Security threats will shift to P2P, mobile in 2010

Online security threats will shift to file-sharing services and the smartphone next year, while sophisticated malware targeting rootkit software will also be more widely deployed, Kapersky Labs has warned.
However, on the upside, it says if no serious vulnerabilities are discovered in key software such as Windows 7 and Adobe, it could be a relatively safe year for online users.
Kapersky said it had correctly forecast that 2009 would be dominated by botnets, SMS fraud, social network attacks and malicious programs with rootkit functionality, like Conficker.
But it says in the coming year attacks originating from file sharing networks would increasingly supplant attacks via websites and applications. Several malware epidemics emerged in 2009 as a result of malicious files spread via torrent portals, spreading threats such as TDSS, Virut and the first backdoor for Mac OS X.
“In 2010, we expect to see a significant increase in these types of incidents on P2P networks,” Kapersky said.
It also predicts an expansion in the “botnet economy”, with criminals making money from helping others send spam or perform DoS attacks through “partner programs”.
This is in part a result of the success of IT security firms in choking off one of the most popular scams in recent years, rogue antiviruses.

The fake antivirus market was now saturated and had the close attention of IT security companies and law enforcement agencies.
“Malware will become much more sophisticated in 2010 and many antivirus programs will be slow to treat infected computers due to advanced file infection methods and rootkit technologies,” says Alex Gostev, director of Kaspersky Lab’s global research team.
These malicious programs would be capable of bypassing measures developed by security firms and would “remain more or less immune to antivirus programs for some time.”
It expects “a difficult time” for iPhone and Android. The first malicious programs for the two popular smartphone platforms appeared in 2009, and while only some jailbroken iPhone users are at risk, but all Android users are vulnerable to attack.
“The increasing popularity of mobile phones running the Android OS in China combined with a lack of effective checks to ensure third-party software applications are secure will lead to a number of high profile malware outbreaks.”
The key to warding off online threats was the security of major operating systems and applications. The detection of backdoors in Microsoft platforms and popular software like Adobe would continue to remain the major cause of epidemics, Kapersky said.
But if those could be kept secure 2010 could be “one of the quietest years for some time.”
Meanwhile, another security firm, F-Secure, warned of a search engine “scam blitzkrieg” this shopping season.
It listed the Flip camcorder, the iPod, video game Call of Duty and Michael Jackson’s This Is It video as likely bait for search engine scams.