Top 4 Malware-Related Issues for 2012

Mobile Attacks, Trojans on Social Media Among Biggest Threats

By , May 30, 2012.
Top 4 Malware-Related Issues for 2012

For the past five years, security experts at ThreatMetrix, a provider of online security, device identification and malware detection, have been keeping watchful eyes on malware.

See Also: Mobile Deposits & Fraud: Managing the Risk

Based on attacks they've seen hit more than 700 corporate customers from various parts of the globe, ThreatMetrix' team has come up with a list of chief malware-related issues for the year ahead.

Some of them are obvious concerns, like increased malware attacks against mobile applications. Consumer adoption of mobile devices for a wider variety of uses, including mobile banking and commerce, is getting fraudsters' attention.

But ThreatMetrix notes some less obvious concerns, including the potential difficulties posed by the higher level of security in Apple's iOS platform.

ThreatMetrix analyzed five years of malware research to devise these top malware trends and recommendations for the year ahead:

No. 1: Mobile: The New Target

Malware is quickly evolving, says Andreas Baumhof, ThreatMetrix' chief technology officer and co-founder of TrustDefender, acquired by ThreatMetrix and folded into its anti-malware and device identification suite.

Downloadable apps, such as those for Android smart phones, have already been targeted.

But it's not just open-source platforms that necessarily raise the greatest concerns. Some of the more protected operating systems, such as Apple's iOS, are worrisome because they are too secure, Baumhof contends.

"If I want to install anything on the iPhone, like malware, it's really hard," Baumhof says. "The trouble is that Apple prevents security companies from providing security for the iPhone. So if the bad guys find a vulnerability and we don't know how to stop it, it will be a big mess."

Although the lack of countermeasures to address those vulnerabilities poses risks, companies cannot afford to limit the types of mobile platforms and devices they support.

"A bank can't really say, 'We won't support Android or Apple,'" Baumhof says. "Android, for instance, has a huge user base."

To fight the growing mobile malware trend, the only option organizations have is to ensure they control their exposure. Pointing to mobile banking, Baumhof says financial institutions need to gather information about the devices customers and members use to access online banking accounts. They also need to monitor customer behavior when accounts are accessed via those mobile devices in the same way they monitor behavior on other banking channels.

"If the financial institution sees increased risk, they can restrict transactions or limit transactions," he says. "But it's not an option, I don't think, to limit the devices they allow consumers to use to access accounts."

No. 2: Social Networks Spread Trojans

Social networks have proven to be perfect venues for the spread of Trojans and other malicious software.

"Twitter, in particular, is a worry," Baumhof says. "We have seen a number of high-profile accounts that have been taken over, and once that happens, it's very easy for the malware to spread."

A Twitter account with 1 million followers is attractive; fraudsters can send malicious links to every follower once the account is taken over. And followers are more likely to click the links because they trust the source. It's a common threat on Facebook and LinkedIn as well.

"The problem with all the social networking sites is the trust," Baumhof says. "If we are connected with someone on LinkedIn, Twitter or Facebook, then we trust what they send us."

Social networks also have facilitated the spread of so-called drive-by Trojans or downloads.

In a drive-by attack, a computer gets infected just by visiting a website that contains malicious code. When links to infected sites are sent out via social networks, the results can be catastrophic.

Baumhof notes that in 2010, a compromised news site in the Netherlands led to hundreds of thousands of individuals being infected by the Carberp Trojan.

Search-engine poisoning is another worry. Though not dependent on social networks for distribution, it, too, relies on user behavior.

"It preys on the same things," Baumhof says. "If there is a topical event that many people are searching for on Google, then the bad guys will go in and find pictures linked to that topic and infect them with malware." When the pictures are viewed, the systems are infected.

Follow Tracy Kitten on Twitter: @FraudBlogger

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Industry News: Alert Logic Launches ActiveWatch

Leading this week's industry news roundup, Alert Logic launches ActiveWatch for Log Manager, a...

Latest Tweets and Mentions

ARTICLE Industry News: Alert Logic Launches ActiveWatch

Leading this week's industry news roundup, Alert Logic launches ActiveWatch for Log Manager, a...

The ISMG Network