Malware writers are expected to use NFC technology to spread worms across tablets and smartphones.
Security firm McAfee released its threat predictions report for 2013 (pdf), claiming that Windows 8 will be the next big target because "criminals go where the money goes", and that consumers will likely (eventually) upgrade to the latest version. Still, Windows 8 should provide improved security against malware and exploits compared with earlier versions of Windows... at least for a while, the company said.
"Now that the underground market for attack and malware kits is much more competitive than three years ago, it is likely that Windows 8–specific malware will be available quicker than Windows 7–specific malware appeared," McAfee said. "Systems running the new Unified Extensible Firmware Interface are still vulnerable to MBR-based rootkits, just as previous OS versions were, according to one research company."
Despite any flaws, Windows 8 is a more secure platform, McAfee said, and that upgrading is definitely worth considering.
The company also revealed its five main predictions of 2013, reporting that (1) ransomware will resurge and take on mobile devices; (2) mobile malware will go on a shopping spree; (3) mobile "tap and pay" worms will "bump and infect"; (4) botnets will phone hone; and (5) online marketplaces will offer a single "click" to hack services.
For option three, the "tap and pay" worm, this will be accomplished through devices with near-field communication (NFC) technology. Malware writers are expected to create mobile worms with NFC capabilities that can spread using that “bump and infect” method, as well as steal money from victims’ accounts.
As for the botnets phoning home, McAfee said that in 2013, "botmasters" will retaliate against the crackdown on botnets and protect their income by implementing fail-safes that will allow them to regain control of a botnet after it has been taken down. Another avenue of revenue for malware writers will be through apps that will exploit vulnerabilities in mobile phones and secretly purchase additional apps written by the malware authors, dumping money into their pockets.
"While we don’t know for sure whether these particular attacks will thrive in the year ahead, we do know that there are a large variety of threats that can put your devices and information at risk, so it’s best to take proactive measures to protect yourself."
McAfee offers four security resolutions for 2013 which can be fully read here including installing security software on ALL devices, strengthening and changing passwords, and more.