Computer virus
Hackers are likely to launch more sophisticated attacks in 2009

Experts predict rise in 'virtual' malware

Botnet shutdowns will force attackers to change tack next year

Phil Muncaster

Virus writers are likely to unleash increasingly sophisticated strains of malware next year in an attempt to bounce back from some high-profile botnet shutdowns in 2008, according to new predictions from managed security provider MessageLabs.

The company predicted that hackers will launch new attacks in which malware will exist as a virtualisation layer running directly on the hardware and undiscoverable by the operating system.

Advertisement

"The operating system does not know it's there, and the malware will be intercepting low-level operating system calls," explained MessageLabs senior analyst Paul Wood.

"The problem will be in realising it's there and understanding how to clean up, because it's so low level and tangled up in the operating system that sometimes the only recourse is to reinstall the machine from scratch."

Mark O'Dell of IT support firm Connect Support Services said the theoretical threat to the operating system has been present since the creation of hypervisor technology.

"This type of malware may be much harder to detect as it runs at a level below the operating system the end user and even the professional user sees, but provided it is appropriately secure it would be hard to achieve," he added.

Cyber criminals will also concentrate on infecting machines with more agile malware which can switch between tasks as appropriate, said MessageLabs' Wood. For example, if a piece of malware determines that the spam it is sending out is being blocked, it could then be told to launch denial-of-service attacks instead.

Mobile malware is also likely to increase in 2009, according to MessageLabs, but not with the goal of infecting devices to create botnets. Attackers will instead seek to make money by subverting the phones so that they call premium rate numbers established by the criminals.

Phishing attacks will also increase in sophistication, as criminals target flaws in the Domain Name Server (DNS) system to launch phishing sites by creating sub-domains in exposed accounts. This method will help to circumvent traditional URL filters that can detect when criminals use typo-squatting techniques, which rely on mistakes made by surfers when entering a web site address into a browser.

"We have seen legitimate businesses with good domains being taken over in some way," said Wood. "The criminals gain access to the admin function of their DNS console, add sub-domains to their records and then use these domains in phishing emails."

  • Have your say
  • Send to a friend
  • Print
  • Digg
  • Reddit
  • Share

Do you agree?

Related whitepapers

Related jobs

Most watched

eu flag

V3.co.uk weekly debrief, 6 Nov 09

This week, Europe decides what to do with illegal file sharers

Intel unveils its micro server platform

Small-enclosure systems take aim at hosting market

IT white papers

Search white papers

Top categories

Poll

Impact of Information Overload poll

Impact of Information Overload poll

What is the biggest problem your firm faces as a result of the data explosion?

View poll results

Advertisement

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Enter email address to edit your newsletter preferences

Job of the week

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Hiring now on ComputingCareers:

Related IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Spotlight

eu flag

V3.co.uk weekly debrief, 6 Nov 09

This week, Europe decides what to do with illegal file...

Dell Adamo XPS

Dell launches ultra-thin Adamo XPS

World's thinnest laptop will be available by Christmas

Top 10 articles, 6 November 2009

The worst Microsoft products of all time, and a USB...

Iain Thomson

Pirate Bay shutdown could be inspiring online militancy

Recent Swedish attacks raise worrying possibility

Primary Navigation