cause actual results to differ materially from those expressed or implied by such statements. All statements other than statements of historical fact are, or may be deemed to be, forward-looking statements within the meaning of the federal securities laws, and involve a number of risks and uncertainties. In some cases, forward-looking statements can be identified by the use of forward-looking terms such as “anticipate,” “estimate,” “believe,” “continue,” “could,” “intend,” “may,” “plan,” “potential,” “predict,” “should,” “will,” “expect,” “are confident that,” “objective,” “projection,” “forecast,” “goal,” “guidance,” “outlook,” “effort,” “target,” “would” or the negative of these terms or other comparable terms. There are a number of important factors that could cause actual events to differ materially from those suggested or indicated by such forward-looking statements and you should not place undue reliance on any such forward-looking statements. These factors include risks and uncertainties related to, among other things: general economic conditions and conditions affecting the industries in which Avast and AVG operate; the uncertainty of regulatory approvals; AVG’s delisting from the New York Stock Exchange and suspension of AVG’s reporting obligations under the Exchange Act and to consummate the transactions and their plans described in this press release; and AVG’s performance and maintenance of important business relationships. Additional information regarding the factors that may cause actual results to differ materially from these forward-looking statements is available in AVG’s filings with the U.S. Securities and Exchange Commission, including AVG’s Annual Report on Form 20-F for the year ended December 31, 2015. These forward-looking statements speak only as of the date of this release and neither Avast nor AVG assumes any obligation to update or revise any forward-looking statement, whether as a result of new information, future events and developments or otherwise, except as required by law.

Additional Information and Where to Find It

This press release does not constitute an offer to purchase or a solicitation of an offer to sell any securities of AVG. The solicitation and offer to purchase ordinary shares of AVG is being made pursuant to a tender offer statement on Schedule TO, including an Offer to Purchase, a related letter of transmittal and certain other tender offer documents, filed by Avast with the SEC on July 29, 2016 (as subsequently amended, the “Tender Offer Statement”). AVG filed a solicitation/recommendation statement on Schedule 14D-9 with respect to the tender offer with the SEC on July 29, 2016 (as subsequently amended, the “Solicitation/Recommendation Statement”). AVG shareholders are urged to read the Tender Offer Statement and Solicitation/Recommendation Statement, as they may be amended from time to time, as well as any other relevant documents filed with the SEC, carefully and in their entirety because they will contain important information that AVG shareholders should consider before making any decision regarding tendering their securities. The Tender Offer Statement and the Solicitation/Recommendation Statement are available for free at the SEC’s website at www.sec.gov. Copies of the documents filed with the SEC by AVG will be available free of charge on AVG’s website at investors.avg.com.

The secret security trick that will help protect Yahoo! users

Yawn, another data breach. This time it’s Yahoo! that’s affected. Despite news outlets proclaiming it’s the biggest breach of its kind, how many of us even lifted an eyebrow?

 

Are we in danger of becoming complacent when data breaches are being disclosed so frequently and seem to grow in size?

Every month, or less, another story hits the press about a data breach and we are told to hurry along and change our passwords. Now, don’t get wrong – this advice is good. Changing passwords, protecting email accounts, enabling two-step authentication and generally being more vigilant and secure about our online activities are all things that will help stop the bad guys getting too much access to our online life and private information.

But let’s consider the fact that the Yahoo! data breach, which happened in 2014, affects an estimated 500m user accounts and the data exposed may include email addresses, phone numbers, date of birth details, encrypted passwords and, in some cases, security questions. Even if you go and change your passwords today, there may already be an opportunity for cyber-criminals to reset or access your other online accounts as some of this information has already been released by the hackers.

In the face of a breach with such far-reaching implications, maybe it is not that we are complacent, but that we simply don’t know what we can do after the fact. There are a few simple actions we can take, however, that will help.

Stop trusting the traditional password and move to two-step authentication, if you haven’t already. This may sound complicated but it’s a concept you already know from every time you use your ATM card. You have the card and you know the PIN; but without both parts, the card will not work in an ATM machine.

For an online account, the two factors might be your phone and the contents of a text message sent to you at login. It doesn’t have to be inconvenient, either. Some companies only invoke this stronger login process when you try accessing an account from a new device, which seems like a good compromise.

For Yahoo! users, it might be a relief to know that Yahoo! has a fairly unique security system that is called account key. If you are about to change your Yahoo! password, I recommend taking the extra step and switching this service on.

It simplifies logging in by connecting your login request with the Yahoo! app on your phone. The browser login screen asks for your Yahoo! ID, then displays a page that says it’s waiting for confirmation to login.

/var/www/now.avg.com/18.47.0/wp content/uploads/2016/09/yahoo

Meanwhile, your phone will receive a notification asking you to confirm the login with a simple click of a button – yes or no.

Who do you trust with your online data?

Dropbox recently disclosed that 68 million of its user’s login credentials were published after it was initially hacked back in 2012. Does changing a password now really make a difference?

The file servicing company is back in the spotlight after the login details of 68 million of its users were published after it was hacked back in 2012. Dropbox has taken the usual, sensible approach by reminding people to change their passwords regularly in any case and, in particular, when the security of any online provider they use has been compromised.

It has also initiated a push reset that changes all the passwords of those potentially affected to ensure no one was missed, reassuring impacted users that even if their previous passwords were compromised, their accounts cannot be accessed.

While companies suffering an unfortunate hack often recommend resetting passwords, few take the step of actively encouraging users to use 2-step authentication. In its blog, Dropbox recommended this approach – but its email notifications only mention passwords; the same is true of their help page on ‘Email and Passwords’.

I am sure, however, that we are not too far away from a company enforcing enhanced security, such as 2-step authentication, on its users. AVG recently conducted a poll in the US and UK to find out who people think is responsible for their online data. Against this backdrop, the findings are interesting.

Those who are most responsible for keeping online data safe are any businesses that store personal data (74%), banks (66%) and online security companies (57%). Only banks and security companies were seen as taking this responsibility seriously enough by 74% and 63% of people respectively.

So it seems that people expect a company like Dropbox to take responsibility for keeping their users’ data safe but they don’t necessarily think such businesses take this seriously enough. In addition, 86% of people polled said that personal identification data was the type of information they were most concerned about sharing, and having collected by businesses.

It’s great to see that people are aware – and concerned – about how other entities handle their private data and what degree of responsibility they take for holding that data. The news about Dropbox merely confirms that we can’t simply trust companies to keep our data safe.

So if you are affected by this breach, or have been affected by any other, then I recommend taking two steps to try to remedy the situation.

Firstly, secure any online accounts, such as banking or social media, by ensuring they aren’t using the same email and password combination. If you are re-using login details across multiple accounts, change them and use two-step authentication if possible, such as a password and a back-up phone number or other account.

Secondly, be alert to suspicious activity on your accounts such as receiving any potentially fake emails. If your data is at risk for having been compromised, you should validate these as genuine by contacting the company that sent them directly or visiting their website before taking any of the action suggested by the email.

Finally, as you would expect, I always recommend having a good internet security product on your PC or mobile devices. Whether you use a laptop or a tablet to access your online accounts, you should always ensure you are as protected as possible against any hacks, phishing tricks or spam emails because as we have seen, we can’t rely on other people to keep us safe online.

Finding too much in your Pokémon app?

Are you addicted to the augmented reality of Pokémon Go yet? If so, then you are not alone and if not, beware of playing the game because you might be.

 

But be careful, whether you are an existing or new player as with any craze as popular as this then cyber-criminals see an opportunity to make some cash.

In the last week several security researchers have released details of threats ranging from fraudulent social media accounts to malware infected apps available in the Google Play store.

The malware infected app found by security researchers this week was available in the Google Play Store and is reported to have been downloaded over 500,000 times. The apps malicious payload is capable of taking root access rights on a user’s phone. The app masqueraded as a ‘Guide for Pokémon Go’, leveraging the huge success of the game to dupe people into downloading an app that could then uninstall/install apps or display unwanted adverts.

The research on social media accounts found 543 accounts related to Pokémon Go across Facebook, Twitter and Tumblr with over 30% (167) of them delivering fraudulent content to their visitors. With a mix of downloadable game guides, imposter accounts and free giveaways affecting both desktop platforms and mobile devices delivering adware, malware or software not related to the content advertised.

With cyber-criminals motivated to cash in on the phenomena we strongly recommend that vigilance is needed when downloading or researching details about the game and the best way to play.

If you think you may have clicked a bad link or downloaded a rogue app then download AVG AntiVirus for Android, it’s free and detects malicious app downloads in real-time. AVG detects the threat from the malicious app mentioned above and our researchers work 24×7 to ensure that we bring you protection to threats as they happen.

Stay Safe While Online Shopping Labor Day Sales

What’s your Labor Day weekend going to comprise of? If it involves hitting Labor Day sales and shopping online or reviewing finances, stay safe with some tips to stay safe.

Labor Day is a US and Canadian public holiday of festivities held in honor of the working people, very similar to May Day in many other countries. This holiday,make sure you’re not creating yourself additional work and take precautions when online.

Staying safe online, whether shopping in the Labor Day sales or posting pictures of a family day out, it’s an important part of our everyday lives. The risk of identity theft or fraudulent transactions being posted on your credit card will undoubtedly create more work for you and turn the festivities into a nightmare.

 

Below are a few tips to help you stay safe.

  1. Visit websites from brands that you trust. Searching for something online may bring up the bargain of a lifetime but if you have not heard of them and they have no positive reviews to validate them my advice is to stay away. If it sounds too good to be true, then it probably is.

/var/www/now.avg.com/18.47.0/wp content/uploads/2016/09/laborday1

  1. Make sure the checkout page is secure. The example below from the Bank of America shows the company name appearing in green meaning they have Extended Validation Certificate. The certificate means the highest level of SSL encryption and the company verified it is a legitimate entity to the certificate issuer. The padlock gives us visual identification that data between your browser and the server is encrypted so no sneaky cyber-criminal can see what you are doing.

 

/var/www/now.avg.com/18.47.0/wp content/uploads/2016/09/laborday2

 

  1. Consider checking out as a guest, retailers want you to register so they can communicate offers to you and provide convenience with account information and delivery addresses. If this is a retailer you do not frequent commonly then you probably don’t need an account or your data being kept on their servers. If you do create an account click the option not to store payment details, that way if the retailer does have a data breach then your card details should be safe.

/var/www/now.avg.com/18.47.0/wp content/uploads/2016/09/laborday3

 

  1. Make payments with a single card with a limited credit limit. Having a specific card for online shopping limits problems to a single card and limiting the amount you can spend on the card restricts potential damage should the card details be compromised. Consider paying using other methods, for example PayPal’s buyer protection.

/var/www/now.avg.com/18.47.0/wp content/uploads/2016/09/laborday4

 

  1. If you’re on a mobile device then consider paying through ApplePay or AndroidPay. Many of us may still feel uncomfortable paying through our phones but the new payment methods provide additional security to protect us. In the case of both of the aforementioned services your credit card data is never transmitted keeping you in control of your data./var/www/now.avg.com/18.47.0/wp content/uploads/2016/09/laborday5/var/www/now.avg.com/18.47.0/wp content/uploads/2016/09/laborday6
  2. Keep away from infected or rogue websites by ensuring you have up to date security software, such as AVG. Available for both Windows, Mac and Android, with free and paid options it’s easy to stay protected.

 

We want your Labor day to be the celebration it is meant to be. Taking precautions online will help ensure this. If you do find yourself in a situation that your card or bank account have been subject to fraudulent charges then contact the bank or financial organization immediately and put a stop on the card.

Have a great labor day, stay safe America!

A generation of connected kids

As many of our kids have returned, or are in the process of returning back to school, we should expect to see different behavior patterns in their usage of devices.

 

Hopefully one of those changes will be to use them for studying.

As parents we want our kids to have a balanced life of being online while still appreciating the need to have life skills, such as actually speaking. Our concerns are not new, back when the wireless (radio) was invented I am sure parents told their kids to stop listening to that box, in the same way my parents told me I would get square eyes if I watch too much TV.

Controlling the balance can be tricky, especially when our kids only know a life that’s online and the normal way to communicate. It’s important that device time is understood as a privilege and not a right. Some parents have contracts with their kids stating what is expected of them when using a device, while others do nothing and some block or monitor access.

When thinking about screen time one of the first things to do is walk around the house and count the numbers of devices that are connected. Many of us forget that games consoles and some toys are now connected devices, so asking your child to put down their phone just to see them pick up another connected device might not be achieving the goal of having a balance.

In my house we strike the balance through communication and education, this has worked well for us. One of the first things we implemented was ‘the basket’, a place where phones live during meals times and overnight. This drives conversation at the meal table and texting, posting or gaming late at night has never been an issue. The biggest challenge here is can you as an adult commit to putting your phone in the basket!

Understanding what your kids do online is important. Effective monitoring through parental control software or using software on an internet router, such as the Ally System, supported by AVG, from Amped Wireless will give you oversight that will allow you to have conversations about inappropriate use and behavior. The insight of knowing that your child is spending 3 hours a day on social media should encourage you to have a conversation about time well spent.

Many of these technologies also offer the ability to block, while blocking inappropriate content is a good idea limiting your kids access through blocking will push them underground to connect in other locations such as public libraries, coffee shops or their friends house. And remember their smart phone probably has it’s own access. My point here is that you cannot control their access everywhere, so it is better to educate them having the knowledge of what is being accessed so that they behave well wherever they are and they have the principals to stay safe.

Another important element to limiting both screen time and keeping them safe is understanding the functionality of the apps they run. Listen to your kids talking to their friends about what they use, talk to them to find out and then go off and download the same apps.

AVG equals 100% with no mistakes

AVG’s perfect test score for real world protection translates into an Advanced+ award from AV-Comparatives. You can go about your daily browsing knowing you have award winning protection from AVG.

 

AV-Comparatives have just released the Real-World Test scores for July. One company stands out from the rest with a ‘Perfect Game’, 100% detection with zero false positives, AVG. The term Perfect Game is a baseball reference when a pitcher plays the whole game with none of the opposing team getting to first base. For the soccer fans out there we might refer to this as a ‘clean sheet’.

It sounds great but what does it all mean?

Real-world testing means exactly what it says, the researchers at AV-Comparatives identified 355 infected URLs that were delivering a malicious exploits and drive-by-downloads and then tested each vendor to see if they are detected. By testing this way it imitates the exact way that you or I might encounter an infected website in our everyday lives.

And what is meant by a false positive?

To check that a product does not over block or even block every web site or file to achieve 100% detection scores, sites and files known to be clean are tested to ensure they can run without hindrance from the anti-virus product installed. A detection of a clean file or web page as malicious is regarded as a false positive and it can be devastating to your everyday life as you can no longer access or run the program, file or web page.

A perfect game for an AV product is perfection itself, 100% detection with Zero false positives. Giving you the confidence to browse and go about your online life knowing AVG is there and providing you best detection rate with zero risk.

Click the award below to see the full test results.

And I can’t write this blog without mentioning the hard work and diligence of the AVG researchers and engineers that work 24 x 7 to make all this possible, well done team and keep up the good work.

 

Over 900 million Android devices at risk from QuadRooter vulnerabilities

What is QuadRooter?

Researchers at Check Point® Software Technologies have released details of four vulnerabilities, which they have dubbed ‘QuadRooter’, that affect Android™ smartphones and tablets built with Qualcomm® chipsets.

Any one of these vulnerabilities could be exploited by a malicious app downloaded onto the user’s device which, without their knowledge, would allow the attacker to gain full access to the phone. Considering the significant amount of personal and business data we store on our connected devices, this has major security implications.

According to Check Point, some of the Android devices that contain this chipset and which are therefore at risk include:

  • BlackBerry Priv
  • Blackphone 1 and Blackphone 2
  • Google Nexus 5X, Nexus 6 and Nexus 6P
  • HTC One, HTC M9 and HTC 10
  • LG G4, LG G5, and LG V10
  • New Moto X by Motorola
  • OnePlus One, OnePlus 2 and OnePlus 3
  • Samsung Galaxy S7 and Samsung S7 Edge
  • Sony Xperia Z Ultra

 

How to protect your Android device from QuadRooter

If you own one of these handsets, it does not mean that you have been the subject of an attack that gains control over your device. For the attack to be successful, it must download the malicious app that takes advantage of one of these four vulnerabilities to your device.

Ensure you update your handset with any security patches available for the issue. For example, Qualcomm has already released a fix for all four vulnerabilities while Google has released patches for three of the four, with the final fix expected in the very near future.

In addition, there are four steps you can take to make sure your device is as secure as possible:

 

  1. Your device should automatically prompt you to download and install the latest available updates. Tip: make sure you have a wi-fi or broadband connected before downloading as some updates can be large.
  1. Only download apps from official apps stores such as Google Play. Avoid sideloading apps, such as when you are offered an app on a web site. To ensure you get the authentic app, go to the Google Play store directly and download it from there. This reduces the risk of getting a malicious app by accident.
  1. Switch on the “verify apps” function in your Android settings. This means that even if you do download an app from somewhere else, this feature will check with the official app store to make sure it’s compliant.
  1. Protect your device with antivirus software such as AVG AntiVirus for Android and make sure you keep it updated. Should an attacker use the vulnerability to plant the malware on your phone or tablet, an up-to-date antivirus program will detect and prevent its execution.

 

The best advice I can give is not to panic and not to be complacent. Vulnerabilities like this are actually relatively common and taking preventative action quickly will help protect your devices and your data from unnecessary risk.