In 2008, the company’s analysts forecast a rise in the number of global epidemics. Unfortunately, that forecast proved to be accurate: 2009 was dominated by sophisticated malicious programs with rootkit functionality, the Kido worm (also known as Conficker), web attacks and botnets, SMS fraud and attacks on social networks. So what can we expect from 2010?

According to the company’s experts, in the coming year we will see a shift in the types of attacks on users: from attacks via websites and applications towards attacks originating from file sharing networks. Already in 2009 a series of mass malware epidemics have been “supported” by malicious files that are spread via torrent portals. This method has been used to spread notorious threats such as TDSS and Virut as well as the first backdoor for Mac OS X. In 2010, we expect to see a significant increase in these types of incidents on P2P networks.

Cybercriminals will continue to compete for traffic. The modern cybercriminal world is making more and more of an effort to legalize itself and there are lots of ways to earn money online using the huge amount of traffic that can be generated by botnets. Today, it is mostly black-market services that compete to make use of botnet traffic. In the future, however, we foresee the emergence of more “grey” schemes in the botnet services market. So-called “partner programs” enable botnet owners to make a profit from activities such as sending spam, performing DoS attacks or distributing malware without committing an explicit crime.

The decline in gaming Trojans witnessed in 2009 is likely to be repeated for fake antivirus programs in 2010. The latter first made an appearance in 2007 and 2009 saw a peak in their activity and involvement in a number of major epidemics. The Kido worm, for example, installed a rogue antivirus program on infected computers. The fake antivirus market has now been saturated and the profits for cybercriminals have fallen. Moreover, this kind of activity is closely monitored by both IT security companies and law enforcement agencies. This makes it increasingly difficult to create and distribute fake antivirus programs.

“Malware will become much more sophisticated in 2010 and many antivirus programs will be slow to treat infected computers due to advanced file infection methods and rootkit technologies,” says Alex Gostev, Director of Kaspersky Lab’s Global Research & Analysis Team. “IT security companies will respond by developing even more complex protection tools. However, the malicious programs capable of bypassing these measures will remain more or less immune to antivirus programs for some time.”

When it comes to attacks on web services, Google Wave looks like it will be making all the headlines in 2010. Attacks on this new Google service will no doubt follow the usual pattern: first, the sending of spam, followed by phishing attacks, then the exploiting of vulnerabilities and the spreading of malware. The planned launch of the network-based Chrome OS is a noteworthy event, but the experts at Kaspersky Lab do not anticipate much interest in this platform from cybercriminals.

However, 2010 promises to be a difficult time for iPhone and Android. The first malicious programs for these mobile platforms appeared in 2009, which is a sure sign that they have aroused the interest of cybercriminals. The only iPhone users at risk are those with compromised devices, but the same is not true for Android users who are all vulnerable to attack. The increasing popularity of mobile phones running the Android OS in China combined with a lack of effective checks to ensure third-party software applications are secure will lead to a number of high profile malware outbreaks.

The detection of new vulnerabilities will remain the major cause of epidemics. These vulnerabilities will be detected in both software developed by third parties (such as Adobe, Apple, etc.) and in Windows 7, the new operating system that has just entered the market. If no serious vulnerabilities are detected, 2010 may well prove to be one of the quietest years for some time.

Related Posts

No related posts.

The author analyzes the components which make up the cybercrime business, how they interact with each other and with the outside world. The article describes the roles played by those who supply services to botnet owners, those who buy botnet services and the botnets themselves that link these activities. Botnets are at the center of the cybercriminal business, facilitating a continuous flow of money between cybercriminals.

“With the help of botnets cybercriminals can gain unauthorized access not to one or two machines but hundreds and thousands of computers,” says the author of the article. “Botnets have a direct impact on the number of crimes committed on the Internet: thanks to botnets, the number of credit card thefts has increased thousands of times. DDoS attacks have become everyday events on the Internet and can be carried out by any school kid with the help of a botnet.”

“Today’s cybercriminals can use botnets to get unauthorized access to hundreds and thousands of computers,” says the author of the article. “Botnets have a direct influence on the number of cybercrimes committed, and have resulted in a huge increase in credit card theft. DDoS attacks have become an everyday reality, and can be conducted by anyone with the help of a botnet.”

The full version of the article is available at www.viruslist.com/en. A summary of the article can be found at www.kaspersky.com.

This material can be reproduced provided the author, company name and original source are cited. Reproduction of this material in re-written form requires the express consent of the Kaspersky Lab PR department.

Related Posts

No related posts.