Adobe to become top hacker target for 2010

The near-ubiquity of Flash and Reader make them a popular target for hackers

Security giant McAfee is warning end users and information security professionals to expect an increase in threats to social networks and the emergence of Adobe products as the number one software target for cyber criminals next year.

McAfee’s new 2010 Threat Predictions report warns that Adobe will supplant Microsoft for the first time next year in terms of the number of desktop PCs being attacked.

“In 2009 McAfee Labs saw an increase in attacks targeting client software. The favourite vector among attackers is Adobe products, primarily Flash and Acrobat Reader,” the report noted.

“Using reliable ‘heap spray–like’ and other exploitation techniques, malware writers have turned Adobe apps into a hot target. Further, Flash and Reader are among the most widely deployed applications in the world, which provides a higher return on investment to cyber criminals.”

The report also warns that as user numbers of social networks continue to grow, these sites are likely to experience ever-more sophisticated attacks, with cyber criminals exploiting the inherent trust that users have in their friends on the sites which makes them more likely to click on malicious links.

“As Google and other providers crack down on search engine poisoning, we expect that Twitter and similar services will increase in appeal for such purposes,” the report added.

But it was not all doom and gloom for 2010, with McAfee maintaining that the tide may finally turn in favour of the law enforcers next year.

“The worlds of law enforcement and justice have had about a decade to deal with highly organised and financially motivated cyber criminals. We finally have nearly universal recognition among global governments of the severity of this problem, and we can see significant progress from these years of relationship building, education, and training among international law enforcement organisations,” the report said.

“This progress has been slow in coming but we now see clearly demonstrated to criminals that engaging in cybercrime has become an activity with a rapidly increasing risk of incarceration, regardless of their country of residence.”