2009 is drawing to a close, and 2010 is almost upon us. The Chinese calendar says 2010 is the Year of the Tiger, but a report released from McAfee claims it could be the year of Adobe malware.
Traditionally, the most common target for malware is Microsoft. Microsoft holds a dominant stake of the operating system, office productivity, and Web browser markets, so it’s only logical that malware developers would want to fish in the pool with the most targets.
However, Mac OS X is creeping up in operating system market share and Firefox and Chrome are nibbling away at the Web browser market share, making them more attractive targets for attack as well. Adobe, with Flash and Acrobat Reader, is virtually ubiquitous across all operating system platforms and Web browsers, which makes it a one-stop-shopping target.
The McAfee report says "Cybercriminals have long picked on Microsoft products due to their popularity. In 2010, we anticipate Adobe software, especially Acrobat Reader and Flash, will take the top spot."
I spoke with McAfee chief technology officer George Kurtz, who explained that "Adobe has added so much functionality to their software they are suffering the same fate as Microsoft with Internet Explorer."
Stuart McClure, vice president of operations and strategy of McAfee’s Risk and Compliance business unit, agrees. "Adobe, Apple, all of the major vendors are being targeted due to their proliferation and ubiquity. We’ve been saying it for a long time now, Microsoft has held the jeweled crown for juicy targets but they won’t be leading forever. The day has come…"
Microsoft critics often imply that the Windows operating system(s), and Microsoft applications like the Microsoft Office suite and Internet Explorer Web browser, are just inherently less secure. That assumption can lead users of alternate operating systems and Web browsers to a false sense of security that will come back to haunt them as malware developers expand the scope of their attacks.
Adobe has already seen a rise in attacks throughout 2009. Just recently, Adobe Reader was hit by a zero-day exploit which could allow attackers to install additional malicious software elements or capture sensitive information from vulnerable systems. In July of this year a flaw in Adobe Flash was targeted by attackers, and in October attackers targeted flaws in Adobe Reader to send malicious PDF’s.
Adobe won’t be the only target, though. Attackers will continue to use shortened URL’s to dupe users into visiting malicious Web sites, or as part of phishing attacks. Like Adobe products, Web-based services–especially social networking sites like Facebook and Twitter–span operating systems and hardware platforms and make very attractive targets as well.
Kurtz sums it up "Exploiting Adobe has become the preferred choice of attackers simply because not many people keep their Adobe software patched. It simply is the path of least resistance."