Banker Trojans and fake antivirus will be the most prevalent malware types in 2009. Banker Trojans are designed to steal login passwords for banking services, account numbers, etc., whereas fake antivirus try to pass themselves off as real antivirus products to convince targeted users they have been infected by malicious codes. Victims are then prompted to buy the rogue antivirus to remove these bogus infections. Cyber-crooks are currently profiting substantially from this type of fraud.
As for methods of malware distribution, PandaLabs predicts an increased use of social networks, not only by worms trying to spread from one user to another, but by malicious code designed to carry out more dangerous actions like theft of confidential data.
Similarly, malware distribution through SQL injection attacks will continue to rise. This type of attack infects users that visit certain Web pages without them even realizing. To do this, cyber-crooks exploit vulnerabilities on the servers that host these pages.
A technique that will certainly become popular in 2009 will be the use of customized packers and obfuscators. These tools are used to compress malware and make detection more difficult. Cyber-criminals will try to avoid the standard tools available in forums, websites, etc., and turn to their own obfuscators in an attempt to evade 'signature-based' detection by security solutions.
The same reason can explain the anticipated rebirth of classic malicious code such viruses in 2009. The use of increasingly sophisticated detection technologies like Panda Security's Collective Intelligence, capable of detecting even low-level attacks and the newest malware techniques, will make cyber-crooks turn to old codes, adapted to new needs. Forget about viruses designed to prevent systems from working or files from being opened, as they did ten years ago, and get ready for viruses aimed at hiding Trojans used for theft of banking information.
New Platforms
Panda Security's laboratory forecasts a significant proliferation of malware targeting new platforms such as Mac OS Leopard X, Linux or iPhone. However, these new codes will never be as numerous as those for Windows systems.
"The number of malware strains created for Mac or Linux platforms will grow in 2009, although they will still represent a very low percentage compared to the total number of threats. The reason for this is efficiency. If, for every sample emailed to a million people, 3% get infected, it is obviously much more productive to send it to a platform used by millions of users than to another, less popular platform, which will offer a lower number of potential victims", explains Luis Corrons, Technical Director of PandaLabs.
Computer Threats and the Financial Crisis
Over the last few months of 2008, PandaLabs has conducted research showing a clear correlation between the financial crisis and malware strategies. The laboratory has discovered that every stock market drop is followed by a spike in the amount of malware in circulation. Similarly, the increase in the unemployment rate translates into a boom in false job offers aimed at recruiting money mules.
According to the PandaLabs forecasts, this will repeat in 2009. Fake job offers will continue to grow whenever the unemployment rate goes up. In financial crisis situations, cyber-crooks prey on unemployed people with attractive job offers that really aim at capturing money mules, that is, people to help them launder money generated from illegal activities.
"Summing up, malware in 2009 is expected to grow and become more sophisticated and more difficult to detect. There will also be an increase in Web-based attacks and attacks through social networks, which allow for more silent infections", says Corrons. "The financial crisis will also bring an increase in malware and false job offers."
Subarna Gupta is manager of Marketing and Service at PandaLabs - www.pandalabs.com.
Photo by d70focus. Creative Commons Licence Attribution 2.0 Generic.
