Forecast: How Internet threats will evolve in 2008
PandaLabs published a forecast on how Internet threats will evolve in 2008. One of the key factors will be the increase in the amount of malware, known and unknown, in circulation. If there has already been a notable increase in 2007 compared to previous years, this trend will most likely intensify in 2008.
However, PandaLabs also expects this growth to affect platforms that have not previously been targeted by cyber-crooks. Thus, there could be an increase in threats aimed at Mac systems or VoIP services.
As for the objectives of threat creators they will be the same as today, i.e, getting confidential data for online fraud and theft. Banker Trojans will continue to be present and there will be a significant rise in the number of Trojans designed to steal information from users of social networks (Myspace, Facebook, etc.), and online games. In fact, during 2007, theft of this kind of data has consolidated as a new criminal business model on the Internet.
Main means of propagation
Over the current year we have seen the increasing use of malware installation kits capable of exploiting vulnerabilities in servers to modify web pages that automatically infected the visitors’ computers. This will increase considerably in 2008, as these tools have proven to be very effective when it comes to infecting a large number of systems. Also, cyber-criminals will continue to be on the lookout for new vulnerabilities in operating systems and applications that allow them to install malware without the user’s knowledge.
In addition to this, classic techniques like social engineering will continue to be used although they could adopt new forms: from greeting cards to fake Windows updates, as has occurred recently.
Another means of propagation we will no doubt see in 2008 is the so-called “drive-by download”, which consists of inserting a page that can detect vulnerabilities on target computers to infect them.
More complex malware
Finally, as for new trends in the technological field, attacks have been increasingly sophisticated throughout 2007 and the new malware is becoming increasingly complex. This complexity stems above all from the merging of several types of threats, resulting in the appearance of hybrid malware. Everything seems to indicate that this phenomenon will continue over the next year.
Also, PandaLabs notes that malware such as bots or Trojans will be controlled remotely not only through IRC, but also P2P networks or the HTTP protocol.