Kaspersky Lab predicts file-sharing threats to rise in 2010

This time last year, the Russian headquartered veteran IT security software vendor's analysts forecasted a rise in the number of global malware epidemics.

Unfortunately, Kaspersky said, that forecast proved to be accurate: 2009 was dominated by sophisticated malicious programmes with rootkit functionality, the Kido worm (also known as Conficker), web attacks and botnets, SMS fraud and attacks on social networks.

According to Kaspersky's research experts, in the coming year there will be a shift in the types of attacks on users: from malware attacks via websites and applications towards security attacks originating from file-sharing networks.

Kaspersky noted that, already in 2009 a series of mass malware epidemics have been `supported' by malicious files that are spread via torrent / file-sharing portals.

This method, the IT security vendor said, has been used to spread notorious threats such as TDSS and Virut, as well as the first backdoor for Mac OS X.

In 2010, Kaspersky said it expects to see a significant increase in these types of security incidents on file-sharing networks.

The bad news, the firm said, is that cybercriminals will continue to compete for traffic. The modern cybercriminal world is making more and more of an effort to legalise itself and there are lots of ways to earn money online using the huge amount of traffic that can be generated by botnets.

Today, it is mostly black-market services that compete to make use of botnet traffic. In the future, however, Kaspersky Lab foresee the emergence of more 'grey' schemes in the botnet services market.

So-called `partner programmes' enable botnet owners to make a profit from activities such as sending spam, performing denial-of-service attacks or distributing malware without committing an explicit crime.

Kaspersky added that the decline in gaming trojans witnessed in 2009 is likely to be repeated for fake anti-virus programmes in 2010. The latter first made an appearance in 2007 and 2009 saw a peak in their activity and involvement in a number of major epidemics.

The Kido worm - aka Conficker - for example, installed a rogue anti-virus programme on infected computers. The fake anti-virus market has now been saturated and the profits for cybercriminals have fallen.

"Malware will become much more sophisticated in 2010 and many anti-virus programmes will be slow to treat infected computers due to advanced file infection methods and rootkit technologies", said Alex Gostev, director of Kaspersky Lab's global research and analysis team.

"IT security companies will respond by developing even more complex protection tools. However, the malicious programmes capable of bypassing these measures will remain more or less immune to anti-virus programmes for some time", he added.

According to Gostev, when it comes to attacks on web services, Google Wave looks like it will be making all the headlines in 2010.

Attacks on this new Google service, he explained, will no doubt follow the usual pattern: first, the sending of spam, followed by phishing attacks, then the exploiting of vulnerabilities and the spreading of malware.

The planned launch of the network-based Google Chrome operating system is also a noteworthy event, but the experts at Kaspersky Lab do not anticipate much interest in this platform from cybercriminals.

The detection of new vulnerabilities will remain the major cause of epidemics.

These vulnerabilities, Kaspersky said, will be detected in both software developed by third parties (such as Adobe and Apple) and in Windows 7.

If no serious vulnerabilities are detected, Kaspersky added, 2010 may well prove to be one of the quietest years for some time.

What’s Hot on Infosecurity Magazine?