Thursday, November 20, 2008

Avira’s forecast of malware trends for 2009

Drive-by-downloads and data theft will continue to increase

Tettnang, 20 November 2008 – Avira’s experts believe cyber criminals will continue to expand their activities in 2009: Drive-by-downloads will increase – attacks will hit businesses, organizations and private users in equal measure. The IT security experts from Germany predict that the entry point will be mobile phones and online services with Internet access, rather than the Web, which have specialized central data management. The experts also predict that Internet espionage will cause considerable harm in 2009.

The experts believe that there will be less attackable vulnerabilities in software next year. However, they expect that cyber criminals will take more intensive and faster advantage of the vulnerabilities in order to install harmful code. Moreover, hackers don’t use impersonal spam anymore and have started to target people using individually created messages. Users are finding it increasingly difficult to identify that the email is not authentic and can land on infected websites with drive-by-downloads having made just one click. The harmful programs frequently have rootkits in them to hide the malware. This type of harmful code is becoming more frequent than polymorphic file infectors and typically carries spyware to find out the users bank and personal data. The difficulty with polymorphic programs is that the server slightly changes them when downloading. This means they can escape virus scanners that only scan files for very basic detection attributes.

“The Web is gaining more importance in the spread of malware and we see this continuing into 2009. The attackers steal the victim’s access data which is held in the browser’s cookies by vulnerabilites known as cross-site-scripting. They also take advantage of such vulnerabilities through links in emails.”, explains Rainer Witzgall, Executive Vice President at Avira. “Especially users of social networks such as MySpace, Facebook, StudiVZ or Blogosphere will be a main target of cyber criminals. Attractive targets will continue to be banks - and credit card information, which are stolen through diverse Internet transactions.”

Attackers will also try to infect Internet connected mobile phones including the Google-mobile and the iPhone, which are becoming increasingly popular. These devices are nearly always online and offer the cyber criminal the possibility to manipulate money transactions and to steal data, for instance from the SIM card. The supplied Web browsers Chrome (Google mobile) and Safari (iPhone) are popular gateways.

“There are also more frequent attacks to online services for central data management into this growing category for 2009. New data pools are generated by transferring Office applications to the Internet, for example Cloud-Computing using Microsoft or Google Apps, could increase the risk of identity theft. Users really need to think if it is wise to give the control of their data to other people”, says Witzgall.

About Avira

Avira protects people in the connected world – enabling everyone to manage, secure, and improve their digital lives. The Avira umbrella covers a portfolio of security and performance applications for Windows, Android, Mac, and iOS. In addition, the reach of our protective technologies extends through OEM partnerships. Our security solutions consistently achieve best-in-class results in independent tests for detection, performance, and usability. Avira is a privately-owned company that employs 500 people. Its headquarters are near Lake Constance, in Tettnang, Germany, and the company has additional offices in Romania, India, Singapore, China, Japan & the United States. A portion of Avira's sales support the Auerbach Foundation, which assists education, children, and families in need. For more information about Avira visit