Malware As-a-Service Threat to Become Widespread in 2011: M86

According to its recently-published "Threat Predictions 2011" report, M86 Security a security company forecasts that cloud-based services of malicious software will become increasingly widespread during 2011, making it possible for under-resourced, potential computer hackers to execute more-and-more cyber-crime. Indeed this'll give rise to a new concept namely "malware-as-a-service."

Elaborates M86, cyber-criminals have been frequently using attack toolkits during the past few years. These toolkits, utilized to command-and-control Internet assaults, have prevented cyber-crimes' entrances, while creating one fresh ecosystem having various people at play and with different functions.

The security company also shows that developers of attack toolkits are shifting from their original activity to supplying other services along with or instead of traditional application offerings.

One instance is that of the Phoenix and NeoSploit attack toolkits, which provide their clients a variety of malware services. Thus, by using the NeoSploit toolkit, clients can buy any particular configuration of a Web-server which diverts victims' queries onto one back-end server of NeoSploit that seemingly the NeoSploit group handles.

Furthermore, M86 predicts that sophisticated malware will evolve during 2011, as can be observed from Zeus-like information-stealing Trojan viruses, which are getting increasingly advanced, whilst other information stealers like Carberp, Bugat and SpyEye have as well arisen.

Remarking about this, Product Manager Ed Rowley of M86 Security stated that Trojans were no longer merely data-stealing malware rather they also enabled man-in-the-browser assaults. Consequently, such Trojans actively took part in cyber-crime via online banking. Utilizing man-in-the-browser assaults, these Trojans didn't require worrying of gathering any information necessary for spoofing the end-user, rather soon as the end-user accessed a banking website they, after waiting for an opportunity, snatched control of the end-user's browsing session, Rowley explained. SCMagazineUK.com reported this on November 22, 2010.

Besides, according to M86, during 2011, junk e-mails will copy genuine e-mails exchanged on well-known websites more-and-more. The report further predicts that malware will continue to attack users of social-networking websites, chiefly as the users normally trust messages that people known to them -friends and colleagues- send. Thus, by cautioning of forthcoming malware patterns, M86 hopes that the security industry and businesses will begin preparing responses.

Related article: Malware Authors Turn More Insidious

» SPAMfighter News - 12/1/2010