SOURCE: M86 Security

M86 Security

November 22, 2010 07:00 ET

Mobile, Data-Stealing Malware and Malware-as-a-Service Top M86 Security Predictions 2011 Report

New Report From M86 Security Looks at the Cyber Threats Organizations and Security Professionals Can Expect in the New Year

ORANGE, CA--(Marketwire - November 22, 2010) - The exploding smartphone market and growing tablet device market, the rise in online banking, and a shift from simple exploit kits to more sophisticated Malware-as- a-Service model for cybercriminals, top the list of cyber concerns in the M86 Security Labs Predictions 2011 Report released today.

The Report, presented annually by M86 Security, the global expert in real-time Web and email threat protection, and assembled through comprehensive research conducted by M86 Security Labs, examines threats and attacks from the past year and predicts noteworthy trends in cyber security for which organizations should prepare in the year ahead.

"In 2010, we've seen dramatic increases in issues regarding mobile malware, as well as growing complexity of Trojan horse attacks in the banking industry," says Bradley Anstis, vice president of technical strategy, M86 Security. "And although Malware-as-a-Service isn't new, we're seeing it take hold. New service offerings signal that the shift may become more prominent in the coming year. In the same way that cloud computing is growing for commercial organizations, cybercrime is also moving this same way."

The most significant issues topping the M86 Security Predictions 2011 Report are three areas of market growth that increasingly are being compromised by more sophisticated cybercriminals and their tools.

  • Exploding Smartphone Market and Growing Tablet Demand Lead to more Mobile Malware

    While the RIM operating system continues to dominate, Google's Android operating system, and phones running the Google OS, have seen tremendous growth over the last year, including announcements of their adoption into the growing tablet market. While Apple is more strict than Google on its application approval, both vendors have begun to see more vulnerabilities in each of their platforms, with some rogue applications and malware. In addition, in 2010 the ZeuS Trojan targeted a two-factor authentication component on phones running the Symbian operating system, highlighting the fact that smartphones and all mobile platforms are on the radar of cybercriminals.

    What does this mean for organizations looking to protect their networks? There are two potential risks: companies give out phones to their employees, or employees use their own phones through their companies' networks. Likewise, tablets are running the same versions of operating systems as the mobile phones further expanding the user base. Allowing the use of such devices on the corporate Wi-Fi network is likely to bring more pains in the future. With the proliferation of mobile devices, M86's Anstis advises that organizations' IT professionals should ensure that there are clearly defined policies and remediations in place for usage of these devices on the corporate network.

  • Tools of The Trade -- Data-Stealing Trojans Get More Sophisticated

    There has been a lot of attention surrounding data-stealing Trojans such as ZeuS. Whether there are notable attacks, such as those targeting customers of global financial institutions, to arrest warrants issued by the U.S. and UK governments for hackers who have perpetrated crimes using ZeuS -- which number in the hundreds of thousands -- the pressure is mounting. As a result, new malware is starting to see its stock rise, such as data-stealers like SpyEye, Carberp and Bugat. As staples like ZeuS face heat from authorities, these new entrants will sharpen their skills in order to carry out their attacks unimpeded and keep the money flowing in.

    The other area of growth is in the sophistication of these Trojans, which have gone from just data stealing to Man-in-the-Browser attacks, actively participating in cybercrime attacks through Internet banking. This way they do not need to worry about collecting the information required to impersonate the user. Instead they simply wait for the user to log on and then take over their browsing session.

  • Malware-as-a-Service (MaaS) -- More Services Being Offered vs. Traditional Applications 

    Exploit Kits, also known as "Attack Toolkits," have become popular with cybercriminals over the last couple of years. Used as 'Command Control' for cyber attacks, exploit kits have lowered the entry level to cybercrime and given birth to a new ecosystem with many different players with different roles to play. 

    According to M86 Security Labs research findings, a shift is happening whereby the different players in the cybercrime ecosystem are offering their products as services, teaming up with other players to offer complete, one-stop shop cybercrime-as-a-service capabilities. For example, the NeoSploit and Phoenix exploit kits now offer different malware services to their customers to remove the additional task of finding malware to load into your exploit kit. According to the report, while a decline in the usage of exploit kits is not anticipated, M86 predicts there will be more consolidated service offerings for cybercriminals, instead of just application offerings.

"The vulnerabilities and predictions outlined in this report are intended to provide an overview of what is likely to be a much larger set of threats in the coming year. Smartphone adoption in the enterprise will only continue to grow, and, as the focus shifts toward the tablet platform, we anticipate malware targeting all of the mobile platforms to increase in 2011," says Anstis.

"To outsmart the bad guys, organizations need to first understand where the threats are likely to come from, and then second define exactly what needs to be protected, and how critical it is," he adds. "But just as important, they must lay out their best practice strategies and policies for proactively combating and staying ahead of the emerging security threats."

To view the full M86 Security report, including a full listing of the key security predictions for 2011, please go to:

About M86 Security Labs
M86 Security Labs is a group of security analysts specializing in email and Web threats, from spam to malware. They continuously monitor and respond to Internet security threats. The Security Labs' primary purpose is to provide a value-added service to M86 customers as part of product maintenance and support. This service includes frequent updates to M86's unique, proprietary anti-spam technology, SpamCensor, as well as Web threat and vulnerability updates to the M86 Secure Web Gateway products. The updates allow M86 customers to proactively detect and block new and emerging exploits, threats and malware. Data and analysis from M86 Security Labs is continuously updated and always accessible online at and on Twitter at

About M86 Security
M86 Security is the global expert in real-time threat protection and the industry's leading Secure Web Gateway provider. The company's appliance, software, and Software as a Service (SaaS) solutions for Web and email security protect more than 25,000 customers and 26 million users worldwide. M86 products use patented real-time code analysis and behavior-based malware detection technologies as well as threat intelligence from M86 Security Labs to protect networks against new and advanced threats, secure confidential information, and ensure regulatory compliance. The company is based in Orange, California with international headquarters in London and development centers in California, Israel, and New Zealand. For more information about M86 Security, please visit:

Follow M86 Security on
Twitter at
Facebook at
M86 Security Labs Blog at

Contact Information

  • Media Contact:

    Jan Wiedrick-Kozlowski
    Activa PR for M86 Security
    Email Contact