Here are the threats that the AVG Web Threats Research group expects to see in the coming New Year.
1. Java will remain the top exploited software.
With over a billion machines running Java it’s a big target and extensively used by the most popular exploit kits today.
2. Mobile malware will grow.
Mobile devices are becoming a bigger target with the number of tablets and smart phones growing daily.
The same operating system, with persistent network connectivity is present in some of these devices. They are far from obvious targets to the typical user. Your smart TV (or even that new fridge!) may be the next target. The bad guys like the Microsoft platform because the number of users is vast. This is the same reason they will target mobile users. Your TV isn’t mobile, but it uses many of the same apps that tablets and phones use. New TV models by major manufacturers will actually be running the same Android operating system as mobile devices do.
3. Ransomware will continue to take over the niche now filled by FakeAV/Rogue antivirus.
In 2012 we saw bad guys moving from installing FakeAV to ransomware — a scare tactic that tells users they must pay a $200-$300 fine to unlock their PCs because of child porn, copyrighted material or malware had been found.
4. Exploit kits for mobile malware will be the next “new thing.”
The popularity and success of exploit kits that launch drive-by attacks on Windows-based PCs will carry over to the creation of the same type of attacks on mobile devices. Many attacks will continue to be based on social engineering.
5. Cloud services will be likely targets for attacks and breaches.
As we continue to store more information in the cloud, it becomes a more attractive target.
6. We will see more government-sponsored malware.
Possibly governments that have been victims of these attacks in the past will create malware of their own to attack those they suspect of being their attackers. Critical infrastructure could be the target.
The following items (seven through 10); we’re simply copying over from last year. They’re too good (or bad) to go away.
7. Toolkits will continue to appear and they will get more sophisticated.
8. Trojan horse programs will continue to be the largest category of malicious code.
9. Malicious spam and phishing will continue to be a threat to everyone who uses email.
The efforts of various anti-spam and anti-phishing cooperative groups will continue to reduce spam and phishing attacks via email, and we will see a continuing movement of such efforts into social networking sites.
10. Malicious iframes on legitimate web pages will continue to be a serious vector for attacks.
What threats DID Web users face in 2012?
We thought it would be interesting to look at our predictions from this time last year and see how we did:
1. Social media scams will continue at the present rate or increase.
True. As Facebook and other forms of social media continue to add millions of new members they will remain prime targets.
2. Toolkits will continue to appear and they will get more sophisticated.
True. Exploit kits rapidly add new exploits and are getting better at hiding from the good guys with IP blocking.
3. Trojan horse programs will continue to be the largest category of malicious code.
True.
4. Rogue security products will not go away.
True. We continue to see a decline, but they are still here.
5. Malware for mobile devices will continue to evolve.
True. This happened mostly in the form of rogue apps.
6. Malicious spam and phishing will continue to be a threat to everyone who uses email.
True. We continue to see exploit kits associated with shotgun spamming of emails disguised to appear as though they are from organizations that include the IRS, Better Business Bureau, Amazon, Facebook, Hewlett Packard, US Airways, and Citibank.
7. Search engine optimization poisoning might decrease as search site operators improve their techniques for detecting it.
True. This is another trend that we see decreasing, but it has not disappeared and probably never will go away completely.
8. Fake surveys will continue to waste time and steal money.
True.
9. Fraudulent web sites selling phony or non-existent goods will continue to attract victims.
True. No matter if it is fake purses, Rolex watches or Viagra, fake web sites will have the primordial survival skills of cockroaches.
10. Malicious iframes on legitimate web pages will continue to be a serious vector for attacks.
True. Any website, no matter how large or trustworthy, can be compromised.
We can no longer try to just insure that our users only browse a list of SAFE web sites. We need protection in place to check websites that we may believe are safe. LinkScanner does this. Rather than relying on block lists or white lists, it scans the actual CODE of every website as it is being delivered to the user’s browser.
Webmasters who contact us often are unaware of obfuscated code injected into their pages or add-ons. We can expect many inexperienced website owners with little understanding of how the sites they created with various CMS tools actually work and how they can be compromised. This may result in sites that resist efforts to be cleaned up even after they are compromised and reported as dangerous. This will be because the owners don’t know how to fix them or secure them. The result will be persistent and recurring exploitation.
We also find many invisible iframes and malicious advertisements making their way into the ad networks. No white list of Web sites can ever be as reliable as code checking. Web pages can be hacked in minutes or have malicious code injected in random ads. We probably will see even more attacks from ad networks that get cheap paid exploitive ads into their ad rotations.
Leave a reply
