ESET Cyber Threat Predictions for 2012

Mobile Malware, Botnets, Targeted Attacks and Social Engineering Improvements Top the List

SAN DIEGO – December 29, 2011 – ESET today announced a list of predictions about the threatscape developments for 2012, which have been compiled by the company’s top security experts from around the world – Stephen Cobb, Cameron Camp, Aryeh Goretsky, David Harley, Robert Lipovsky and Sebastian Bortnik.

“In terms of top malware trends for 2012, the first place has to go to malware for mobile devices. The strong growth in market share for Android has made this platform the primary focus of malware developers who target mobile devices,” says Sebastian Bortnik, awareness and research coordinator at ESET Latin America.

According to ESET analysis, the top threats in 2012 will be:

  •          Mobile malware
  •          Windows 7 threats
  •          Targeted attacks
  •          Social engineering improvements

“During 2011 we saw multiple variants of malware on mobile devices, such as SMS Trojans that cause the infected device to send text messages to premium numbers that cost the phone user money while generating profit for cyber criminals, and mobile botnets that turn the mobile device into a zombie that can be used for criminal purposes,” says Bortnik.

Other mobile malware that we will see more of in 2012 includes spyware. For example, in July 2011, two of the most popular crimepacks (SpyEye and Zeus) were released in versions compatible with mobile devices, namely ZITMO, or Zeus In The Mobile and SPITMO. Although we do not see this threat on a massive scale yet, there is no doubt attackers will continue to migrate malicious code to the mobile platform, taking advantage of the fact that users of these devices are placing more and more sensitive business and personal information there, while at the same time they are not yet accustomed to protecting the devices with security technology and best practices.

By October 2011, ESET has identified 41 major malicious code families (and variations) for  the Android platform: 30 percent of threats were embedded in downloads from the Android Market, 37 percent are SMS trojans and  60 percent of the malicious code have some botnet characteristic (i.e., some kind of remote control over the device).

Android malware is not the only trend in operating system security. Gartner predicts that Windows 7 will be the most widely used operating system by the end of the year. That means some threats like rootkit for 64 bit Windows are likely to be more “popular” in 2012. As the security technology in operating systems like Windows 7 becomes more sophisticated, we are likely to see the bad guys develop more complex malware to try and defeat this security.

Not only will 2012 see complex attacks targeting widely used endpoints (such as TDL4 bootkits), we can also expect specific malware designed to attack specific targets, as Stuxnet did last year. Right now we're seeing Duqu, based on Stuxnet, and there is a high probability we will see more of this kind of threat next year.

A big trend for 2012 is likely to be a shift in the propagation methods used by malware distributors. The traditional channels for malware and scams—such as email, instant messaging or USB devices—are likely to get less attention, while social engineering techniques deployed on social networks, search results poisoned by blackhat SEO techniques, and drive-by-downloads—malware installed on vulnerable and legitimate web sites—will gain favor as channels for infecting endpoints and compromising networks.

Aryeh Goretsky, researcher at ESET North America adds that we will see increased interest in digitally signing malware using stolen code-signing digital certificates. He predicts that, “There will be reports of a vulnerability in the forthcoming Windows 8 that  will be  referred to as  a "major security flaw" only to find out—a few days or perhaps a week or so later—that it cannot be conventionally exploited or remains firmly in the realm of the theoretical.”

Finally, looking back, ESET North America Security Evangelist Stephen Cobb, put together a video guide through some of the top threats of 2012:

Video link: http://blog.eset.com/2011/12/23/2012-malware-and-cybercrime-predictions-the-video-version

For more detailed 2012 threat predictions, please visit the ESET Threat Blog.

About ESET

ESET is on the forefront of security innovation, delivering trusted protection to make the Internet safer for businesses and consumers. IDC has recognized ESET as a top five corporate anti-malware vendor and one of the fastest growing companies in its category. Trusted by millions of users worldwide, ESET is one of the most recommended security solutions in the world. ESET NOD32 Antivirus consistently achieves the highest accolades in all types of comparative testing, and powers the virus and spyware detection in ESET Smart Security and ESET Cybersecurity for Mac. Sold in more than 180 countries, ESET’s global headquarters is in Bratislava, Slovakia, with distribution headquarters for North America located in San Diego, California. ESET also has offices in Buenos Aires, Prague, Krakow and Singapore and is represented by an extensive global partner network. For more information, visit http://www.eset.com/us/ or call +1 (619) 876-5400.