Malware Trends We May Encounter This Year

by News Editor on January 6th, 2014 in Industry and Security News.

Our Director at Malware Labs, Andrew Browne has prepared an overview of what we can expect in terms of malware trends in the coming year.





Here are some trends we expect to see during 2014.

1.     New Zeus variants

In 2013, new variants of the Zeus backdoor began to use the Tor network (http://en.wikipedia.org/wiki/Tor_%28anonymity_network%29) - it is highly likely that other malware will follow Zeus' lead and make more use of this traffic anonymizing network. Broadly, cyber criminals will, more and more, hide their activity in the anonymous Tor network which will make C&C servers and ordinary bots practically impossible to trace. This means researchers cannot find the botnet computers in order to disable them. The pseudo-top-level domain “,onion” used in Tor network to locate the host (e.g. b742crfibawhnims.onion) is not an ordinary DNS name and cannot be located on a root server. Thus, this addressing mechanism makes it more difficult to trace a C&C server, a zombie computer or takedown a whole botnet inside the Tor network.

2.     More Backdoors

Also following Zeus's lead, we can expect to see more 64-bit backdoors appearing this year. Zbot (Zeus bot) is used to test innovations and other bots will likely copy new features once they complete the verification stage.

3.     Botnets

Botnets will continue using public file-sharing services like Dropbox as a staging point to download malware and potentially unwanted programs.

4.      Ransomware and cryptolockers

They were a huge problem during 2013 due to the sheer amount of infections and the cynical ploy of encrypting user's files and demanding a ransom for the decryption key. It is a fairly brute force method of extorting money from victims but given the choice of losing irreplaceable data or giving in to the blackmailer's demands, many people, understandably, have paid to have the data decrypted. This unfortunately encourages the attackers and as a result, until users implement their own robust backup strategy to safeguard important files, we're likely to see this threat become even more prevalent.

5.      Android malware

With the increase number of consumers using Android based phones, the android malware will continue to rise in 2014 with attacks on mobile banking applications by means of exploiting new vulnerabilities in Android OS (e.g. Trojan Svpeng).

6.      Vulnerability of Windows

It is an attractive platform for the malware writers, in part, because of the sheer number of users. As Microsoft gradually move towards making their offerings more secure, applications like Java will continue to be a focus for vulnerability exploitation. Java products are a default software choice for most users - the bad guys know this and realise that its profitable to continue to scrutinise Java for exploitable vulnerabilities and create malware to take advantage of this in 2014.

7.      Price fluctuations of Bitcoin

Wild fluctuations in the price of Bitcoin towards the end of 2014 led to a huge amount of investors speculating on Bitcoin to make some quick, easy money. Given the value of Bitcoin, we can expect an increase of malware installing Bitcoin miners onto victim’s computers. As generating new Bitcion becomes harder and harder we are likely to see an increase in the theft of Bitcoin wallets. Since they have no personal information attached, victims cannot prove they owned these particular Bitcoins before being robbed. Bitcoin exchange services will also be attractive targets for online 'heists'.

8.       2014 World Cup scams

The 2014 World Cup will be the most widely-viewed sporting event in the world. Events that draw such pervasive and ongoing public interest will be used to in an attempt to  manipulate users into performing certain actions or disclosing confidential information. We can expect to see much World Cup-related spam with malicious attachments and World Cup-related phishing ploys appearing to offer refunds, tickets and lotteries, accommodation, travel and team merchandise. Cyber scammers will also likely poison search engine results using World Cup-related headlines and videos to lead to malicious sites in an attempt to distribute malware. With so many viewers planning to watch the games online, attackers are sure to capitalize on ways to infect users looking to download media players.