December 30, 2011 | Bratislava | Press Releases

ESET Cyber Threats Predictions for 2012: Mobile malware, botnets, targeted attacks …

This year ESET’s top security experts from around the world – Stephen Cobb, Cameron Camp, Aryeh Goretsky, David Harley, Robert Lipovsky and Sebastian Bortnik – once again compiled a list of  predictions about the threatscape developmenst for 2012.

In terms of top malware trends for 2012, the first place has to go to malware for mobile devices. The strong growth in market share for Android has made this platform the primary focus of malware developers who target mobile devices,” says Sebastian Bortnik, Awareness and Research Coordinator at ESET Latin America. According to ESET analysis, the top threats in 2012  will be:

  • Mobile malware
  • Windows 7 threats
  • Targeted attacks
  • Social engineering improvements

During 2011 we saw multiple variants of malware on mobile devices, such as SMS Trojans that cause the infected device to send text messages to premium numbers that cost the phone user money while generating profit for cyber criminals, and mobile botnets that turn the mobile device into a zombie that can be used for criminal purposes,” says Bortnik. Other mobile malware that we will see more of in 2012 includes spyware. For example, in July 2011, two of the most popular crimepacks (SpyEye and Zeus) were released in versions compatible with mobile devices, namely ZITMO, or Zeus In The Mobile, and SPITMO. Although we do not see this threat on a massive scale yet, there is no doubt attackers will continue to migrate malicious code to the mobile platform, taking advantage of the fact that users of these devices are placing more and more sensitive business and personal information there, while at the same time they are not yet accustomed to protecting the devices with security technology and best practices.

By October 2011, ESET has identified 41 major malicious code families (and variations) for  the Android platform: 30% of threats were embedded in downloads from the Android Market, 37% are SMS trojans and  60% of the malicious code have some botnet characteristic, i.e. some kind of remote control over the device.

Android malware is not the only trend in operating system security. Gartner predicts that Windows 7 will be the most widely used operating system by the end of the year. That means some threats like rootkit for 64 bit Windows are likely to be more “popular” in 2012. As the security technology in operating systems like Windows 7 becomes more sophisticated we are likely to see the bad guys develop more complex malware to try and defeat this security.

Not only will 2012 see complex attacks targeting widely used endpoints (such as TDL4 bootkits) but, we can also expect specific malware designed to attack specific targets, as Stuxnet did last year. Right now we're seeing Duqu, based on Stuxnet, and there is a high probability we will see more of this kind of threat next year.

A big trend for 2012 is likely to be a shift in the propagation methods used by malware distributors. The traditional channels for malware and scams—such as email, instant messaging or USB devices—are likely to get less attention, while social engineering techniques deployed on social networks, search results poisoned by blackhat SEO techniques, and drive-by-downloads—malware installed on vulnerable and legitimate web sites—will gain favor as channels for infecting endpoints and compromising networks.

Aryeh Goretsky, researcher at ESET North America adds that we will see increased interest in digitally signing malware using stolen code-signing digital certificates. He predicts that “there will be reports of a vulnerability in the forthcoming Windows 8 that will be referred to as a major security flaw" only to find out—a few days or perhaps a week or so later—that it cannot be conventionally exploited or remains firmly in the realm of the theoretical”.

Finally, looking back, ESET Security Evangelist Stephen Cobb, put together a video guide through some of the top threats of 2012:

Video link:

For more detailed 2012 threat predictions, please visit ESET Threat Blog.


About ESET

Founded in 1992, ESET is a global provider of security solutions for businesses and consumers. The Company pioneered, and continues to lead, the industry in proactive threat detection. ESET NOD32 Antivirus holds the world record for the number of Virus Bulletin "VB100” Awards, and has never missed a single “In-the-Wild” worm or virus since the inception of testing in 1998. ESET NOD32 Antivirus, ESET Smart Security and ESET Cybersecurity for Mac are trusted by millions of global users and are among the most recommended security solutions in the world.

The Company has global headquarters in Bratislava (Slovakia), with regional distribution centers in San Diego (U.S.), Buenos Aires (Argentina), and Singapore. ESET has malware research centers in Bratislava, San Diego, Buenos Aires, Prague (Czech Republic), Krakow (Poland), Montreal (Canada), Moscow (Russia), and an extensive partner network for 180 countries.