"In terms of market share, Android may be on its way to dominating the mobile space the same way that Windows dominated the desktop/laptop arena," Trend Micro notes in its Security Threats to Business, the Digital Lifestyle and the Cloud: Trend Micro Predictions for 2013 and Beyond report. "Malicious and high-risk Android apps are becoming more sophisticated. An "arms race" between Android attackers and security providers is likely to occur in the coming year, much as one occurred a decade or more ago over Microsoft Windows."
One particular area of concern is malware that buys apps from an app store without user permission. McAfee points to the Android/Marketpay.A Trojan, which already exists, and predicts we'll see criminals add it as a payload to a mobile worm in 2013.
"Buying apps developed by malware authors puts money in their pockets," McAfee Labs suggests in its 2013 Threats Predictions report. "A mobile worm that uses exploits to propagate over numerous vulnerable phones is the perfect platform for malware that buys such apps; attackers will no longer need victims to install a piece of malware. If user interaction isn't needed, there will be nothing to prevent a mobile worm from going on a shopping spree."
McAfee also has concerns about the near-field communications (NFC) capabilities that are appearing on an increasing number of mobile devices.
"As users are able to make "tap and pay" purchases in more locations, they'll carry their digital wallets everywhere," McAfee Labs says. "That flexibility will, unfortunately, also be a boon to thieves. Attackers will create mobile worms with NFC capabilities to propagate (via the "bump and infect" method) and to steal money. Malware writers will thrive in areas with dense populations (airports, malls, theme parks, etc.). An NFC-enabled worm could run rampant through a large crowd, infecting victims and potentially stealing from their wallet accounts."
McAfee also reports that malware that blocks mobile devices from receiving security updates is likely to appear in 2013.
Ransomware-in which criminals hijack a user's capability to access data, communicate or use the system at all and then forces the user to pay a ransom to regain access-spiked in 2012 and is likely to keep growing in 2013, says McAfee.
"Ransomware on Windows PCs has more than tripled during the past year," McAfee Labs reports. "Attackers have proven that this 'business model' works and are scaling up their attacks to increase profits."
McAfee Labs says it expects to see both Android and Apple's OS X as targets of ransomware in 2013 as ransomware kits, similar to the malware kits currently available in the underground market, proliferate.