Avira, time2win and eSports … it’s time to win!

Tags :- Avira Tech Support | Avira Support NumberAvira Refund.

For those of you who don’t know what eSports is, let me explain. eSports is short for ‘electronic sports’ and is a term for competitive video gaming. It’s exactly what you probably think it is by now: Two gamers sitting in front of their PCs, playing games against each other. So far, so good. But eSports is more: It’s professional gamers sitting in front of their PCs, playing live before an audience of several thousand spectators, competing for a huge prize pool. eSport players are becoming almost as famous as the ‘real’ sport stars with fans screaming their names and them giving autographs. The latest huge tournament, the League of Legends World Championship finale in Berlin, Germany, sold out their 17,000 tickets in just 90 seconds. You find this unbelievable? Then take a look at this video.

As of now, this fame and fortune is only reserved for the best – and that’s where our new partner, time2win comes in. “We strive to elevate eSports onto a new level”, says Björn Rüssel, COO of time2win in the press release. “Competitive eSports including prize money should be accessible to everybody. Everybody deserves a realistic chance to win prizes!”

Besides time2win-tournaments, with prizemoney set by time2win and its partners, other modes like challenges and buy-in-tournaments will be usable on the platform as well. “We know, that players don’t just want to participate in our own tournaments, but also try and test the other features we offer. The starting capital for our money features can be won in our time2win tournaments”, comments COO Björn Rüssel.

By the way, the best time to join the fun is now, with the stress test starting on November 9th. In this open test phase of the platform, 41,000 euros will be distributed as prize money and gaming equipment worth over 10,000 euros will be raffled off.

With all the fun you’re having, you shouldn’t forget the most important thing: Make sure that your PC stays secure – and that’s what we from Avira are here for.

Source : blog.avira.com

Avira Tech Support : Blog

Dissecting MKero, the premium SMS service subscriber trojan found on Google Play

Avira-Av-Test

Tags :- Avira Tech Support | Avira Support NumberAvira Refund.

In this malware-everywhere context, the best way to stay safe is to install software only from trusted locations, like Google Play. Starting with 2011, Google managed to reduce the amount of malicious applications in its store by using an in-house automated antivirus system, called Google Bouncer.
However, since nowadays everything is continuously evolving and adapting, nothing is bulletproof and the bad guys found various ways (e.g. delayed backdoor trojan, dendroid malware) to trick the automated checker and upload malicious apps in the official store.

This is also the case for today’s case study – a trojan from the MKero family which was recently discovered in Google Play masked as normal gaming applications:
com.likegaming.gtascs (md5 14cdf116704af262174eb0678fd1b368), com.likegaming.rcdtwo (md5 39b84a45e82d547dc967d282d7a7cd1e), com.likegaming.ror (md5 69820ddcab4fe0c6ff6a77865abf30b9), com.likegaming.rprs (md5 8c496957d787861c0b11789a227a32c7), com.likestudio.offroadsimulatoreone (md5 c7478eff0c2eca8bcb5d0611bfec54d6).

This type of malware was discovered in 2014, but for the first time is now found in the official Google Store – which means that its developer(s) added special code to bypass Bouncer. Once installed on the device, the trojan’s logic is very simple: it secretly subscribes the victim to premium SMS services for which the user will be charged monthly with a minimum of $0.5 per message. In addition to bypassing Bouncer, the main peculiarity of this malware is its ability to automatically “resolve” the CAPTCHA image required in the subscription process, by sending it to an online image-to-text real-time service. Furthermore, this trojan is completely silent during the installation and, more importantly, during the infection time by hiding any incoming SMS sent by the premium subscription services.

How exactly is it doing its “thing”?

We know what this trojan does and how it passes the most complicated task (CAPTCHA decoding), so it will definitely be worth to dig further in its internals to find out how it works exactly.

For our analysis, we’ll use the com.likegaming.gtascs (md5 14cdf116704af262174eb0678fd1b368) apk from the above mentioned list of infected packages.

Let’s start by checking the internal APK structure – this can be done by extracting it (or just by listing the files) with any zip tool (e.g. unzip, 7-zip, winzip):
$ tree -L 2
├── AndroidManifest.xml
├── assets
│   └── bin
├── classes.dex
├── lib
│   ├── armeabi-v7a
│   └── x86
├── META-INF
│   ├── CERT.RSA
│   ├── CERT.SF
│   └── MANIFEST.MF
├── res
│   ├──[skipped res folders]
└── resources.arsc

Nothing special so far, all the usual files (manifest, classes, resources) and folders (res, lib, assets) are there and they seem to contain usual APK data.

Since the AndroidManifest.xml file is the entry point of any apk, we’ll continue the analysis here. In order to convert the binary XML into the human readable format, we need android-apktool which will also do some extra decoding required later:
$ apktool if com.likegaming.gtascs.apk
I: Framework installed to: $HOME/apktool/framework/127.apk
$ apktool d com.likegaming.gtascs.apk
I: Using Apktool 2.0.1 on com.likegaming.gtascs.apk
I: Loading resource table...
I: Decoding AndroidManifest.xml with resources...
I: Loading resource table from file: $HOME/apktool/framework/1.apk
I: Regular manifest package...
I: Decoding file-resources...
I: Decoding values */* XMLs...
I: Baksmaling classes.dex...
I: Copying assets and libs...
I: Copying unknown files...
I: Copying original files...

From the decoded XML file, one can usually check various tags/elements like: package name (com.likegaming.gtascs, in our case), needed permissions, activities, services, receivers.
When taking a look at the permissions, some of them seem very suspicious (check the highlighted lines) for an application which is supposed to be a normal gaming app:

permissions

Thus, the required permissions are the first suspicious thing about this app and, if the user is properly cross-checking them with regard to app’s scope/description, the installation should be aborted at this point. But, we all know that this wont happen too often and, usually, the required permissions will be simply ignored and accepted by the regular user.

Next, let’s check the main activity declaration – nothing special from the name, so we’ll have to dig in its code later on:

main-activity

There are also various other activities in the manifest, but we’ll first focus on the declared services which, by definition, are background tasks that are run even when the user is not interacting with the application. There’s not much information though, just some suspect names for the services starting with Mk:

services

Things are getting more interesting for the receivers part – there are 2 of them having a priority of 1000 in the intent-filter element:

receivers

From the information extracted from the manifest file we’ve found the following: suspect permissions, the name of the main activity, the services which can be started by the app and 2 high-priority receivers (one for the SMS_RECEIVED intent and the other one for the BOOT_COMPLETED intent).

It’s now time to start looking into the code after every important activity/service/receiver found above. For this, the file classes.dex, which is in Dalvik VM format, must be decompiled into a human-readable format; we already decompiled it to smali/baksmali with the manifest file conversion, but it’s also possible to convert the dex to jar and then open the jar file with a java decompiler, like jd-gui, in order to view the java code.

Analyzing the main activity, com.unity3d.player.UnityPlayerActivity, appears to be a dead-end because it’s basically calling code from the legit game engine framework, com.unity3d. Therefore, nothing malicious is happening when the user is actually opening and playing the game. That being said, it means that the malicious code is activated by other means, like broadcast receivers. So let’s continue by checking the code of the 2 high-priority broadcast receivers found in the manifest – com.mk.lib.receivers.MkStart and com.mk.lib.receivers.MkSms.

The first receiver, com.mk.lib.receivers.MkStart, which is called whenever the phone is (re)started, is creating an intent which repeatedly starts (using 1h delay) a new service, com.mk.lib.MkProcess:

MkStart

Looking at the onStartCommand method of com.mk.lib.MkProcess service, it appears that this one is starting a new background thread that executes the com.mk.lib.MkProcess$Commands.doInBackgroundmethod which is doing the whole magic (communicates with the C&C servers to get the URL(s) of the SMS premium servers and then starts the registration process):

doInBackground

Now let’s try to find the C&C domains which seem to be returned by the com.mk.lib.heplers.Functions$getDomains (notice the spelling error – heplers instead of helpers) method. Unfortunately, my version of jd-gui tool is unable to decompile the com.mk.lib.heplers.Functions file (probably because of the obfuscation), thus we’ll look into the smali code instead – smali/com/mk/lib/heplers/Functions.smali file. From its smali, the method is calling another private method, com.mk.lib.heplers.Functions$appDomains, which seem to directly return the name of the used domains:

appDomains

Unfortunately, as it is the case with the whole application, the strings are heavily obfuscated (see highlighted areas), so they do not make much sense in this form. Luckily, the domains seem to be in-place decoded with the com.mk.lib.heplers.Data.Http.V method. Looking at the decoding method, one can see that it’s doing a lot of heavy stuff (multiple loops with various bitwise operators) and can’t be easily reversed, so we need another way to obtain the original strings.

Since the method is implemented in the decompiled jar, we can create a simple java program which simply calls the decoding method with the obfuscated string as input. While trying to do so, you’ll get a java compilation error because the decode function is defined as static and is not accessible from the exterior of the package. Fortunately, this can be bypassed using java reflexion – I have implemented a simple java program which loads the method, makes it accessible, then calls it with the provided input and, in the end, prints the result on standard output:

MethodCaller

Finally, running the above java program with our strings, we get the following results:
$ java -cp .:classes-dex2jar.jar MethodCaller 'com.mk.lib.heplers.Data$Http' V "obfuscated_string_1" "obfuscated_string_2"

nosepudymy.biz,areripydok.com,vozicokeboh.biz,hekisanosih.com,yfaqoqysusyfyfa.biz,dewekasadito.biz,zerawyhifuwude.biz,eluheqizomado.biz,ufadaqim.biz,imuwobulok.biz,horodityrowoboni.biz,uqikoxomyturo.biz,wyfokypynogipu.biz,sabumorazuh.biz,ofudylopixen.biz,episykuj.com,rodujuhocafy.biz

ivosupawy.biz,cesobagixisyn.biz,menizyxoxa.biz,ruqijireji.biz,ecymotolimybocos.biz,ozozoqimykoric.biz,fyvefiwo.biz,zehenivi.biz,lytevabasic.biz,ynegymeriw.biz,jytuvyducemek.biz,isucuzyzososare.biz

Thus, the malware tries to communicate with the first responsive C&C server from the above lists and, once it gets a response, it will start the SMS subscription process.

Another interesting service is com.mk.lib.MkPages which handles the CAPTCHA: after extracting the image from the subscription page, it’s sending it to http://antigate.com and then is waiting maximum 2.5 minutes to receive the text. Check the following highlighted text from the com.mk.lib.MkPages$doInBackground method, after deobfuscating the strings:

antigate.com

Let’s move now to the 2nd receiver, com.mk.lib.receivers.MkSms, which will be called before any other broadcast-receiver (due to its high-priority, 1000) whenever the device is receiving a SMS message. After decoding the strings from its onReceive method, one can see that this service is responsible with the SMS code and activation link extraction needed in the subscription process and, also, with blocking of further SMS messages coming from the subscription server:

MkSms

This is pretty much all about the internals of this trojan and, coming back to the Bouncer bypassing, we can see now that the malware passed undetected due to the delayed infection (i.e. is waiting 1h in order to start the subscription process).

In conclusion, no matter how smart the (automated) application checkers are, the bad guys will always find new and sophisticated methods to infiltrate malicious code even in official stores. In this circumstances, Avira is helping you to fight against potential malware – so don’t wait to be infected and install our free Android product today.

Source : blog.avira.com

Avira Tech Support : Blog

LNK Files – Shortcuts to Faster Infections

lnk_shortcuts_system_drive

Tags :- Avira Tech Support | Avira Support NumberAvira Refund.

These shortcut files are actually called Shell link files. Microsoft filename extension: “.LNK”

Let’s dig a little deeper and check the typical properties of an example LNK file. Just right click on the shortcut and then select “Properties. There are now several options which can be changed. In this case we will focus on the “Target” field which contains the path to the application or folder.

“C:\Program Files (x86)\Avira\Avira Antivirus\avcenter.exe”

Looks easy, right? When you click on the shortcut it performs the command specified here. In this case our trusted Avira Antivirus is being launched. This is actually what you can expect and want when clicking on a shortcut.

Unfortunately these shortcut files also have drawbacks since you don’t know exactly what hides behind them without explicitly looking. At Avira we are currently seeing a trend that more and more malware threats are using this kind of propagation method. You can follow this and more trends by visiting our Avira Threats Landscape.

Malware authors are starting to use this method because nowadays most novice users might know that clicking on a suspicious executable file might be dangerous for their systems. But clicking on a shortcut is normally not associated with bad behavior.

I like to show you how malware is actually misusing the usually helpful LNK files by giving an example of an actual in-the-wild malware detection named: VBS/LNK.Jenxsus.Gen

This variant uses LNK files to spread an infection via removable drives. The trick is very simple since it actually creates shortcuts to your files and folders stored on the USB stick and then hides the originals from you.

Let’s see what a folder structure looks like once the USB drive is infected.

Folder View of an infected USB drive:

Folder View of an infected USB drive

Nothing unusual here at first glance, right? Except maybe that the icons have all a small arrow in the bottom left corner which indicates that they are actual shortcut files. But you can still access all your files and folders when clicking on them.

We will now take a closer look at what actually is hidden behind the shortcut files by telling the Windows Explorer that we want to see all “Hidden system files”

Directory view with “Hidden System files” shown.

Directory view with “Hidden System files” shown.

When we focus on the “avira-logo” you can see there are actually two files there. One is the LNK file and the highlighted one is the actual “hidden” jpg image file.

This means when you click on a trusted file on the USB drive you are actually clicking on the shortcut which will execute the following command stored inside the LNK target instead of just opening the image.

C:\WINDOWS\system32\cmd.exe /c start dlbfbiicvg.vbs&start avira-logo.jpg&exit

Target path of an infected LNK file.

What this command does is silently execute the malicious “dlbfbiicvg.vbs” via cmd.exe and then use the “start avira-logo.jpg” to open the file you clicked on to avoid any suspicion.

Additionally the malware also adds Run-Key entries to the Registry to infect other USB drives if they are plugged into the system.  This makes also sure that the malware gets executed with each system boot.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] dlbfbiicvg”=”wscript.exe //B \”C:\\DOCUME~1\\USERNAME\\LOCALS~1\\Temp\\dlbfbiicvg.vbs\””

Example of a malicious Run-Key added by the malware.

The filename and the Registry value of the Run-Key are always randomly generated by the malware on an infected system.

At last the malware can also deploy a backdoor on your computer to send out information about the operating system, sites you visited and so on.

USB drives are still popular because there are very convenient way to transfer large files from one location to another especially if you have limited internet bandwidth available.

So if you want to share some data with a family member or friend, be very careful when you plug-in your USB drive into an unprotected computer. Your USB drive might get infected or vice versa you could spread the infection from your USB drive to his computer.

Of course nobody has the time to check every shortcut this closely before clicking on it.

One easy solution is to use our Avira product which automatically scans for malicious content and will protect you from this kind of malware threat.

Source : blog.avira.com

Avira Tech Support : Blog

Sharing and the fine art of stopping malware

stop_malware_using_avira

Tags :- Avira Tech Support | Avira Support NumberAvira Refund.

There are an array of technical and business issues that have to be solved: What format do the files need to be in? Who pays for the bandwidth? And the list goes on and on.

Regardless of these technical issues, there are a number of advantages to sharing – particularly for the average computer user. This user – let’s call him Joe Six-Pack – gets much faster and deeper information about any potential threats than if he kept news of his malware misadventures all to himself.

Just from the perspective of Avira, cooperation has its organizational costs – but brings clear benefits down the road.

Avira was one of a “Gang of Five” security companies that set up MUTE, the Malware URL Tracking and Exchange back in 2008.

Avira web developers were volunteered by the company and shared their expertise to set up the backend infrastructure for the group’s members to combine and share their collections of malicious web addresses. The initial outline of Avira’s system specs could be placed on four PDF slides. Today, the system is far more complex and requires a whopping 44 slides to describe its operations. And that is not all of the sharing. Avira also founded VIREX, a web-based application for helping security analysts organize their bits and pieces of malicious code, clean samples, and URLs. Yes, Avira is proud of its sharing efforts.

But you could still ask, what does Avira get out of its investment in sharing — addition to fresher bits of malware? I can think of two primary benefits.

1. Greater back-office expertise in coordinating data flows.
2. Experience in collaborative working outside of the company environment.

Put these two advantages together and there is a third one:

3. Avira expertise that can fit under the banner of other companies as an OEM product.

That is exactly what we have done with the recently announced Lavasoft deal. We’ve licensed our new  Avira URL Cloud (MURL) and program classification service (AUC) to Lavasoft and they’ll  use this to beef up the security levels in their Ad-Aware Web Companion.

Sharing is a good thing – whether in a real or a virtual sandbox.  It makes life a better, richer, and yes, more secure experience.

Source : blog.avira.com

Avira Tech Support : Blog

Infected Apps in AppStore: How safe is your iOS device?

avira-free-antivirus-for-mac-main-window

Tags :- Avira Tech Support | Avira Support NumberAvira Refund.

Recent discoveries which were made by security researchers from PaloAlto Networks and Fox-IT brought to light an important number of malicious applications available in AppStore.

In the last couple of months, Apple has repeatedly stated that its mobile OS is one of the safest (if it’s not even impenetrable) and that due to their rigorous approval process, no malicious app can be found on the App Store …. They couldn’t be more wrong.

Even if the applications which were discovered as being malicious were not necessarily containing viruses, they behaved either as spyware (by stealing passwords, capturing some sensitive device information etc.) or on a more serious note as ransomware as they could have received commands from attackers to inject the victim’s device clipboard with data, open specific URL’s or prompt fake alerts on the user’s screen.

Again, it looks like security on iOS devices is not perfect and even if malware in a traditional sense is not present there, the users of iDevices are vulnerable to having their private data stolen … This is the next area where security companies like Avira are striving to protect the users and protect their privacy at all costs.

Available for all iOS users,  Avira Mobile Security notifies you whether your email (and your contacts’ email addresses) have been breached and if your credentials were stolen (on various sites where the customer’s registered with them). Downloading it looks like a pretty great first step for those who want to start taking their iDevice security more seriously.

Source : blog.avira.com

Avira Tech Support : Blog

Mac AV ready for OS X 10.11 alias El Capitan

Mac_Av_ElCapitan

Tags :- Avira Tech Support | Avira Support NumberAvira Refund.

 Codename: Made in California

Named after a vertical rock formation in Yosemite National Park, the latest version of operating system suggests that there are no major changes compared to the previous version of OS owing to the close geographical proximity of their names.

This is probably true, as long as you’re talking about the small changes to the design or the improvements to window management and the integrated apps. Lift the hood though, and you’ll see Apple has prepared an OS upgrade that is designed to offer stability and security with performance enhancements and Rootless mode, which protects system-critical files from being written to even by the root user.

Apple shows openness regarding update policy

Apple changed its update strategy right from OS X Mavericks and now issues its new OS X versions free each year. Ever since OS X Yosemite, the OS Developer Preview which accompanies Apple’s annual keynote has also been followed by a public beta which gives every  interested user access to the latest OS X version. This increases pressure on developers as nobody wants to deal with the shame of having a substandard program that attracts bad press.

At Avira, we not only follow the keynote on our screens with a huge amount of excitement – we also test the Developer Preview the very next day with our Mac AV product to give recommendations to the tech-savvy users of our products as soon as possible. Testing Developer Previews in good time is just as essential as resolving any issues. Precisely this needed to be done the last time OS X Yosemite was updated.

With this update, Apple made it mandatory to sign kernel extensions. The kernel extension of Mac AV was affected. This makes real-time protection possible, and it just refused to work. You’d think it’d be as easy as signing the kernel extension and sending it off to the customer, wouldn’t you? Well, it didn’t turn out to be as straightforward as that.

The development cycle

This is because quite a bit of time passes from the moment a developer starts to update the source code until an update is released to the customer. First, development takes place in a two-week rhythm. This results in an improved product that can pass the test-automation process – during which the product is really put through its paces. Following that, it is presented internally at Avira and handed over to the Avira Beta Center the very same day.

The Beta Center is a curious place where volunteers try out Avira’s latest products and provide qualitative feedback to support our developers in improving our product. If you’re interested in contributing toward improving Mac AV, please sign up – we’ll take all your feedback on board.

Following the two-week beta phase, we usually let the product rest for a further week before releasing it to the end customer at the end of the three-week development period. That’s the theory anyway. As we’re also still in a development phase, this period may extend to five weeks.

Talking about the current example of the public beta of OS X El Capitan, things are getting a bit tight. As the initial Developer Preview released on June 8 was followed four weeks later by the public beta, and as our Mac AV product entered beta testing on July 15, this meant a week had already passed since the public beta of El Capitan appeared until we were able to provide a copy of Mac AV to our tech-savvy users with a clear conscience that it also ran on Apple’s beta version. For everyone else, this version will be issued three weeks later on August 4.

Mac AV OS X 10.11

Ready for fall release

We are well prepared to deal with any eventuality in advance of this fall’s wide-scale roll out of OS X El Capitan . If you want to take part in Apple’s public beta or are interested in product development, we recommend joining the Beta Center to ensure maximum compatibility with Apple’s beta versions.

Source : blog.avira.com

Avira Tech Support : Blog

How safe are the apps on your Android ?

andriod-avira -security

Tags :- Avira Tech Support | Avira Support NumberAvira Refund.

Privacy Advisor

As the name suggests it, the newest feature offered by Avira Antivirus Security for Android allows registered users to increase the level of privacy on their smartphones and tablets by avoiding and potentially uninstalling high risk apps.

The apPrivacy advisor - android appsps that are most likely to be included in this category ask for very sensitive and personal data related permissions during the installation process.

In worst cases, malicious apps can take advantage of SMS permissions to send premium messages and register users for unwanted services, sometimes leading to financial losses.

Even if there are applications that may have an important impact on the users’ privacy, some of them have a high number of permissions related to personal data because their purpose of being demands them. These applications may either be trusted by Avira itself (e.g. Community Trusted applications) due to the developer’s reputation and/or high number of downloads or can be trusted by the user himself if he knows for a fact that the app is not a security risk.

Coming soon… on Android Optimizer

Three months after releasing its Android Optimizer app, we already helped almost 500.000 users optimize the overall speed and performance of their mobile devices. Following users’ feedback, the app has already been localized to three more languages (French, Italian and Portuguese), making it easier to use.

In order to make the app even better, our mobile development team will soon release a version that supports an always-on widget, enabling users to instantly optimize their devices, at the tap of the screen.

12 million downloads and numerous awards

Avira’s efforts of enhancing mobile security are paying off, as Avira Antivirus Security for Android excels in all Independent Labs Test results. Only last month, AV-Test nominated Avira as “The best antivirus software for Android”, with 100% detection rates and a total score of 6/6 on Protection and Usability. PCSL also awarded 5 Stars for Avira in the April edition of its Android Malware Detection Test.

More than that, 12 million users have already downloaded Avira Antivirus Security for Android, making this the best reward for the Product team.

“Avira users should feel safe and protected on every device they use to connect to the Internet. My team has the important mission of securing their mobile devices and preventing all types of attacks from happening. As private data becomes an easier target on smartphones and tablets, protecting the users’ privacy is a top priority for us. We strongly believe that a feature like “Privacy Advisor” will make it easier for people to know which app is interested in their personal information and gives them the power to decide if they agree to share it or not” said Corneliu Balaban, Mobile Development Manager at Avira.

The newest version of Avira Antivirus Security for Android (version 4.1.3643) was uploaded on the Google Play Store and can be downloaded for free.

Source : blog.avira.com

Avira Tech Support : Blog

Avira Threats Landscape: Visualizing threats for you

avira_threats_landscape

Tags :- Avira Tech Support | Avira Support NumberAvira Refund.

Every day, thousands of different malicious programs are trying to infect as many devices as possible. The goal is the same for all of them: Get your data and if possible your money as well.

We have always been the firsts to learn about the threats that loom over every owner of a PC, Mac, tablet, or smartphone, but us having all the insights is not enough. While studying threats, keeping an eye on where they appear, and adapting our programs accordingly makes sure we keep our users as safe as possible, it’s still complicated to explain to the rest of the world why being protected is that important.

Sure, one reads about the newest threats, but only other people are affected by them, right? Especially big companies or governmental institutions seem to be the targets, so why bother at all. And that is where people are wrong. While the media most often talks about high profile cases, everyone else is at risk just as well! Every day there are millions of threats which have only one goal, namely to infect your devices. Be it your smartphone, laptop, Mac or PC – each and every one of them is at risk. Just think about the latest iOS and OS X exploits or the different ways cyber criminals try to gain control over what’s on your computer.

In order to make our point we decided to share our insights with you in form of an interactive map. Our Avira Threats Landscape allows you to not only see which countries are the top targeted ones but also which threats are popping up the most and how many threats were detected in your country. Take a look at it, you won’t regret it. And when you see just how far reaching and widespread those threats are, make sure to warn your family and friends as well.  The most important thing though: Stay protected!

Source : blog.avira.com

Avira Tech Support : Blog

Ex-NSA Guy Points to Mac Security Flaws

nsa-mac-security-flaws

Tags :- Avira Tech Support | Avira Support NumberAvira Refund.

Whereas Apple develops its iOS with security a part of the process, with OS X development security seems to be more of an afterthought. ‘Bug bounty’ programs are one direction suggested for Apple, but until there is a change in the current approach, the vulnerabilities remain open to any would-be hackers.

At the recent RSA Conference in San Francisco, Wardle gave a presentation titled “Writing Bad@ss OS X Malware,” in which he challenges Apple’s OS X developers to change their way of thinking – especially considering that the majority of the malware getting into Macs (now measuring hundreds of thousands) is “amateur, even basic,” according to Wardle.

More advanced Mac attacks, such as the ‘Rootpipe’ backdoor, have been difficult for Apple to patch, and failed ‘fixes’ have been covered by thehackernews.com, computerworld.com, securityweek.com, forbes.com, and others in the first half of 2015.

AV-Test, a leading independent computer security testing firm, recently tested 10 different Mac OS X security software packages (you can read the full report here), writing that:

“The legend that Mac OS X is supposedly invincible is not borne out by the facts. In the aftermath of major attacks by Flashback, the police Trojan Browlock or Shellshock, the number of assaults on Mac OS X continues to increase.”

In AV-Test’s analysis, Avira Free Antivirus for Mac earned a 100% detection score against 160 new Mac-specific viruses and malware. If you’re taking chances with no security on your Mac, do yourself a favor and take care of it right now.

Source : blog.avira.com

Avira Tech Support : Blog

Avira In Free Security Package By Deutsche Telekom

avira-rescue-system

Tags :- Avira Tech Support | Avira Support NumberAvira Refund.

At Ce Bit in Hanover, T-Systems CEO Reinhard Clemens said: “Customers are often unsure when it comes to security software. Since the Snowden revelations, they are also anxious and asking for a ‘made in Germany’ protection solution. Deutsche Telekom wants to make it easy for as many people as possible to secure their smartphones and computers. That is why we are expanding our existing offering to include an easy-to-install package version from Germany.”

Our very own Avira Antivirus will take care of the security part of said package and protect your Windows PCs and Macs, smartphones and tablets with the iOS and Android operating systems, and servers and networks against malware, using an integrated real-time scanner. Thanks to its cloud-based scanning Avira Antivirus achieves unparalleled security and lightning fast performance. Of course it also reliably scans your downloads, folders, and hard disks.

“Avira Browser Safety” will be included in the package as well. The browser extension protects personal information when surfing the internet and blocks malicious websites as well as tracking by advertising networks, so that they can no longer track what a user is searching for or purchasing online.

Source : blog.avira.com

Avira Tech Support : Blog