Tag Archives: Mobile

Avast

Avast at Virus Bulletin Conference 2015

Leave a comment

Our team had a wonderful time meeting and networking with the crème de la crème of security industry professionals at this year’s Virus Bulletin Conference in Prague, of which we were a proud platinum sponsor. Throughout the conference, a handful of Avast employees presented talks a variety of today’s most prominent security-centered topics. For those who weren’t able to make it to the conference, we’d like to provide a brief recap of the content that was covered.

Taking a close look at denial of service attacks

Avast senior malware analysts Petr Kalnai and Jaromir Horejsi discuss distributed denial-of-service (DDoS) attacks.

Avast senior malware analysts Petr Kalnai and Jaromir Horejsi discuss distributed denial-of-service (DDoS) attacks.

In their presentation, “DDoS trojan: a malicious concept that conquered the ELF format“, senior malware analysts Petr Kalnai and Jaromir Horejsi discussed the serious issues relating to distributed denial-of-service (DDoS) attacks.

Abstract: DDoS threats have been out there since the Internet took over half of global communication, posing the real problem of denial of access to online service providers. Recently, a new trend emerged in non-Windows DDoS attacks that was induced by code availability, lack of security, and an abundance of resources. The attack infrastructure has undergone significant structural, functional and complexity changes. Malicious aspects have evolved into complex and relatively sophisticated pieces of code, employing compression, advanced encryption and even rootkit capabilities. Targeted machines run systems supporting the ELF format – anything from desktops and servers to IoT devices like routers or digital video recorders (DVRs) could be at risk.

In this session, Petr and Jaromir examined the current state of DDoS trojans forming covert botnets on unsuspecting systems. They provided a technical analysis of the most important malware families with a specific focus on infection methods, dynamic behavior, C&C communication, obfuscation techniques, advanced methods of persistence and stealth, and elimination of rivals. After studying cybercriminals’ behavior, our two speakers introduced their operation tools, including vulnerability scanners, brute-forcers, bot builders and C&C panels. They explained that in many cases, it’s unnecessary to apply reverse engineering within the analysis — the original source codes are indexed in public search engines and their customization is a subject of monetization. The pair concluded their presentation by introducing tracking methods and techniques and revealed the targets of these attacks.

Taking mobile security to the next level

Avast security researcher Filip Chytry talks about privacy in the mobile sphere.

Avast security researcher Filip Chytry talks about privacy in the mobile sphere.

Next up was security researcher Filip Chytry’s talk, “Privacy: a growing commodity in the modern age and our Remotium virtual solution to protect it“. Filip’s presentation focused on a few mobile apps that have experienced privacy leaks and provided insight on what could be used as potential solutions to these types of security breaches.

Abstract: Today, we are surrounded by millions of sensors that measure and monitor our lives, cities, travels, homes and communities. There are currently more online endpoint devices and sensors in existence across the globe than there are human beings. Smartphones have become unbelievably integrated into our daily lives, and these tiny gadgets are just the tip of the iceberg that is the modern spying age. Take cameras, for example — when you get the chance, try taking a stroll around a city and see how many cameras you can spot. These could be cameras belonging to other people or surveillance cameras capturing public images. Whether they were taken accidentally or intentionally, it’s difficult to argue with the fact that each of us is featured in public images and visual data that we remain largely unaware of.

Filip pointed out that when examining this issue through a mobile lens, it’s interesting to take a look at apps which benefit us in some way. Although these apps can lend us a helping hand or aid us in socializing with our peers, they often sharing certain data with developers that the average person is likely unaware of and would be uncomfortable with sharing. Filip went on to explain that in the worst case scenario, these apps’ developers can implement poor security standards which could permit leakages of data shared by the user. Concluding the presentation, Filip explained that Avast Remotium is a virtual space that allows users to mask their data, delivering unidentified data in its place in order to protect against data leaks and privacy breaches.

Home Network Security in the spotlight

Pavel Sramek and Martin Smarda discuss home network security issues.

Pavel Sramek and Martin Smarda discuss home network security issues.

Another two stellar Avast malware analysts, Pavel Sramek and Martin Smarda, presented “Solving the (in)security of home networked devices“. This talk outlined real-life issues of home network devices and examined potential risks related to the devices, a topic which is extremely relevant at this time.

Abstract: In the past few years, there has not been a VB conference without a talk about someone hacking the devices they have at home. Be they routers, NAS-es or ‘smart’ TVs, there is always one thing in common — the vendors ignore the problems and refuse to patch their products. We are developing an automated vulnerability scanner intended to test devices without our code running on them. The intention is to educate users about the misconfigurations and vulnerabilities that are detectable from another device in the network. Integrating such a scanner into consumer AV brings home network security to a new level and increases user awareness of those issues. We will present the technology and the challenges we faced on the way towards accomplishing this goal via maximizing the impact of even the simplest vulnerability scans.

Pavel and Martin acknowledged that while a couple researchers reporting an issue is simply not enough pressure to affect manufacturers’ decisions, the possibilities could be huge if millions of users reported this problem to their vendors or made the decision to replace their devices with more secure ones.

Fun at the Avast booth

A bottle of our own Avastweiser beer!

A bottle of our own Avastweiser beer!

In addition to the presentations given by our talented speakers, Avast had a handful of fun activities to offer to Virus Bulletin attendees. At the Avast booth, our team served three types of Czech beer in addition to our own Avastweiser brew, which we handed out to visitors free of charge.

Attendees had the opportunity to join Avast in a tournament of old-school Arcade Games, which we rented from Prague’s Arcade Museum. Among the prizes were a smartphone-controlled paper airplane and a Cheerson CX-20 drone!

We’d like to thank everyone who attended Virus Bulletin 2015 for their interest and support in the security and antivirus industry. We look forward to what next year’s conference has in store!

 

 

 

 

Follow Avast on FacebookTwitterYouTube, and Google+ where we keep you updated on cybersecurity news every day.

Avast

Making technology simpler: Thanks to my mother

Leave a comment

Some days ago we wrote about scams targeting senior citizens. This group is at risk because generally speaking, they have less computer education than younger people who have grown up in the digital world. I recommended the reading to my mother, thinking she will benefit from it. She thanked me, but said that there were “some things” she did not understand.

Learning to surf internet

Friends and family can help senior citizens enjoy a safe online experience

In the Avast blog we do our best to write in simple terms. However, we know much more about security and, quite frequently, explains things in technical writing. So, I’ve take some time to write what will be useful for your mother (and mine). What about recommending her to read this?

Computer and mobile security essentials for senior citizens

  • Ask for help from one you trust. Don’t be ashamed to ask for help. Remember there are a lot of people that love to help and share knowledge. Start with your family and friends. If you and your friend both have Avast installed, it’s possible for them to remotely access your computer.  If they don’t have spare time or knowledge, then try the Avast Community Forum. With sections in several languages, you’ll find friendly people that could guide you with security technology. Find us there!
  • Install and keep your security software updated. Avast makes everything simple for you. All the “difficult tasks” have been automated: Protection against viruses and malware, blocking spam, preventing fraud and hacker intrusions, automatic updates of your software.
  • Scan and protect your network. That “complex” device with lights blinking that gets you on the internet is called a “router”. Do you know that it could be the weaker part of your network? Avast can scan your home network and make sure it’s secure. Our next Avast version will give you much more control of an online pain: Passwords. Keep them updated and strong!
  • In your Android mobile devices, use an easy and comprehensive security app. Avast apps bring a lot of protective features that give peace of mind, like analyzing malicious app (maybe the ones with intrusive ads, right?). With our family of apps, you can clean temporary files, keep your battery in good shape, and stay safe when using free Wi-Fi connections. Also, to stay safe, use only known app stores like Google Play and Amazon.
  • Common sense! Do not open unsolicited emails, ever! Don’t trust strange messages about promises of a better computer, prizes, and special offers. Keep your attention always on: Do not install unknown software, and do not accept extra offers during installation of trusted programs. If you have any suspicions, ask others or in Avast Community Forum.

What do you think? Did I write enough for your mother to understand? If so, I accomplished my goal.

Special thanks for my mother (for the inspiration and love). And a special thanks to the guys that share all their time and effort to make the internet a better place and for teaching me to write with such pleasure: The volunteers on the Avast Community Forum.

Follow Avast on FacebookTwitterYouTube, and Google+ where we keep you updated on cybersecurity news every day.

Avast

Avast Mobile Security: So much more than just another security app

Leave a comment

With millions of applications waiting to be installed in our gadgets, you not only need to be concerned about quality, but you also need to take the proper measures in order to avoid your phone becoming infected by malware. Unfortunately, we already know that Google Play and the Windows Store aren’t immune to malware. Even the Apple Store has its bad days, so we’re not trying to scare you. These days, malware is a continuing, growing threat.

Stay protected on multiple levels with Avast Mobile Security

Avast Mobile Security will protect you while providing you with a worry-free browsing experience. Simply install the app and you‘re good to go! Here’s what you get from this multifaceted software:

  • Android protection: The free features of Avast Mobile Security ensure that your smartphone is safe from online threats and malware.
  • Incoming SMS filtration: You are allowed to block specific numbers for calls and SMS.
  • Stolen/lost device tracking: The software features anti-theft elements that provide you with remote options to track your phone location and also recover the same.
  • Warning alarms: In case you visit a website that malware infected, the software will alarm you by a warning sign or sound using its Web Shield.
  • Wi-Fi and network data usage tracking: You may be eager to know your data usage and Avast makes it quite easy. You can track your network data usage as well as Wi-Fi and perceive how much you have consumed and how much is left to use.
  • Mistyped URLs are auto-corrected: Avast Mobile Security is equipped with a SiteCorrect feature that saves users from the issues of mistyping URLs.

We invite you to check out Avast Mobile Security, free from Google Play.

 

Follow Avast on FacebookTwitterYouTube, and Google+ where we keep you updated on cybersecurity news every day.

Avast

Dark times for Android: Examining Certifi-gate and the newest Stagefright updates

Leave a comment

Certifi-gate and Stagefright are two recent threats that have put many Android devices at risk. Photo via Ars Technica.

When it comes to security, it seems that Android has seen better days. A slew of vulnerabilities and threats have been cropping up recently, putting multitudes of Android users at risk. Certifi-gate and Stagefright are two threats that, when left unprotected against, could spark major data breaches.

Certifi-gate leaches permissions from other apps to gain remote control access

Certifi-gate is a Trojan that affects Android’s operating system in a scary way. Android devices with Jelly Bean 4.3 or higher are affected by this vulnerability, making about 50% of all Android users vulnerable to attacks or to their personal information being compromised.

What’s frightening about this nasty bug is how easily it can execute an attack – Certifi-gate only requires Internet access in order to gain remote control access of your devices. The attack takes place in three steps:

  1. A user installs a vulnerable app that contains a remote access backdoor onto their Android device
  2. A remotely-controlled server takes control of this app by exploiting its insecure backdoor
  3. Using remote access, Certifi-gate obtains permissions from others apps that have previously been granted higher privileges (i.e. more permissions) by the user and uses them to exploit user data. A good example of an app targeted by Certifi-gate is TeamViewer, an app that allows you to control your Android device remotely.

The good news here is that Avast Mobile Security blocks the installation packages that make it possible for Certifi-gate to exploit the permissions of your other apps. Breaking this down further, Avast Mobile Security would block the package before the action in Step 2 is carried out, making it impossible for a remotely-controlled server to take control of an insecure app that contains a vulnerable remote access backdoor.

Google’s Stagefright patch can be bypassed

We’ve already told you about the Stagefright bug, which has exposed nearly 1 billion Android devices to malware. Whereas Certifi-gate uses Internet access to control your device, Stagefright merely needs a phone number in order to infect users.

Due to the scope and severity of this threat, Google quickly put out a security patch that was intended to resolve the Stagefright issue once and for all. Unfortunately, it hasn’t been fully successful — it’s possible for the patch to be bypassed, which leaves Android users with a false sense of security and a vulnerable device.

As Avast security researcher Filip Chytry explains in his original post examining Stagefright, Avast encourages users to disable the “auto retrieve MMS” feature within their default messaging app’s settings as a precautionary measure. You can read our full set of instructions for staying safe against Stagefright in the post.

Follow Avast on Facebook, Twitter, YouTube, and Google+ where we keep you updated on cybersecurity news every day.

Avast

Avast Mobile Security users can help develop a new app

Leave a comment

We all know how bothersome finding and connecting to Wi-Fi networks in public places can be — often, we encounter frustrating roaming fees or slow connection speeds in crowded spaces. At Avast, we want Wi-Fi connection to be a safe and simple process for our users. As a result, we’re currently working on new product that will help people to detect and connect to public Wi-Fi networks without any security risk.

Introducing Avast’s new product pioneering program

We’ve recently rolled out a new feature within Avast Mobile Security called the product pioneering program. This program helps harvest nearby Wi-Fi hotspots available for users when they need to connect to public Wi-Fi networks. The feature also supports the creation and growth of our own trustworthy and up-to-date hotspot database, which we need in order to deliver information about nearby Wi-Fi hotspots to our users. As we know that Avast users place great importance on their security and privacy, we are asking our users to lend us a helping hand in collecting and identifying hotspots in their local surroundings. This requires us to request the GPS position permission of our users during the installation or upgrading process of Avast Mobile Security.

In-app notification informing users about our product pioneering program.
Opt-in message shown when users click on in-app notification.
Users have the options of opting out of the program in Settings.

Upon installing or upgrading Avast Mobile Security, users will receive an in-app notification that informs them of our product pioneering program. If a user chooses to opt in to the product pioneering program, it is only then that his or her GPS location information will actively be gathered.

How does the program actually work?

Whenever users connect to an open Wi-Fi hotspot, we will check for an available Internet connection and then anonymously obtain the user’s location along with the name of the hotspot. We will be presenting this gathered information to our users once our Wi-Fi Finder app is ready to be launched in a few months. The app will be available for both Android and iOS.

It’s important to note that our product pioneering program gathers data anonymously from users. Specifically, the program only gathers the names and rough locations of nearby hotspots.

Our users’ participation in our product pioneering program is highly appreciated. We’d like to thank each and every one of our product pioneers in advance for their aid in helping us deliver our new product! Download Avast Mobile Security for free on Google Play.

Follow Avast on Facebook, Twitter, YouTube, and Google+ where we keep you updated on cybersecurity news every day.

AVG

7 tips for picking the right back to school device

Leave a comment

When I was young, I remember watching episodes of Dr. Who and Star Trek and marveling at the flat screen monitors, tablets and wireless connectivity they portrayed.

I recently watched one of the original Star Trek movies and noticed how dated the technology looked. It seems that not only has technology delivered what was the vision of film makers but surpassed it. Our kids are growing up in a world that I never dreamed would be a reality.

The interesting part of this is that this hyper-connected is entirely normal for them. We as adults view it as connected, digital, devices and make it sound like a special part of life but to our kids it’s just life.

I often see questions such as ‘what age do I give my child a smartphone?’ Realistically, there can be no wrong answer as every child matures differently and every parent has differing views and boundaries. There are indicators though that should allow us to make a reasonable decision on the right age for children to have smartphones. Generally, they look at responsibility, respect and maturity. Giving a phone to a child is a big responsibility for both the parent and child, after all the actions of the child are the responsibility of the parent.

There are obviously lots of reasons for a child to have a smartphone, but also lots of reasons for them not to. It’s important that we encourage our kids to spend more time outside, play with their friends, learn social skills and interact directly with other people will stand them in good stead for adult life. A consideration on how the device fits in to school life and will it hinder and or enable learning needs to be a part of the decision, again something that differs for every child.

My son had access to a flip phone from the age of 10. This was a family device and then at 13 he was then allowed a full smartphone on the grounds that it was a privilege and not a right. At 15, he is now a young man and the dynamic and guidance become very different. Just yesterday, we had a chat about disabling ‘auto retrieve’ to mitigate the risk of the StageFright vulnerability.

Another frequent question at this time of year is what laptop or tablet should I be buying to enable learning at school, here are some key questions that might help aid the decision process on this.

 

Key considerations for back to school tech purchases

What is the purpose of the device?

Is it for productivity or for consumption? If you think about how we use the devices in our lives tablets are typically used to browse, watch and consume content where a laptop is used to create and produce, while there is some crossover this is a reasonable question to start the process of which is better.

School equipment

Does the school provide any equipment as learning aids? Knowing which devices kids have access to at school might help you decide to buy a device that the school does not already use.

Device specifics

Different devices have different uses. Tablets can be great for apps while laptops are of course great for browsing the web and certain types of gaming.

There is then the question of device choice, size of laptop or tablet, this one is personal and engaging your child on this is a good idea. After all, they will be the user of the device.

Insurance

One top tip our own AVG IT department gave me when I purchased a laptop for my device was that I should buy the accidental damage insurance offered as kids drop or damage stuff in ways we don’t. This advice proved extremely useful and has saved me money!

Responsible Use

Okay, so you’ve decided on the right device and appropriate age, but the job isn’t done yet. Just like crossing the road, it’s up to us as parents to show our kids how to use the web responsibly and respect others when they communicate Remember that kids are not fully developed from a maturity perspective and they need our guidance (despite the fact that as teenagers think they know everything.)

School policy

Read the schools policy on Internet use and communication and enforce the same principles out of school, with the right education and guidance your kids might amaze you on their ability to behave in a mature way.

If in doubt, discuss

If necessary, then monitoring what they do may help you understand and guide them better, I personally find just talking to them about what they are up to works well and is much less intrusive. I know my parents never knew everything I got up to when I was a child so having a little freedom, unless its abused, is a positive growing up experience.

 

Make sure your kids understand one core principal – ‘if you wouldn’t say it offline then don’t say it online’

 

Avast

Windows Phone Store scam: malicious mobile apps aren’t unique to Google Play

Leave a comment

Although it’s possible to use third-party apps stores safely and securely, the fact that scams do still occur in a variety of app stores shouldn’t be ignored. On Sunday, a threat was discovered by a user who posted the issue on our forum. The scam, located within the Windows Phone Store, advertised three fraudulent versions of Avast Mobile Security. These fake apps not only include the Avast logo, but also feature actual screenshots from AMS in their image galleries. Our fast-acting team has since blocked the pages and has labeled them as malicious.

Fake AMS apps collect personal data and redirect users to adware



If downloaded, these fake versions of AMS found on the Windows Phone Store pose a risk to users’ security. Here’s how they work:

  1. New Avast security: This app includes three control buttons which show only advertisements. Even without actively clicking on the ads, the app redirects users to additional adware.
  2. Avast Antivirus Analysis: Claiming to “protect your phone from malware and theft”, this malicious app runs in the background of victims’ devices once downloaded and collects their data and location.
  3. Mobile Security & Antivirus – system 2: Simply put, this is a paid-for version of “New Avast security” that forcibly leads users to adware.

The fun doesn’t stop there!

After doing some additional research, our malware analysts discovered that TT_Game_For_All, the same user that published the fake AMS apps, isn’t solely impersonating Avast. Instead, this cybercriminal has published a large collection of close to fifty apps, the majority of which cost around the equivalent of 1.99 USD. Certain apps even claim to be from other well-known companies such as Qihoo 360, APUS, and Clean Master. 



Keep your eyes open for app store threats

This case goes to show that when it comes to mobile malware, it’s not only the Android platform that is vulnerable to attacks. Although Windows Phone devices aren’t currently as widely used as that of Android, it’s important to be careful regardless of the platform that you use. Finally, keep in mind that Google Play isn’t the only app store users should be paying attention to when it comes to avoiding mobile scams and threats — these threats can occur within any app store.

Follow Avast on FacebookTwitterYouTube, and Google+ where we keep you updated on cybersecurity news every day.

Avast

Big Brother(s) Could be Watching You Thanks to Stagefright  

Leave a comment

Earlier this week, security researchers unveiled a vulnerability that is believed to be the worst Android vulnerability yet discovered. The “Stagefright” bug exposes nearly 1 billion Android devices to malware. The vulnerability was found in “Stagefright”, an Android media library. Hackers can gain access to a device by exploiting the vulnerability and can then access contacts and other data, including photos and videos, and can access the device’s microphone and camera, and thus spy on you by recording sound and taking photos.

All devices running Android versions Froyo 2.2 to Lollipop 5.1.1 are affected, which are used by approximately 95% of all Android devices.

The scary part is that hackers only need your phone number to infect you. The malware is delivered via a multimedia message sent to any messenger app that can process MPEG4 video format – like an Android device’s native messaging app, Google Hangouts and WhatsApp. As these Android messaging apps auto-retrieve videos or audio content, the malicious code is executed without the user even doing anything – the vulnerability does not require the victim to open the message or to click on a link. This is unique, as mobile malware usually requires some action to be taken to infect the device. The malware could also be spread via link, which could be sent via email or shared on social networks, for example. This would, however, require user interaction, as the video would not load without the user opening  a link. This exploit is extremely dangerous, because if abused via MMS, victims are not required to take any action and there are neither apparent nor visible effects. The attacker can execute the code and remove any signs that the device has been compromised, before victims are even aware that their device has been compromised.

A cybercriminal’s and dictator’s dream

Cybercriminals can take advantage of the vulnerability to collectively spy on millions of people – and even execute further malicious code. Repressive governments could abuse the bug to spy on their own people and enemies. The vulnerability, however, could also be used for non-political spying. Hackers can easily spy on people they know, like their spouse or neighbour – all they need to know is their victim’s phone number. Hackers can also steal personal information and use it to blackmail millions of people, or use the data for identity theft. The possible consequences of this vulnerability need to be taken seriously.

Fixes are urgently needed

Now comprehensive fixes need to be provided by the phone’s manufacturers in an over-the-air (OTA) firmware update for Android versions 2.2 and up. Unfortunately, updates for Android devices have historically taken a long time to reach users. Hopefully, manufacturers will respond quicker in this case. On a positive note, Google has already responded. HTC told Time “Google informed HTC of the issue and provided the necessary patches, which HTC began rolling into projects in early July. All projects going forward contain the required fix.”

In the meantime, what can you do to protect yourself?

We recommend users disable “auto retrieve MMS” within their default messaging app’s settings, as a precautionary measure for the moment. We have put together step-by-step instructions on how you can disable auto retrieve for MMS in various Android messaging apps:

Messages App:

Step 1: Open the Messages app and click on the three dots in the upper right hand corner Messages app Step 2: Click on “Settings” in the dropdown menu Messages Settings Step 3: Click on “Multimedia messages” Messages settings Step 4: Uncheck “Auto retrieve” Messages settings Your Messages “Multimedia messages” settings should now look like this:

Messages settings Google Hangout

Step 1: Open the Google Hangout app and click on the three lines in the upper left corner Google Hangout settings Step 2: Click on “Settings” Google Hangout SettingsStep 3: Click on “SMS” Google Hangout settings Step 4: Scroll down to “Advanced” and uncheck “Auto retrieve MMS” Google Hangout settings Your Google Hangout “SMS” settings should now look like this: Google Hangout settings

Messenger App:

Step 1: Open the Messenger app and click on the three dots in the upper right hand corner Messenger 1 Step 2: Click on “Settings” in the dropdown menu Messenger 2 Step 3: Click on “Advanced” Messenger app settings Step 4: Uncheck “Auto retrieve” Messenger app settings Your Messenger “Advanced Settings” should now look like this: Messenger app settings

Messenger:

Step 1: Open the Messaging app and click on the three dots in the lower right hand corner Messaging app settings Step 2: Click on “Settings” Messaging app settings Step 3: Scroll down to “Multimedia (MMS) messages” and uncheck “Auto retrieve MMS” Messaging app settings Your Messaging “Settings” should now look like this: Messaging app settings

WhatsApp

Step 1: Open WhatsApp and click on the three dots in the upper right hand corner WhatsApp settingsStep 2: Click on “Settings” Whatsapp settingsStep 3: Click on “Chat Settings” Whatapp settings Step 4: Click “Media auto-download” Whatsapp settings   Step 5: Click “When using mobile data” and/or “When connected on Wi-Fi” Whatsapp settings Step 6: The “When connected on Wi-Fi” settings are automatically set to download videos, so it is important to uncheck the checkmark Whatsapp settings Step 7: The “When connected on mobile data” settings are NOT automatically set to download videos, but in case you did enable it, you should disable it Whatsapp settings Your WhatsApp “Media auto-download” should now look like this: Whatsapp settings