Not all green, but still… Recycling malware and finding new spreading channels for it are the two major trends hackers and malware writers will follow this year.
Smartphone usage is rapidly becoming mainstream. We see people in metro and bus stations with their eyes stuck to those little screens.
More People are getting social or even “more” social with every second. We see social networks increasingly buzzing with news and opinions.
It’s only natural that hackers exploit these behavioural trends, re-targeting their attacks to match current context. And recycling older versions of malware and adapting them to new popular platforms is more convenient than developing new threats from scratch. We saw this at the beginning of the year with Ramnit. Formerly known for its financial data gathering capabilities, the worm acquired some social skills. And good causes are not exactly what it’s been pleading for on social media. Instead of sending it via e-mail spam, cybercrooks took it to Facebook for wider propagation and stealing users’ login credentials.
Now, if by recycling malware you could think of hackers getting lazier, think again. While they will most probably continue working on developing new threats, they will also shift part of their efforts towards finding new ways of spreading their evil and human/digital vulnerabilities to exploit.
What are they going to focus on more feverishly in 2012?
- Redesigning malware for mobile devices, primarily targeting the free Android Market – watch out for suspicious mobile banking apps! 2012 may be the year we hear about mobile worms and drive-by-downloads. Also, rethinking mobile attacks. Patches and updates for mobile operating systems are very rare and take more time to develop than those for PC. And hackers will most likely exploit this vulnerability. This is why mobile devices will become hackers’ main target in their attempt to steal sensitive data.
- Analysing and exploiting vulnerabilities in Windows 8, soon to be released. Microsoft’s latest OS version will come with its own Antivirus, but don’t rely much on that tool. Hackers expect you to do just that, while developing threats that breach it.
- SEO poisoning of search results. Popular searches such as “Kim Kardashian” may start producing more images that link to malicious sites, where you can be tricked into handing over personal information.
- Mining social networks with “recycled” variants of malware and phishing attacks, based on current world events. If we take into consideration several turmoils around the world, mostly caused by economic crises, hacktivism is prone to become the next big thing on social media. Hacktivism may affect institutions, governments and individuals at the same time.
So smartphones, blackhat SEO, social media and Microsoft’s OS are 2012’s primary channels connecting the cybercrime eco-system with the rest of the digital world. And this is not a Mayan prediction for 2012 (!). It’s my take based on what I hear, see, learn exploring both real and digital worlds, and listening to security experts.
What’s your take on all of this? Wanna add something else to the list above?