Thanks for signing up, a member of the Global PR team will be in touch with you shortly.
Prominent on last year's malware scene were the Angler and Nuclear exploit kits, both of which, like the other top exploit kits, mostly took advantage of vulnerabilities in Flash to do their dirty work. But Sean Sullivan, Security Advisor in F-Secure Labs, predicts in the report that Google Chrome will kill Flash support in early 2017, and Mozilla Firefox and Microsoft Edge will follow. Sullivan predicts that by spring of 2017, Flash will no longer bear fruit for exploit kit makers.
Exploits, which have become one of the most common vehicles for malware in the past decade, need out-of-date software in order to accomplish their goal of getting through security holes. But that software, Sullivan says, will be harder and harder to find. For example, with HTML 5's capability to "do it all", the need for third party browser plugins has mostly been eliminated. And today's browsers themselves are auto-updated, without the need for the user to intervene, so users always have the latest version.
Other programs don't offer much fruit. Microsoft's software is much more secure than it used to be, and patches roll out very quickly. Adobe's other software is more and more cloud based, rather than being local on people's machines. And browser developers have forced Java into a restricted place. So what will happen to exploit kits if there's no new fruit?
"Hopefully, they die," Sullivan says. "Wouldn't be the first time that a business model collapsed in the malware scene. Or they may focus on browsers, but then they'll need to find zero day vulnerabilities."
Macro malware re-appears
As exploit kits face an eventual decline, the report predicts that commoditized malware services will only accelerate their use of email attachment-based malware schemes. One such scheme is macro malware, which re-emerged in 2015 after lying low since the early 2000s.
Malware authors use the macro feature in Office to implant malicious code to documents they email as attachments. With Office 2003, Microsoft changed default settings to no longer run macros automatically, making attacks much more difficult. Today's macro malware attempts to get around Microsoft's default settings by displaying text in the open document that claims it is a "protected" document that requires the user to enable macros.
Other Notable Highlights from F-Secure's 2015 Threat Report:
F-Secure makes every digital moment more secure, for everyone. We deliver brilliantly simple, frictionless security experiences that make life easier for the tens of millions of people we protect and our 170 service provider partners. For more than 30 years, we’ve led the cyber security industry, inspired by a pioneering spirit born out of a shared commitment to do better by working together.
Sign up for media information from F-Secure.
Browse through our news by year.
Browse through our news by category.