The IT security vendor's report for 2011 says that the booming smartphone market and growing tablet device market – together with a rise in online banking, and a shift from simple exploit kits to more sophisticated malware-as-a-service model for cybercriminals – are top of the predictions for next year.
Bradley Anstis, the firm's vice president of technical strategy, said that, during 2010, the industry has seen dramatic increases in issues regarding mobile malware, as well as growing complexity of trojan horse attacks in the banking industry.
"And although Malware-as-a-Service isn't new, we're seeing it take hold. New service offerings signal that the shift may become more prominent in the coming year, in the same way that cloud computing is growing for commercial organisations, cybercrime is also moving this same way", he said.
Rising on the back of the increasing smartphone market and growing tablet demand are almost certain to lead to more mobile malware in 2011, says m86 Security.
Data-stealing trojans, meanwhile, will also get more sophisticated as the year progresses. This being driven, says the report, by new malware starting to see its stock rise, such as data-stealers like SpyEye, Carberp and Bugat.
And as staples like ZeuS face heat from authorities, m86's study says that these new entrants will sharpen their skills in order to carry out their attacks unimpeded and keep the money flowing in.
Malware-as-a-Service (MaaS) will also take off in 2011, largely driven by attack toolkits, using command control techniques for cyber attacks. These exploit kits, says the report, have lowered the entry level to cybercrime and given birth to a new ecosystem with many different players with different roles to play.
"Our research indicates that a shift is occurring whereby exploit kit developers have started to provide services (instead of/in addition to) classical application offerings", says the report.
"For example, the NeoSploit and Phoenix exploit kits offer different malware services to their customers. With the NeoSploit kit, customers can purchase a specific web server configuration that redirects victims' requests to a NeoSploit back-end server, which is apparently handled by the NeoSploit team", the report adds.
According to m86 Security's report, different `suppliers' can be used to provide active vulnerabilities and the exploits that use them, or to get help in driving traffic past infected websites.
In the same way the commercial world is embracing cloud-delivered services, cybercriminals will also become better organised, offering a complete suite of services in one place.
"While we do not anticipate a decline in the usage of exploit kits, we do believe there will be more service offerings for cybercriminals instead of just application offerings", concludes the report.