Now part of the multinational company Gen Digital, Avast has reputation for making effective security solutions to combat viruses and other threats. But how safe and reliable are they? In this post we examine why some users are suspicious of Avast, and whether you can still trust this developer\u2019s products.<\/p>\n
Avast solutions are popular with millions of users worldwide. Independent experts rate them highly too: in the SE Labs test for Q2 2022<\/a>, for instance, Avast software detected 98% of threats \u2014 only slightly worse than both Kaspersky and McAfee, which shared the top spot (100% of threats). That said, over the years Avast has had its fair share of unpleasant incidents, which make many users and experts question how safe their products really are<\/strong>.<\/p>\n Avast has let its users down many a time. In 2017, more than two million<\/strong> people downloaded<\/a> a malware-infected version of CCleaner \u2014 one of the company\u2019s solutions.<\/p>\n Even more unfortunate for Avast was 2019. That year, the company reported<\/a> that its internal network had been compromised by intruders, whose goal was most likely gaining access to that selfsame CCleaner. But the company\u2019s problems in 2019 didn\u2019t end there. A short while later, independent experts revealed<\/a> that Avast browser extensions collect users\u2019 data without their knowledge\u00a0\u2014 far more than is necessary for protection.<\/p>\n And in the beginning of 2020 it was reported<\/a> that Avast was sharing users\u2019 data with its subsidiary, Jumpshot, which then sold it to large corporations.<\/p>\n To work effectively, antivirus software needs full access to the given device and its operating system (otherwise it cannot detect and neutralize viruses and other threats). It also has to be in constant contact with the servers to keep the databases up to date. Thus, when choosing an antivirus, it\u2019s important to pay attention to its reputation.<\/p>\n Once installed, Avast has access to huge amounts of user data. And while to date there\u2019s no evidence of unscrupulous behavior on the company\u2019s part or insecurity of its products, more than a few incidents over the years may make users wonder if Avast solutions can be trusted.<\/p>\n In July 2017, Avast bought<\/a> the British company Piriform, developer of the above-mentioned CCleaner \u2014 a popular PC optimization and maintenance solution with a total of two billion downloads (as of 2016).<\/p>\n Shortly afterward, on August 15 and 24, new versions of the product were released: CCleaner 5.33.6162 and CCleaner Cloud 1.7.0.3191. And as early as September, Cisco Talos<\/a> and Morphisec<\/a> experts found malicious code in the installers of this software. The infected solutions were signed with valid digital certificates and hosted directly on the official CCleaner server.<\/p>\n Further investigation<\/a> showed the attack to be sophisticated, and consisting of at least three stages. In stage one, the infected CCleaner was downloaded by more than two million users. Next, a script running on the command-and-control server selected devices with domain names that suggested their owners work for large IT companies. This way, in stage two, 40 computers were selected<\/a>. From these 40 devices, the cybercriminals (probably manually this time) picked out the four targets of most interest to them.<\/p>\n Stage three: on these four devices they then installed a modified version of ShadowPad<\/a>. This malware covertly gave the attackers remote control over their victims\u2019 devices. Experts later suggested<\/a> that the Chinese group Axiom (aka APT17) was behind the attack.<\/p>\n What\u2019s important to mention is that the first traces of cybercriminal activity on Piriform\u2019s servers date back to April 2017, three months before it was acquired<\/a> by Avast. After the attack was detected, Avast promptly released an update<\/a> for the utility, revoked the malicious version\u2019s certificate, and contacted<\/a> everyone affected by stage two of the attack.<\/p>\n In May 2019, unknown criminals infiltrated<\/a> Avast\u2019s internal network using a temporary VPN profile that didn\u2019t have two-factor authentication. Four months later, Avast\u2019s experts detected suspicious activity<\/a> in the corporate network and sounded the alarm.<\/p>\n The company immediately contacted law enforcement and launched an investigation. It was revealed that the cybercriminals had tried to connect to the company\u2019s network through a VPN using the (presumably stolen) credentials of different users. The compromised account that eventually delivered access to the network lacked domain administrator privileges, but the intruders were able to elevate their rights to that level.<\/p>\n On the back of the investigation, Avast pointed the finger at CCleaner as the likely target \u2014 as it had been two years earlier. And it turned out that the repeat attack had been made possible by the temporary VPN profile having been \u201cleft active by mistake\u201d.<\/p>\n Avast suspended the release of CCleaner updates after detection of the attack. A little less than a month later, the company released a \u201cclean\u201d update of the solution signed with a new certificate, and revoked the certificate used for signing previous versions. Avast claims that no harm was caused to users as a result of the incident.<\/p>\n Unfortunately, Avast has suffered some unpleasant incidents in relation not only to security, but also to user data privacy. In 2019, cybersecurity expert Vladimir Palant argued<\/a> that Avast Online Security, Avast SafePrice, as well as AVG Online Security and AVG SafePrice extensions (made by another Czech antivirus developer<\/a> bought by Avast several years earlier) collect and forward to the company\u2019s servers volumes of data about users\u2019 online activity that were clearly way over and above what is needed.<\/p>\n The information collected by the company was sufficient to determine which sites users visited and what they searched for online. Palant also reported that this data could be used to establish how much time users spent viewing a site, what they clicked on, and when they switched to another browser window.<\/p>\n Palant\u2019s revelation provoked much public outcry, leading to Avast extensions being removed<\/a> from the Chrome, Opera, and Firefox official stores as a result. However, after the company started warning users about its data harvesting, and significantly reduced the amount of information it collected, Avast extensions were allowed<\/a> back into the stores.<\/p>\n In early 2020, Avast found itself at the heart of another scandal related to user data privacy. This time, a joint investigation<\/a> by PCMag<\/em> and Motherboard<\/em> based on documents leaked online accused Avast of harvesting users\u2019 browser history and selling it on to large corporations through its subsidiary Jumpshot.<\/p>\n The \u201cuser dossiers\u201d seen by PC Mag<\/em> and Motherboard<\/em> included:<\/p>\n Also the date and time of users\u2019 visits to sites like YouPorn and PornHub could be determined using the collected data, and in some cases even search-keywords and videos watched.<\/p>\n PC Mag<\/em> noted<\/a> that the collected data contained neither names, e-mails, nor IP addresses. However, each user was assigned an ID, which was retained until Avast was removed from their device. Armed with this ID and the data sold by Jumpshot, large corporations like Amazon could easily de-anonymize users.<\/p>\n The scandal wiped 9% off Avast\u2019s share price<\/a>. To its credit, the company accepted it was in the wrong<\/a> and announced the closure of Jumpshot.<\/p>\n Avast Premium Antivirus is a cybersecurity<\/a> solution developed by Avast, which is headquartered in Prague, the Czech Republic. As the name would suggest, Avast Premium Antivirus offers users , as well as all-round security. Avast Premium Antivirus is designed to remove malware<\/a>, defend against ransomware<\/a>, and block hacking attempts<\/a> on Windows, Mac, Android, and iOS devices.<\/p>\n Avast was founded in 1988 in Czechoslovakia by Pavel Baudi\u0161 and Eduard Ku\u010dera. Over its 30-year-plus history, it has grown into one of the largest players in the antivirus market. Avast solutions regularly receive<\/a> awards from independent industry expert companies.<\/p>\n Avast at a glance:<\/strong><\/p>\nAvast security issues<\/h2>\n
Malicious code in CCleaner<\/h3>\n
Attack through a neglected VPN<\/h3>\n
Overly curious extensions<\/h3>\n
Sale of user data<\/h3>\n
\n
What is Avast Premium Antivirus?<\/h2>\n
About Avast<\/h3>\n