Sophos Malware Report Predicts Rise in Ransomware and IoT Threats

Ahead of the RSA Conference 2017, SophosLabs has released a new malware forecast that makes predictions about the changing threats over the coming months.

SophosLabs reports typically concentrate on the Windows platform, since it is Windows devices that are most commonly attacked, although the latest report also covers other platforms such as Android, MacOS and Linux.

SophosLabs details four trends from 2016 in its report that are likely to continue to pose major problems for businesses and consumers in 2017.

There has been a meteoric rise in Internet of Things devices in the past few years. Now everything from small personal trackers to refrigerators and washing machines are now connected to the Internet. These devices often lack the necessary security controls to prevent unauthorized access, with security controls rarely configured to last the entire lifetime of the device. SophosLabs says out of date versions of Linux, the use of default passwords and the lack of encryption make the devices ripe for abuse which is likely to see a rise in Linux malware that exploits these common vulnerabilities.

SophosLabs expects Android malware to become more pervasive. There has been a major rise in Android malware variants, although the biggest threat comes from Andr/PornClk, which accounts for over 20% of infections. The malware downloads application packages (APKs), places shortcuts on the home screen and records sensitive user details. Android ransomware is also a major threat. This form of malware takes over the users’ device and demands a ransom payment. The most common variant is Andr/Ransom-I, which usually masquerades as an Adobe Flash, Adult Player or system update and targets Android 4.3. Infections – and new variants of Android ransomware and malware – are expected to grow significantly.

2016 also saw a rise in MacOS malware, which is commonly used to install potentially unwanted applications (PUAs) such as password stealers, ransomware, adware and a variety of other malware types. MacOS is not targeted nearly as much as Windows-based systems or Android devices, although SophosLabs expects the rise in MacOS malware to continue.

SophosLabs also reports on the use of Windows-based malware kits, which have previously targeted Word but are now being used on targets other than Office, such as Adobe Flash.

While it is impossible to accurately predict what will happen in 2017, the trends of 2016 are likely to continue given the successes cybercriminals have had over the past 12 months.

Author: Richard Anderson

Richard Anderson is the Editor-in-Chief of