Users who purchased an antivirus to bolster their security are practically being delivered a live backdoor, no matter if they wanted it or not. This entire situation is extremely funny and tragic at the same time. If you have SafeZone installed on your PC, you're doomed, since the malicious link can be opened in other browsers and work regardless. "This allows an attacker to read cookies, email, interact with online banking and so on." "Additionally, you can send arbitrary *authenticated* HTTP requests, and read the responses," Mr. Avast purposely disabled a Chromium security feature Ormandy noted, saying that bookmarks, preferences, passwords and cookies are automatically added to SafeZone without the user's consent. "Although this attack relies on Avastium (Avast's port of Chromium), the victim does *not* have to be using it, and never has to have used it, because your profile is automatically imported from Chrome on startup," Mr.
#AVAST SAFEZONE CODE#
These commands could be bundled inside malicious JavaScript code that was executed locally on the user's computer, where localhost access would allow it to reach these open RPC endpoints, even if SafeZone was not actually running, and the malicious links were clicked inside another browser.Īn attacker wouldn't even need an info-stealing malware strain if they knew their target had Avast's SafeZone installed, a browser that was dumping everything out in the open. Users don't have to use the browser, only have it installedĪccording to the researcher's explanation, attackers could send malicious commands to an RPC endpoint that was left open in the browser's core engine.
#AVAST SAFEZONE SERIES#
Ormandy explains, this poor excuse of a browser was allowing a third-party to carry out a series of attacks, all by fooling a user into clicking a link, which is not really that hard if you hide it under a short URL. Just like Chromodo, SafeZone is built on top of Chromium, the open source browser project on which Google Chrome, Vivaldi, and Opera are based as well.Īs Mr.
#AVAST SAFEZONE UPGRADE#
Antivirus makers should stick to antivirus softwareĬalled SafeZone and also known as Avastium, Avast's custom browser is offered as a bundled download for all those who purchase or upgrade to a paid version of Avast Antivirus 2016. While Chromodo was caught disabling a crucial security feature called Same Origin Policy (SOP), Avast's Chromium fork is much worse, bringing a series of problems, one of which allows attackers to list and read files from your computer after you click a simple malicious link. Unfortunately, in the autumn of 2017, the developers announced that they would stop further development of the project and start creating a new secure browser.Just two days after Comodo's Chromodo browser was publicly shamed by Google Project Zero security researcher Tavis Ormandy, it's now Avast's turn to be scorned for failing to provide a "secure" browser for its users. Virtual isolated environment provides protection from keyloggers, Trojans and utilities that create impressions of RAM.Īvast SafeZone uses Gecko as the web page output engine, so users accustomed to Mozilla Firefox will not find much difference in the browser interface. If necessary, you can run it manually on any website by clicking the corresponding icon to the right of the address bar. Virtual environment is automatically launched when visiting the pages of major banks and a number of other websites approved by Awast. For example, passwords to banking operations, personal cabinet data, etc. This mode is designed to provide security in cases where critical data is transmitted over the network and should not fall into the hands of intruders. The second mode is the use of a virtual isolated environment. If required, you can enable Flash support with one click. It is also worth noting that Flash is disabled by default, instead the browser has the ability to download video in accessible quality from most video services.
#AVAST SAFEZONE INSTALL#
In addition, the browser has built-in protection against any changes that are not approved by the user: no virus can independently change the home page or install a dangerous extension. The program has two levels of protection: the first level is always active and protects the user from potentially dangerous sites with low reputation (ratings are based on data from the Avast Internet Security firewall), phishing pages and malicious Java and other scripts, as well as it blocks unwanted advertising. Its main purpose is to provide the user with a safe stay on the Internet, as well as to prevent personal information from falling into the wrong hands. Avast SafeZone is a secure browser from a well-known antivirus manufacturer.
0 kommentar(er)
