The Transform Technology Summits start October 13th with Low-Code/No Code: Enabling Enterprise Agility. Register now!

Anti-malware firm M86 Security published a report today predicting that malware creators are going to target smartphones and get a lot smarter about creating viruses that are much tougher to detect.

The M86 Security Predictions 2011 report has a lot of scary stuff in it for ordinary computer users. It makes you want to toss out your smartphone and unplug your computer from the internet. Cybercriminals are targeting smartphones because they aren’t as well protected as computers with anti-malware software, said Bradley Anstis, vice president of technology for M86 Security, a security technology company in Orange, Calif. As an example, the recent Zeus virus was released on Nokia phones running the Symbian operating system. The malware was able to compromise online-banking apps which uses text messages to verify mobile transactions.

The Google Android operating system is particularly vulnerable to attack, since just about anyone can upload apps bearing malware to the Android Market. Those apps often trick users into giving them permission to do something to the user’s phone. One app, Movie Player, secretly sent text messages to a premium rate number, costing users several dollars per message. Companies that give out phones to their employees may find that those phones, once compromised, can be used to attack the corporation.

“This is just the beginning,” Anstis said. “The cybercriminals are going where the users are.”

If you don’t have anti-malware protection on your phone, now may be the time to get some.

The new year is likely to bring a host of other evils. Among the scariest is “malware as a service.” Just as legitimate enterprises have adopted software-as-a-service, some malware vendors are making it easier for cybercriminals to adopt hacking tools, such as botnet networks, which use the computing power of compromised computers to launch malware attacks, as a service. That trend isn’t brand new, but it is taking hold, Anstis said. Just as enterprises are tapping the cloud to improve security, malware vendors are using the cloud to undermine security.

Malware creators will also be able to better disguise their work using stolen digital certificates, which are used to authenticate web sites. With forged certificates, anti-virus software that trusts the certificates may be fooled, allowing malware to bypass typical barriers. The Stuxnet virus that attacked industrial control equipment was the first malware to employ this trick of using forged digital certificates. Spam campaigns will increasingly mimic legitimate mail from popular web sites.

M86 also believes that social network users will continue to be targeted by malware, mainly because the users tend to trust messages coming from their own friends. By warning about upcoming malware trends, M86 hopes to get enterprises and the tech community to start planning responses. M86 has more than 25,000 customers with 26 million users worldwide. The company has 350 employees.

[image credit: eHow]


VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more
Become a member