The onslaught of the Windows Goner worm warns us to watch for Christmas Grinches, but next year the warning may extend to Linux users as the operating system (OS) becomes more of a target.

"Of course we will see more and more attacks on Windows, but Linux will be a target because its use is becoming more widespread," said Raimond Genes, European president for antivirus at Trend Micro. "It is a stable OS, but it's not a secure OS."

Jack Clarke, European product manager at McAfee, said: "In fact it's probably easier to write a virus for Linux because it's open source and the code is available. So we will be seeing more Linux viruses as the OS becomes more common and popular."

Clarke added that it seems ridiculous that users have any doubt about Linux being be attacked. "It's not a target at the moment because the market isn't there, but Li0n and Ramen have already proved that it's on the menu," he explained.

"Of course it's possible to write a virus for Linux," said Genes, dismissing the common opinion that Linux is a virus free OS. "But there is some prejudice amongst the virus writing community. If you write a virus for Windows, your peers clap their hands; write one for Linux and they'll stone you."

The experts agree that virus writers' trump card at the moment is social engineering, which works on any OS. "The successful viruses today make clever use of social engineering, as demonstrated by Goner. It's the virus writer's most dangerous weapon," said Genes.

Clarke added: "Social engineering combined with a common OS make an effective weapon for virus writers."

Genes also said that we are likely to see more viruses capable of denial of service attacks and more network aware viruses that use similar techniques to Code Red and Nimda.

Such worms leave holes in a network even after the worm itself has been killed. Nimda, for example, is capable of setting up open shares on a network.

"These aren't fixed by antivirus updates," said Genes. "You need to use clean up tools to restore such changes. But users don't download these. It's as if they don't care," he said.

Antivirus companies will be changing their techniques next year to make users aware of the "post vaccination" threats still on their networks. "We need to push fixes to users more, because they won't come to us," said Clarke.