Social-networking sites like Facebook and Twitter can expect more attention from cybercriminals in 2010, according to a new report (PDF) released Tuesday by McAfee Labs. Also at risk are users of Adobe Systems products including Acrobat Reader and Flash. And move over Microsoft; the security firm predicts that Google’s Chrome OS will “create another opportunity for malware writers to prey on users.”
The company also anticipates smarter and more dangerous Trojans that “follow the money,” as well as a “significant trend toward a more distributed and resilient botnet infrastructure that relies much more on peer-to-peer technologies.”
In a recorded interview (scroll down for audio) David Marcus, McAfee Labs’ director of security research and communications, said that he expects “an explosion of Facebook and other services targeted by cyber criminals.” In addition to malware like Koobface that spreads among Facebook users’ friends list, Marcus expects an increase in rogue Facebook applications.
“When you click yes to ‘do you want to allow this application to access your Facebook account,’ you’re giving that application access to all the data in your Facebook account,” he said. Facebook vets the third-party applications that it distributes, but rouge developers are finding other ways to get people to install unauthorized apps.
“A lot of the spammers and scammers will send fake Facebook application requests to users’ inboxes,” he said. Marcus recommends that you only install apps from within Facebook by clicking “browse more applications” in the Facebook application installer.”
Twitter vulnerabilities
According to McAfee, Twitter is vulnerable mostly because of URL-shortening services like bit.ly and tinyurl.com. There’s nothing wrong with Twitter or these services, but when you click on a shortened URL you have no idea where you’re going until after you get there. I would like to see a URL-shortening service that vets each URL for security and rejects those that are potentially dangerous. Twitter, according to the McAfee report is “also serving as a control vehicle for botnets.”
Criminals are now being more surgical in their attacks, singling out individuals and corporations as targets. The report points to the 10-month investigation of “GhostNet,” which McAfee Labs describes as a “network of at least 1,295 compromised computers in 103 countries” that “primarily belonged to government, aid groups, and activists.” The malicious code was delivered by e-mail with subject headings related to the Dali Lama and Tibet, according to the report.
The report also sites “a very targeted wave of attacks against the management of major companies,” as well as attacks carried out against “journalists from various media organizations, including Agence France Press, Dow Jose and Reuters based in China.”
Adobe products and Google Chrome vulnerable
Adobe products, especially its Acrobat Reader and Flash, are likely to replace Microsoft Office as the No. 1 software target, according to McAfee. It’s nothing they’ve (Adobe) done wrong,” Marcus said. “The bad guys go where the masses go” and because of the increasingly widespread use of Adobe products, “that tends to be what the bad buys will start looking to exploit. It really is nothing more sophisticated than that.”
Criminals are infecting PDF files and leveraging exploits in the opening of PDF documents, according to Marcus.
“Instead of viewing a PDF you’re actually taken to a website that downloads some type of malware to your machine.” Adobe plans to patch a critical hole in Reader and Acrobat on January 12.
There is also concern about Google’s Chrome operating system, which is expected to be officially released in 2010. Chrome, which will run Web-based applications, is likely to be vulnerable to attacks in HTML 5–the newest version of the hyper-text markup language that, says the report, “holds all the promises that today’s Web community seeks–primarily blurring and removing the lines between a Web application and a desktop application.”
McAfee also warned of banking Trojans with “new tactics that went well beyond the rather simple keylogging-with-screenshots” that were used earlier. Trojans now use rootkit techniques to hide on a victim’s system to disable antivirus software.
ABI Research is projecting that in 2009 Linux will represent 32 percent of netbook sales, far higher than the seven percent figure claimed by Microsoft, says a report. ABI estimates that Linux will overtake Windows on netbooks by 2013, largely due to sales in less-developed countries.