Print
Discuss
Send to friend
RSS feeds
Daily news podcastMicrosoft is investigating reports of a Trojan which attempts to disable its AntiSpyware beta product.
The Troj/BankAsh-A Trojan, discovered yesterday, is designed to steal passwords and online banking details.
But the Trojan also tries to disable Microsoft AntiSpyware, attempting to suppress warning messages that the software may display, and deleting all files within the program's folder, according to antivirus company Sophos.
Microsoft AntiSpyware is a new security technology which aims to protect Windows users from spyware and other unwanted software, and is currently in beta testing.
Microsoft confirmed that it is "actively investigating" new reports of the Trojan, but is not aware of any significant customer impact resulting from BankAsh-A.
"Microsoft will continue to work with law enforcement and the industry to help protect customers from these types of threat," it said.
"We also encourage users to use extreme caution when opening unsolicited files from known and unknown sources. Microsoft continues to recommend customers to evaluate the Microsoft AntiSpyware beta."
Graham Cluley, senior technology consultant at Sophos, said that, although viruses often try to switch off antivirus software or firewalls, this is the first specifically to target Microsoft's AntiSpyware product. There have only been a handful of reports of the Trojan so far, he added.
Cluley also warned that, as Microsoft AntiSpyware is increasingly adopted by home users, there will be more attempts by Trojans, viruses and worms to try and undermine its effectiveness.
The BankAsh-A Trojan also waits until an internet user visits a UK online banking site and begins recording keystrokes in an attempt to steal log-in details.
Microsoft AntiSpyware beta is available for download here.
More information about Troj/BankAsh-A can be found here
See also:
Virus writers are waking up and smelling the money 04 Feb 2005
All Enterprise Security Technology
del.icio.us
Digg this
reddit!
