Malware writers
continue to blur the line between trojans, worms and viruses while
Spyware distributors have adopted the stealth techniques of virus and
worm authors, and can now adapt quickly to uncover and exploit the
slightest vulnerabilities. PC users must therefore be aware that they
can get into a lot of trouble by simply visiting a website and that the
bad guys no longer need to entice them to open an email attachment to
wreak havoc on their machines.
Some Spyware and Malware Predictions for 2007 are:
1. Blended threats will continue to evolve: In addition to using spam
to distribute trojans and other malware, attackers will increasingly
use multi-phased exploits to take control of unsuspecting
users’ computers, steal private information, and perpetrate
other attacks.
In 2006, trojans accounted for 62 percent of all malware; worms
accounted for 24 percent; and viruses and other types of malware
accounted for the remaining 13 percent. With the advent of the WMF
exploit for “drive-by” downloads, 2006 also marked
the first year that a spyware variant used a zero-day exploit to take
advantage of a vulnerability that was previously unknown to the general
public.
2. Phishers will get smarter: Users should expect social engineering
tactics to become more convincing and more effectively targeted at the
knowledgeable user. Fake phishing emails with subjects such as
“to verify your account” will be replaced by more
clever attempts, such as worms disguised as “mail
failure” notices.
3. Spam will increase: The last quarter of 2006 saw a huge increase in
spam, largely because of image-based spam which can evade most
anti-spam filters. Due to the low cost of sending mass spam, especially
through botnets, cyber criminals will increasingly use this medium to
distribute trojans.
4. Targeted attacks will increase. Criminals or disgruntled employees
can use malware for corporate espionage or to steal intellectual
property. For example, an employee’s home or office computer
can be infected by visiting a pornography or gambling site where
criminals have planted a keylogger or spyware to transmit saleable
information. Criminals also can use ransomware to
“kidnap” a user’s data until the user is
willing to pay for its release.
5. The rise of kernel rootkits. A rootkit is a cloaking technology that
allows an intruder to hide malicious activity on a previously
compromised machine. Using a rootkit, an attacker can hide malware such
as backdoors, sniffers and keyloggers. Kernel rootkits are especially
dangerous because they can be difficult to detect without appropriate
software. Kernel rootkits add code or replace a portion of kernel code
with modified code to hide a backdoor.
6. Increased exploitation of browser and application vulnerabilities.
As cyber criminals find it harder to break through security defences
with traditional attacks, they will increasingly exploit
vulnerabilities in Web browsers and applications. The release of new
software versions will provide fertile ground for discovering new
vulnerabilities.
7. Typo-squatting on search engines: Hackers will increasingly seek to
poison search engine rankings and to perpetrate click-fraud on ad
networks. Typo-squatting — linking easily mistyped domains to
malicious sites — will become more prevalent.
The increase in rogue anti-spyware programs is another alarming trend
for 2007. Criminals are preying on consumers and small businesses via
these “free” anti-spyware programs that actually
contain the malware they purport to address. Instead of cleaning
users’ computers, these attackers try to get money from users
through deception.
While these predictions may seem grim, many security companies are
moving quickly to provide the tools and information that individuals
and companies need to help protect themselves from harm.
