Five new malware threats for 2009

As IT gets more complex and sophisticated, so does the malware. MessageLabs revealed some of the new tricks and dangers we need to look out for next year.

1 - Mash-up malware

Web 2.0 is the ideal environment for malware which can change depending on the event or circumstances of a situation. Separately they may be harmless, but they can be constructed and combined to create a malicious attack.

With mash-ups users are able to combine data from many websites, but these can be used to construct a malicious attack. Malware-as-service will also be more common, which allows automated malware to be bought and released to order.

Cybercriminals are also very likely to find new ways to change and modify malware, making some undetectable even to the very best anti-virus solutions.

2 - Personal social network phishing

2008 saw the first time that criminals were making a much more concerted effort to phish social networking sites such as Facebook.

This will continue, but as bad guys will learn the way that members use the site they will develop better tricks to collect as much personal information as they can.

Regular email phishing will be a problem, but it's unlikely to be the traditional Nigerian-style 419 scam which end up fooling you. Targeted emails are becoming more common as it becomes easier for anybody to become to phish thanks to malware-as-a-service.

3 - The battle to CAPTCHA

Surfing the net you may have noticed that CAPTCHA letters are becoming more difficult to read. This is because botnets have been advanced enough to break them thanks to CAPTCHA-breaking software.

Providers have tried to fight back by enhancing the CAPTCHA process, which usually means making the letters difficult to read so CAPTCHA breaking software won't read it.

Like many aspects of computer security, it's an arms race between the CAPTCHA provider and the CAPTCHA breaker to see who has the best technology, either for defence or attack.

4 - Increased reputation hijacking

Thanks to the discovery of a fundamental flaw in the design of the internet DNS (Domain Name Service) protocol, it is in theory possible to poison a cache and cause somebody to be given the wrong IP address when it comes to something like email or simply surfing a website.

If in 2009 criminals successfully manage to take advantage of this flaw, it could lead to extremely serious repercussions. This is because criminals would be able to masquerade as a legitimate server and create a website which many people will be fooled into divulging credit confidential details.

5 - The new botnet generation

With the major botnets suffering a few hits at the back end of 2008 due to hosting services being taken down, these could move to other areas like Russia or China which may carry the technology for a more evolved type of malware.

MessageLabs described a particularly sophisticated type of botnet using hypervisor technology. This is where malware can exist as a virtualisation layer running directly on the hardware and intercepting key operating system calls.

This would mean the real operating system will remain unaware of the existence of underlying malware which is controlling the computer