Consumers will have to deal with malware hidden in video files, security firm McAfee predicted in its top 10 virus threats for next year.
The malware phenomenon is fuelled by a growing online market for identity theft, spam and adware. This is prompting criminals to more closely mimic the processes that have been adopted by legitimate software developers such testing and quality assurance procedures, the security vendor observed.
"The goal now is making money through data theft or adware. They write them for different reasons, to make money off it," said David Marcus, McAfee's security research and communications manager.
Online criminals will develop malware for any application that attracts large numbers of consumers and, as a result, are likely to start creating movie Trojans. When a user opens such a file in their media player, the software will automatically start downloading and installing malware or adware. A first example of such an online threat was detected earlier this month in the Realor worm that targets the Real Player.
Mobile phones too are expected to receive increased scrutiny from criminals. As the Symbian operating system is becoming the de facto standard for consumer smartphones and is reaching critical mass, the software becomes an attractive target for malware authors. Also, smartphones are starting to resemble computers more closely and consumers are getting used to installing and running software on the devices.
Microsoft's Windows Vista operating system is notably absent from McAfee's list of security predictions for 2007. The software offers several technologies that prevent attacks that are common today. However, Marcus expects that it will take malware authors about nine months before they figure out ways to compromise the software's defences.
Despite the onslaught of new security vulnerabilities, Marcus remained optimistic about the overall state of computer security, pointing to advances in security software.
"It's not doomsday. The bad guys always do their best, but the [security] industry is also maturing," Marcus said.
McAfee's complete list of predictions for next year:
1. The number of password-stealing websites will increase using fake sign-in
pages for popular online services such as eBay.
2. The volume of spam, particularly bandwidth-eating image spam, will continue to increase.
3. The popularity of video sharing on the web makes it inevitable that hackers will target MPEG files as a means to distribute malicious code.
4. Mobile phone attacks will become more prevalent as mobile devices become 'smarter' and more connected.
5. Adware will go mainstream following the increase in commercial Potentially Unwanted Programs.
6. Identity theft and data loss will continue to be a public issue – at the root of these crimes is often computer theft, loss of back-ups and compromised information systems.
7. The use of bots, computer programs that perform automated tasks, will increase as a tool favoured by hackers.
8. Parasitic malware, or viruses that modify existing files on a disk, will make a comeback.
9. The number of rootkits on 32-bit platforms will increase, but protection and remediation capabilities will increase as well.
10. Vulnerabilities will continue to cause concern fuelled by the underground market for vulnerabilities.
Australian government to require technology and communications companies to provide access to messages
New bill avoids demanding 'backdoors' in encryption, but includes measures to compel companies to provide access to encrypted communications
Indonesian overclocker Ivan Cupa (with the aid of a lot of liquid nitrogen) achieves record overclock on AMD's latest Threadripper
Ssupermassive black hole is so big it corresponds to four per cent of the galaxy's total mass
Imminent attack will target a single bank with cloned cards used to fraudulently withdraw millions over one weekend