In 2010, the widespread adoption of Windows 7 and increasing popularity of Apple's Mac OS is set to bring new vulnerabilities for cyber criminals to exploit.
This is the view of Panda Security's Jeremy Matthews, who heads up its sub-Saharan operations. Matthews point to the operating system (OS) as the platform of choice for malware authors, citing Microsoft's Windows 7 as the latest attack path due to its widespread market acceptance.
“As newer computers are coming with Windows 7 64-bit, criminals are adapting malware to the environment. It may take time, but we expect to see a major shift towards this platform over the next two years.”
He adds that the Mac platform is no longer a safe haven from malware, as Macs are used to access social networks, e-mail, and the Internet. “Criminals can easily identify a Mac, and have malware designed especially to target the OS. As the Mac platform becomes more popular, we are set to see more malicious attacks in 2010.”
According to Matthews, Linux is generally more secure than Windows as it is community-developed, meaning vulnerabilities are patched quickly by its users.
“Linux escapes a malware onslaught because there are far fewer Linux end-users than its Windows counterpart, and so it is much less attractive for cyber criminals.”
Mobile threat
Panda sees the mobile phone as a small target vector, although other security companies have hinted otherwise. The company's reasoning is simple: the PC platform accounts for 90% of the computing market.
While the market share is increasing rapidly, mobile phones are based on a fairly diverse range of hardware and software platforms, making it a much harder market to break into, Panda explains.
Matthews says the mobile telephony market is set to drive changes in the computing landscape, as smartphones start offering the same features as the PC.
Coupled with the popularity of Google's Android and the Apple iPhone, cyber criminals are likely to target vulnerabilities in these platforms. “If in some years there are only two or three popular platforms, and people begin to operate financial transactions from their cellphones, then maybe we could talk about a potential breeding ground for cyber crime,” states Matthews.
Money menace
Banking Trojans continue to represent a serious threat to users, notes Matthews. “Even though many banks have increased security measures on their Web sites, these malicious codes have become more sophisticated and include new functions.”
He explains that these programs are dangerous as they are designed to steal user information, allowing cyber criminals to access users' banking accounts.
“Banker Trojans appear to have become the most profitable categories of malware for cyber criminals. These attacks mostly rely on social engineering techniques to infect computers, particularly those targeting search engines and social networks, along with 'drive-by-download' infections from Web pages,” adds Matthews.
He recommends that users be suspicious of messages related to current affairs and major events. “As the football World Cup takes place in SA, we can also expect to see significant amounts of malware related to this event, with false ticket offers and junk mail.”
According to Panda, the most active banker Trojan families are Sinowal, representing 46% of the families designed to steal bank details, followed by Banker, at 25%, and Banbra, at 11%. The remaining 18% corresponds to the rest of the banker Trojan families.
Share