More Web attacks likely in 2010; smartphones, Win 7 potential targets

The year 2010 will see the more threats on the webscape. Smartphones, Windows 7, search engines and legitimate advertisements are the target segments of hackers, said Websence, Inc, an internet security major.

Researchers in Websense Security Labs have identified emerging security exploits and trends anticipated that in the next 12 months, an overall blending of security threats across multiple attack vectors to rope in computers into bot networks and steal valuable confidential information. Researchers believe that hackers will look to compromise new platforms such as smartphones and take advantage of the popularity of Windows 7. They are also expected to compromise the integrity of search engine results and use legitimate advertisements to spread their malicious content.

?Threats on the Web continue to parallel Internet users? web use patterns,? said Dan Hubbard, chief technology officer, Websense.?As audiences are moving quickly into the social web, so are attacks. As emerging operating systems and platforms like Macs and mobile devices become more popular, they are more targeted. At the same time, malicious attackers are increasing the number of traditional attacks on PCs, with quickly changing tactics and new twists on old exploits,? he added.

In 2010, Websense Security Labs anticipates the emergence and growth of the increased attacks on sophistication and prevalence, turf wars among botnet gangs, email used as a vector to spread malicious attacks, targeted attacks on Microsoft properties, including Windows 7 and Internet Explorer 8, attacks on search engines, smartphones becoming next play ground for major attacks, attacks through more malacious advertisements and increased attacks on Apple?s Macs.

In the coming year, a greater volume of spam and attacks on the social web and real-time search engines such as Topsy.com, Google and Bing.com, which recently added real-time search capabilities. In 2009, researchers have seen increased malicious use of social networks and collaboration tools such as Facebook, Twitter, MySpace and Google Wave to spread attackers? wares. Spammers? and hackers? use of Web 2.0 sites have been successful because of the high level of trust users place in the platforms and the other users. We anticipate this trend to continue in 2010. An increase in botnet groups following each other and using similar spam/Web campaigns tactics such as fake DHL and USPS notifications and other copy-cat behavior have also been noticed. It is expeced that this trend will continue in 2010. Also, a more aggressive behavior between different botnet groups, including bots with the ability to detect and actively uninstall competitor bots.

In 2010, emails used as a vector for spreading malicious attacks, will evolve in sophistication. A huge uptake in emails being used to spread files and deliver Trojans as email attachments, after being nearly non-existent for several years, will be seen. Not only are there more emails containing malicious attachments, researchers have also seen an increased sophistication of blended attacks that are difficult to close down.

According to the Labs, with the expected pace of adoption of Windows 7, one may see more attacks targeting the new operating system with specific tricks to bypass user access control warnings and a greater exploitation of Internet Explorer 8. Pop-ups occur so frequently that users ignore the warnings or turn off the feature leaving them vulnerable. While Windows 7 tries to reduce the pop-ups by allowing four levels of user access control, security challenges to the interface and the operating system still exist.

An SEO poisoning attack, also known as a Blackhat SEO attack, occurs when hackers compromise search engine results to make their links appear higher than legitimate results. As a user searches for related terms, the infected links appear at the top of the search results, generating a greater number of clicks to malicious websites. SEO poisoning attacks are successful because as soon as a malicious campaign is recognised and removed from search results, the attackers simply redirect their botnets to a new, timely search term.

By the end of 2009 Websense documented four iPhone exploits in a span of a few weeks?representing the first major attacks on the iPhone platform and the first iPhone data-stealing malware with bot function.