If you believe the folks at security firm Kaspersky Lab (and you probably should, since their prediction for 2009 was accurate) you’ll find next year’s big threat by following the users.

And where do they go more often than not? That would be file-sharing networks — places where everything from movies to music to pirated software is swapped online, and social networking sites.

That’s where the big security problems will be in 2010, say the folks at Kaspersky.

“Malware will continue to further its sophistication in 2010 with specific malware families requiring significant resources from anti-malware companies to adequately fight them,” says Roel Schouwenberg, Senior Malware Researcher at Kaspersky Lab Americas.

“Third party program vulnerabilities will continue to be the target of choice by cybercriminals with Adobe continuing to be the main target. And finally I believe that with the introduction of real-time search, black hat SEO and social networks will become an even bigger focus of cybercriminals.”

With the start of 2010 just around the corner, researchers and analysts from Kaspersky have come up with a list of six predictions for what will be the New Year’s greatest threats and newest attack vectors:

1. A rise in attacks originating from file sharing networks. In the coming year we will see a shift in the types of attacks on users, from attacks via Web sites and applications toward attacks originating from file sharing networks.
2. An increase in mass malware epidemics via P2P networks. In 2009 a series of mass malware epidemics has been “supported” by malicious files that are spread via file sharing networks. This method has been used to spread notorious threats such as TDSS and Virut as well as the first backdoor for Mac OS X. In 2010, Kaspersky expects to see a significant increase in these types of incidents on P2P networks.
3. Continuous competition for traffic from cybercriminals. The modern cybercriminal world is making more and more of an effort to legalize itself and there are lots of ways to earn money online using the huge amount of traffic that can be generated by botnets. In the future, Kaspersky foresees the emergence of more “grey” schemes in the botnet services market. These so-called “partner programs” enable botnet owners to make a profit from activities such as sending spam, performing denial of service (DoS) attacks or distributing malware without committing an explicit crime.
4. A decline in fake anti-virus programs. The decline in gaming Trojans witnessed in 2009 is likely to continue for fake anti-virus programs in 2010. Conficker installed a rogue anti-virus program on infected computers. The fake anti-virus market has now been saturated and the profits for cybercriminals have fallen. Additionally, this kind of activity is now being closely monitored by both IT security companies and law enforcement agencies, making it increasingly difficult to distribute fake anti-virus programs.
5. An interest in attacking Google Wave. When it comes to attacks on web services, Google Wave looks like it will be making all the headlines in 2010. Attacks on this new Google service will no doubt follow the usual pattern: first, the sending of spam, followed by phishing attacks, then the exploiting of vulnerabilities and the spreading of malware.
6. An increase in attacks on iPhone and Android mobile platforms. 2010 promises to be a difficult time for iPhone and Android users. The first malicious programs for these mobile platforms appeared in 2009, a sure sign that they have aroused the interest of cybercriminals. The only iPhone users currently at risk are those with compromised devices; however the same is not true for Android users who are all vulnerable to attack. The increasing popularity of mobile phones running the Android OS combined with a lack of effective checks to ensure third-party software applications are secure, will lead to a number of high-profile malware outbreaks.

Tags: 2010, botnets, Kaspersky Labs, malware, prediction, threats, viruses