Apple, Google TV, Foursquare to Face Malware Attacks in 2011, Says McAfee

Cyber-criminals will target Apple products, Google TV, geo-location services such as Foursquare and Gowalla, and other social media sites in 2011, far more than traditional e-mail methods, said McAfee Labs researchers.

Researchers at McAfee Labs predicted on Dec. 28 that cyber-criminals will target the latest and talked about online platforms, including Google TV, Apple's iPhone, and foursquare, in 2011.

Noting that the threats landscape has "changed considerably" in 2010, McAfee Labs' 2011 Threat Predictions report said criminals will exploit geo-location services, social networking tools, mobile devices and other online platforms in 2011. The "marked" increase in malware sophistication is also expected to continue, according to the report.

The report painted a particularly bleak picture for Apple, which had long flown under the malware radar. Cyber-criminals had ignored the smaller Mac market in favor of the larger Windows user base, but security experts had predicted it was just a matter of time.

"Mac users must remember that less targeted is not the same as invulnerable," said Richard Wang, manager of SophosLabs.

Mac-targeted malware will "continue to increase in sophistication" in 2011, according to McAfee Labs, as criminals take aim at Mac OS X, iPads and iPhones. The popularity of these products, especially in the business environment, combined with the "lack of user understanding" about securing them, will make "Apple botnets and Trojans" a "common occurrence" rather than a "rare encounter," predicted the researchers.

The threat is not limited to just the iPhone, but for all mobile devices. "We expect attacks to erupt at any time, yet they never quite seem to happen," but 2011 will be a "turning point," the researchers wrote. Several new mobile threats in 2010, such as rootkits for Android and the Zeus banking Trojan/botnet, hint at newer attacks and the "long-anticipated" explosion up ahead, the report said.

Cyber-criminals will respond to the intense buzz around platforms, such as the growing demand for Internet TV and the shift towards a more application-centric environment. McAfee Labs expects to see malicious apps that target or expose privacy data on new platforms such as Google TV. Botnets may be used to manipulate physical devices through compromised home-, work- and device-controlling applications. Applications that have been poorly developed with weak security protection because of the "rush to market" mentality will provide inviting avenues for app-centric privacy and data attacks, the researchers wrote.

According to the report, 2010 is ending with "some of the lowest" global spam levels in years, driven mainly in part because users are moving away from "slower" e-mail communications to more "immediate" methods such as instant messaging and Twitter. Malware will look more legitimate, whether it's because the messages appear to come from friends and family, or using signatures and certificates to trick security applications. Eventually, social media attacks will overtake e-mail as the leading attack vector, according to the report.

Cyber-criminals will also abuse URL shorteners to drive people to their malicious sites since it is not clear at first glance where the URLs are pointing. The "nominal convenience" of having short URLs will have "a tremendous impact on the success of cyber-criminals and scammers," said the report. McAfee Labs currently tracks and analyzes more than 3,000 shortened URLs per minute, and a growing number of them are used for spam, online scams and "other malicious purposes."

Spam in URL shorteners are particularly tricky to control, as Facebook found over Christmas. The social networking site said it blocked all shortened URL links because more than 70 percent of links redirected customers to spam and malicious sites. While the ban has been lifted, Facebook still suggests users exercise caution.

The "massive" amount of personal information online combined with users unaware of how to properly secure the information opens them up to identity theft and user profiling, the researchers said. With social media making it easy to see and track individuals and groups, including their likes and dislikes, affiliations and interest, there will be more instances of spear phishing, or targeted attacks, the report said.

Internet users are also adding geo-location information to their social media profiles to publicize where they are. Locative services such as foursquare, Gowalla, and Facebook Places, or just turning on location info on Twitter gives cyber-criminals even more information about their potential victims. It is "child's play" to craft a targeted attack, predicted McAfee Labs.

"Personalized attacks are about to get a whole lot more personal," the researchers wrote.

Spam volumes are also down because of successes by law enforcement in shutting down some major botnets, including the Mariposa, Bredolab and Zeus networks. To evade shutdown, more botnets will merge, similar to SpyEye and Zeus, or apply sophisticated features such as more targeted attacks and advanced data-gathering. They will also employ Facebook, Twitter and other geo-location services, the researchers predicted.