Tag Archives: featured1

Panda Security

The message that can crash WhatsApp

Warning! The Spanish Civil Guard is warning of a new threat on WhatsApp!

whatsapp-death-message

Known in Spanish as the “mensaje de la muerte” (the message of death), it only affects Android devices, not iPhones.

It works as follows: You receive a text message with Chinese-type characters which, having been copied and pasted to Whatsapp, will crash the application on Android devices. This is particularly dangerous for WhatsApp groups, as it blocks WhatsApp for all group members and deletes the group.

How to resolve the WhatsApp ‘message of death’

  • If received from another user: just delete the chat to resolve the problem.
  • If the message comes through a group, go to “Settings”, “Applications” “Manage Applications”, “WhatsApp”, “Clear Data”. Be aware however that all chats and messages histories for all groups will be deleted.

The post The message that can crash WhatsApp appeared first on MediaCenter Panda Security.

Avast

Wanted: Avast for Business beta testers

Join our Avast for Business beta test program and prove its value to your company.

IMG_9675
In 2001, we began our journey toward becoming the leader in consumer desktop security by doing things differently and delivering a great product for free. Today, we protect more than 175 million home computers, more than anyone else.

In 2011, we began our journey toward becoming the leader in mobile security by doing things differently and delivering a great product for free. Today, we protect more than 50 million smartphones, making us one of the top 2 mobile security providers and well on our way to becoming number one.

In 2015, we start our next journey – this one toward becoming the leader in business security. And we’ll do so by doing things differently and delivering a great product for

…well, keep an eye on this space. We’ve clearly shown that when we focus our efforts, we know how to deliver differentiated solutions that become market leaders despite stiff competition.

We don’t do any of this by ourselves though. Over the years, we have listened to our evangelists on the forum, our fans on social media, consumer reviews, and the people who test out our products before they are released. We gather feedback, opinions, and suggestions and integrate those into Avast products.

Now we’re doing it again.

Avast Software will turn business information security on its head with our new business-grade security product designed specifically for small and medium sized businesses. But first, we need your help.

Join our beta test program for Avast for Business and prove its value to your company.

Here’s what you get:

  • YOU GET EARLY ACCESS  – As a participant in the Avast for Business beta program, you have exclusive access to the pre-release version. You get to be the first one to experience the power and ease-of-use of Avast for Business.
  • YOU HELP US CREATE THE BEST SECURITY SOLUTION FOR YOUR BUSINESS – When you join our beta test team, you’re first in line with suggestions for improving the product, now and into the future..
  • YOU GET REWARDED FOR YOUR EFFORTS –To thank you for your participation in our beta program, and compensate your business for the time you invest, we’ll give you three full months of Premium service after the release of the new product in 2015.

How to join the program

  • Review the information about Avast for Business on our website
  • Click on SIGN UP NOW
  • Follow the on-screen instructions and start putting Avast for Business to work
  • Send us your feedback via email to [email protected].

As much as is feasible without delaying the product release, we’ll incorporate your comments into Avast for Business; other suggestions will be reserved for incorporation into future releases. And your business name will be added to the list of companies that will receive three months of Premium service after the product is released.

Avast Software’s security applications for PC, Mac, and Android are trusted by more than 200-million people and businesses. Please follow us on FacebookTwitter and Google+.

Avast

Mobile advertising firms spread malware by posing as official Google Play apps

As a malware analyst, I find new pieces of malware day in and day out. In fact, I see so many new malware samples that it’s difficult for me to determine which pieces would be really interesting for the public. Today, however, I found something that immediately caught my attention and that I thought would be interesting to share.

Mobilelinks

The three URLs listed above are websites that offer mobile monetizing kits, which are advertising kits that developers can implement in their mobile apps. The goal for developers is to monetize from advertisements. If a user clicks on one of the ads delivered by one of the above listed providers, he may be lead to a malicious subdomain.

The most visited of the three URLs is Espabit. According to our statistics, we know that Espabit’s servers get around 150,000 views a day and nearly 100% of the views are from mobile devices. This may not seem like that much compared to the number of Android users there are in the world, but it is still a considerable number. Espabit is trying to position themselves as a world leader in advertising, and their website may appear innocent, but first impressions can be deceiving.

 

espabit

The most visited Espabit subdomain, with more than 400,000 views during the last few months, leads app users to pornographic sites via the ads displayed in their apps. The site displays a download offer for nasty apps (no pun intended) that have malicious behavior.

image

 

The above is just one example of the malicious links; there are many others hosted on the same server. The majority of the links lead to pornography or fake apps that all have one thing in common: They all steal money from innocent users.

How do they convince people to download their app? By posing as official Google Play apps. The apps are designed to look like they are from the official Google Play Store – tricking people into trusting the source. Since Android does not allow users to install apps from untrusted sources, the sites offer manuals in different languages, like English, Spanish, German, and French, explaining how to adjust Android’s settings so that users can install apps from untrusted sources, like these malicious apps. How considerate of them.

image_1

 

Now let’s take a deeper look at what the apps are capable of doing:

All of the “different” apps being offered by the three sites listed above are essentially the same in that they can steal personal information and send premium SMS. So far, we know about more than 40 of them stored on the websites’ servers. Most of the apps are stored under different links and, again, are offered in different languages (they want everyone to be able to “enjoy” their apps). The goal behind all of the apps is always the same: Steal money.

apps code1

 

 

 

 

Some of the permissions the apps are granted when downloaded…

apps code2

 

Once you open the apps, you get asked if you are 18 or older (they are not only considerate in that they offer their product in various languages, but they also have morals!).

sexyface

 

 

sexyface2

 

After you click on “YES” you are asked to connect your device to the Internet. Once connected to the Internet your device automatically starts sending premium SMS, each costing $0.25 and sent three times a week. That’s all the app does! The amount stolen a week does not seem like much, but that may be done on purpose. People may not notice if their phone bill is $3.00 more than it was the month before and if they don’t realize that the app is stealing money from them and don’t delete the app it can cost them $36.00 a year.

This malware is actually not unique in terms of the technique it uses. However, collectively, the three websites have around 185,000 views daily, which is a lot considering there is malware stored on their servers. Not everyone is redirected to malware, but those who are, are being scammed. Considering that the most visited malicious subdomain had around 400,000 views in the last quarter, it tells us that a large number of those visitors were infected. This means these ad providers are making a nice sum of money and it’s not all from ad clicks and views.

Although many mobile carriers around the world block premium SMS, including major carriers in the U.S., Brazil, and the UK, this case should not be taken lightly. These malware authors use social engineering to circumvent Google’s security and target innocent app users via ads. Think of how many apps you use that display ads, then think of all the valuable information you have stored on your phone that could be abused.

All malicious apps we found and described here are detected by Avast as:

Android:Erop-AG [Trj]
Android:Erop-AJ [Trj]|
Android:Erop-AS [Trj]

Some of SHA256:
DBEA83D04B6151A634B93289150CA1611D11F142EA3C17451454B25086EE0AEF
87AC7645F41744B722CEFC204A6473FD68756D8B2731A4BF82EBAED03BCF3C9B

Panda Security

More controversy for Uber: The app compiles user data without permission

uberThe emergence of Uber has put taxi drivers around the world on red alert. Just this week, the Spanish High Court has ordered the company to cease operations on the grounds of unfair competition with taxi drivers.

Yet it’s not just the business model (putting customers in touch with unlicensed drivers) that stretches the limits of legality. The app, which effectively manages requests and responses, also contains some dubious aspects.

This is what a group of IT security researchers have discovered after analyzing how the mobile app works. They have analyzed the code of the Android app in detail and their findings don’t reflect well on Uber.

The study revealed that while users take advantage of the services they offer, the system transmits information about their Internet habits along with certain features of their phone, details that are entirely unrelated to the service.

The San Francisco based ‘start-up’ would seem to be interested in the people its customers are in contact with; it collects data on the length of calls and the phone numbers.

It also gathers information about the apps installed on the device, the free memory space and byte circulation. Similarly, the GPS coordinates and the IP address of the phone are recorded.

taxi

 

The company wants to know what messages (SMS, MMS and emails) are sent and received by users, and suspiciously, the tool reports the malware that the phone is vulnerable to and the security algorithm used on the device. The obvious question is, why would a company that only offers a transport service need all this information about its users?

Some have defended its strategy, claiming that this is an anti-fraud measure to identify fake accounts (competitors could use the app covertly with other intentions). Still, the end doesn’t justify the means. The terms and conditions of the app don’t reflect the entire flow of information that really takes place.

For the moment these experts have only analyzed the app for Android; it’s still unclear whether the same things happen on the iOS version. Nevertheless, it may be best to fear the worst, as Apple is hardly renowned for its discretion.

If you think that after this news Google will be withdrawing the app from its platforms, you’re probably forgetting a small detail -in the form of a bundle of cash. Google Ventures, the branch of the company that invests in new ventures and business opportunities, has financed Uber to the tune of $258 million. It’s unlikely to write that off just for a small problem of privacy.

Uber is not the only app that uses your data without clarifying the reasons. We recently discussed some torch apps that do the same with GPS coordinates, photos and text messages.

You can’t entirely avoid being spied upon, though revelations like these are a wake-up call to be on your guard with respect to the permissions on the apps that you download. It’s common to accept conditions without reading them in the belief that an app must be trustworthy, but all that glitters isn’t gold.

Remember that Panda Mobile Security, our free antivirus for Android, can help you to monitor which personal data on your phone is shared with third-parties.

The post More controversy for Uber: The app compiles user data without permission appeared first on MediaCenter Panda Security.

Avast

Facebook’s new privacy policies and your data security

Facebook privacy policy for 2015

Facebook doesn’t want you to be in the dark about their new privacy policies.

2015 is arriving and, as usual, tech companies start to launch their updates for the new year. However, it looks like someone is sparking some debate with its recent policies that are to be implemented in less than a month. That someone is… Facebook.

After all the controversy around the Facebook Messenger app last summer, the world’s largest social media company is under fire, again!

Recently, Facebook published their new terms, data policies, and cookies policies that the network will launch January 1st. Basically, the update says that every user of Facebook’s services agree, among other changes, with the utilization of tools that can help to aggregate data in order to create more customized ads – the company also introduces ways to guarantee basic data security.

I’ve noticed that the way I’ve received the ads in my profile is quite different to what it used to be. After simply browsing through a website related to a specific theme, let’s say, football or software, I immediately start to receive wall post offers related to that topic, company, or product that I researched online. Imagine how it’s going to be in 2015 after the new policy has been officially launched?

Is Facebook spying on you?

Would the world’s largest social media website be spying on us? They have admitted publicly that it’s quite easy to monitor online activities, and they do hold a lot of data on their members, which makes people feel a bit uncomfortable. Just search for articles about it, and you’ll see.

Facebook’s goal with this new privacy policy is to help users “understand how Facebook works and how to control your information.” This introduces an element of decision-making on the user’s behalf.

Some of the updates you can expect to see are:

Discover what’s going on around you: Facebook is working on ways to show you the most relevant information based on where you are and what your friends are up to.

Make purchases more convenient: People in some regions will see a Buy button, making purchasing easy because you don’t have to leave Facebook. And you get targeted ads based on what you are interested in, like me seeing an increased number of football and software ads.

Make you part of the Facebook ecosystem: You will be even more invested in the “Facebook family” because they are making Instagram, WhatsApp, and the growing number of companies, apps and services that Facebook is acquiring work together more seamlessly.

Your data is still under your control

You should be concerned about the contents and data that you publish on Facebook, because sometimes they make you look like an idiot, but don’t go off the deep end thinking that your social network will steal your privacy! You are still under control of your data!

To help you maintain control, Facebook wants you to understand how they use your information and find information about privacy on Facebook at the moment you need it. Tips and suggestions can be found in Privacy Basics.

It’s also necessary for you to take some precautions, such as:

  • Use strong passwords to access your profiles and accounts
  • Don’t share sensitive information in social media channels
  • Take double precaution with fake websites
  • Only proceed with online payments when logged to https pages

And, obviously, use a good antivirus that will help you with all the above procedures! No matter what tools online companies and social media websites are using to better understand your behavior in the “Internet of Things”, you are still under control of your data. Do your part and live a health virtual life!

Avast

When it comes to dangers on the internet, we are our own worst enemies

Today’s biggest threat to the normal consumer is the consumer themselves.

This bold statement was made by Avast CEO Vincent Steckler in an interview with German technology website Valuetech in Munich last week. That’s a daring position to take after this year’s revelations about NSA spying, the theft of tens of millions of customer passwords from major retailers like Target and Home Depot, the recent Sony Pictures hack, and the normal parade of Trojan horses, worms and viruses, but it’s one that Steckler stands behind.

Watch the interview here (04:00),

Mr. Steckler has good reason for his conclusion. Here’s a few of the main points he made during the interview.

Social engineering preys on human weakness

“A lot of attacks are still using social engineering techniques; phishing emails – ways of convincing the user to give up valuable information,” said Steckler.

An example of phishing emails just occurred after Black Friday, when cybercrooks sent millions of fake purchase confirmation emails to customers of major retailers. You can read about that, as well as what to do if you are a victim,  in our blog, Fake confirmation emails from Walmart, Home Depot, others in circulation.

The Mac misconception

Mac users are well-known for proudly touting that they don’t use antivirus protection because they never have a problem with viruses. But, it’s really a numbers game.

“There is no fundamental difference,” Steckler says of the security of PCs and Macs. “Mac is not inherently any safer, as a technology, than Windows is. What makes a difference there is what is more opportune for a bad guy to attack.”

He explains that malware written for Windows can attack up to 93% of the world’s PCs. Mac malware only reaches 7-8% of the world’s PCs. The safety then lies in the lower numbers of Mac devices rather than a technical safety advantage.

Households networks are as complicated as small business networks

With the interconnectivity of household devices from household computers, mobile phones, TVs and even refrigerators, Steckler compares the typical household network to that of a small business.

“The central weakness in this ‘Internet of Things’ will be that home router – the thing that connects everything together,” says Steckler, “and basically doesn’t have any security on it.”

Avast 2015 seeks to address this lack in security by including the new Home Network Security scanner.

Panda Security

6 tips for shopping online safely at Christmas

christmas-online-shoppingMany of us now prefer to shop online: you can avoid the queues, it’s easier to compare goods and prices…

No doubt Christmas is one of the times of the year when most online transactions take place. That’s why we want to offer you some tips for shopping online safely.

6 tips for shopping online safely at Christmas

1. Use a secure WiFi or Internet connection

It’s convenient (and cheaper) to use public WiFi connections that are not password-protected.

When you connect from your house or from the office, you know who is responsible for the network and who else could be connected, but on a public network, anyone else could be connected.

For this reason, it is far better if you are going to make transactions online -such as Christmas shopping- to do so from a secure Internet connection.

2. Keep your computer up-to-date and protected

Bank details are some of the most sensitive data that you can transfer across the Internet and they are essential when making such transactions. If this Christmas you intend to buy any presents online, make sure your computer is up-to-date and properly protected.

How? Keep your operating system updated and use the best antivirus. Take a look, and choose the one that best adapts to your needs.

3. Buy from well-known sites with a good reputation

One of the first things you should do when shopping online is check that the URL of the website coincides with the website where you think you are and that it begins with HTTPS.

Buying only from reputable online stores will help prevent you from falling victim to data or identity theft.

4. Check the privacy and refunds policies

Check their privacy policy. It should be in a visible place and up-to-date.

Can you return the goods? And what if you want to change something, say, for another size? These are also important things to consider when choosing places to shop online.

5. Don’t follow links in emails and ads

At this time of year it’s not unusual to receive thousands of ads for unbeatable offers. Though it’s worth stopping to think if they aren’t just too good to be true. 

Such adverts and email campaigns with offers and fantastic discounts are often used as a tool by cyber-criminalsAvoid phishing scams and don’t fall into the trap.

6. Keep an eye on your credit card transactions

It is also important that after making purchases online you check that all the transactions in your statement are the ones you have made yourself.

If you see anything suspicious, get in touch with your bank.

The post 6 tips for shopping online safely at Christmas appeared first on MediaCenter Panda Security.

Avast

Sony PlayStation Network down due to hacker attack

Poor Sony. They are getting it from all directions these days.  On Sunday, the PlayStation Network, the online store for games, movies, and TV shows, suffered a hacker attack and was knocked offline. Visitors to the store got a message that said, ‘Page Not Found! It’s not you. It’s the Internet’s fault.’ I just visited the page, and got this same message, so reports that it was up again, were at best, temporary – at least for some of us.

Sony PSN hacked

Sony tweeted yesterday that they were investigating.

A group called Lizard Squad, which was also involved in a hack of Xbox Live last week as well as previous attacks on EA Games and Destiny, claimed responsibility for the attack.

During the Xbox hack, Lizard Squad promised that attacks would continue until Christmas.

This attack comes on the heels of news recently that Sony Pictures’ corporate network was infiltrated by cybercrooks which resulted in the theft of 100 terabytes of confidential employee data, business documents, and unreleased films. It was speculated that North Korean hackers were behind the attack due to the upcoming release of the movie “The Interview,” which is about an attempted assassination of Kim Jong-Un. The North Korean government denied responsibility for the attack on Sunday. The attack has since been traced to a luxury hotel in Bangkok, and is being investigated.

The two attacks appear to be unrelated.

Avast Software’s security applications for PC, Mac, and Android are trusted by more than 200-million people and businesses. Please follow us on FacebookTwitter and Google+.

Avast

Fake confirmation emails from Walmart, Home Depot, others in circulation

Cybercrooks target busy holiday shoppers with phishing scheme.

After all that shopping on Black Friday and Cyber Monday, consumers are reporting a bunch of phishing emails that look like authentic communications from poular stores. Malware-infected emails are reportedly coming from Walmart, Home Depot, Target, and Costco. The catch is these are not from the authentic merchants, but rather cybercrooks are using a phishing scheme to send fake emails with the intent to gather personal information from harried shoppers.

Walmart scam email

Millions of these emails are being sent each day, originating from more than 600 hacked websites that act as intermediaries, according to security analysts from Malcovery monitoring the attacks. This method prevented detection by causing the spammed links to point to websites that had been safe until the morning of the attack.

The messages have subject lines like this:

  • Thank you for your order
  • Order Confirmation
  • Thank you for buying from Best Buy
  • Acknowledgment of Order
  • Order Status

If you receive one of these emails, don’t click on any links. Instead, visit the merchant’s website or call their customer service. Don’t give any personal information out unless you know for sure with whom you are speaking.

Home Depot scam email

costco scam email

 

Signs of a fake email

Unfortunately, cybercrooks are becoming more professional with their scams, but here are a few things you can look for to tell a fake email from an authentic one.

  • Poor grammar usage
  • The Sender (the “from” line) may not match the merchant name
  • Links in the email do not go to the real website
  • There is no order confirmation number or details about the order. A real order confirmation email contains the details of your order without clicking on any links, as well as where it is being shipped and the payment method.

target scam email

How to protect yourself

Walmart acknowledged that the fraudulent emails were in circulation and suggested these steps if you receive a suspicious email.

  • If you actually placed an order and are suspicious about the email you received, log onto your Walmart.com order to check your order status.
  • Keep your virus software updated on all your computers.

If you were a victim of fraud via the Internet, you should file a report with your local law enforcement agency along with the Internet Crime Complaint Center (ICCC). The ICCC is a partnership between the FBI and the National White Collar Crime Center. You can make a report with the ICCC.

Avast Software’s security applications for PC, Mac, and Android are trusted by more than 200-million people and businesses. Please follow us on FacebookTwitter and Google+.

 

Avast

Fake free codes scam affects PSN and Steam users

Some webpages are giving away free codes for Playstation Network and Steam but, are they reliable?

At Avast we discovered a lot of webpages offering free codes, with a value from $20 to $50, for Playstation Network and Steam, two of the most important internet-based digital distribution platforms. Those webpages look very suspicious so we decided to analyze them.

We chose one of those webpages and followed all the steps required in order to get our “free code” for Playstation Network or Steam.

psnScam

After a first look at the main page, we found some suspicious items. To prove how trustworthy the transaction is, the webpage placed two security “certifications” in a visible location, but as we discovered, no security companies are associated with those certifications. They are completely fake!

Also, there’s a label with user ratings (4 ½ stars!), but we cannot rate the webpage; it’s just an image. Both fake images make the users think that they are in a safe and reliable website.

What happens when we click on a gift card? Are we going to receive the code?

The answer is no.

Let’s see what’s next:

PSNscam1

When we click on a gift card¸ instead of receiving the promised free code, we are asked to share a link with our friends in order to unlock the code.

Why do they do that?

When we share the link we are contributing to an increase in the number of visitors and, of course, the number of people that will try to redeem the “free code.” Keep this in mind, it will be important at the end of this post.

Ok, we already invited 5 of our friends and, in theory, we unlocked the code. Is this the last step? Are we going to receive the code now?

PSNscam3

Again, the answer is no.

Looks like they don’t want to give us the code. Suspicious, right? So, what do they want now?

As we can see in the image, in order to receive our PSN code, we need to complete a short survey (like inviting 5 friends wasn’t already enough?!).

When we click on one of the surveys, a little pop-up with a message appears on the top of the screen. The message says: “You must use your VALID information while filling this offer out”.

Why do they need our VALID information?

Here’s the reason:

PSNscam4

 

In order to receive the code, we need to introduce our phone number – our VALID phone number. But wait, before doing that, let’s read the text at the bottom of the page.

PSNscam5

Surprise! It’s a premium SMS service with a total amount of 36,25€/month (>$40/month)! If we enter our phone number, we will be automatically subscribed to this premium service.

Remember the 5 friends you sent the link to? Well, now imagine how many people can fall into this scam just by sharing a link to 5 friends: 5+(5*5)+(5*5*5)+… creepy, right?

And of course, there’s no free code for your PSN or Steam accounts.

Unfortunately, there’s a lot of webpages using the same method to get user’s money. Also, there are other webpages offering software to generate codes. Cybercrooks create those
fake apps and get money from “download servers” because they bring
them users.

Tonda Hýža, from the AVAST Virus Lab, described those webpages as Adware due to the big amount of lies, advertisements and weird privacy policies.

Make sure you share this alert with your gamer friends J

Avast Software’s security applications for PC, Mac, and Android are trusted by more than 200-million people and businesses. Please follow us on FacebookTwitter and Google+.