Microsoft probes AntiSpyware Trojan

Help and Discussion

Moderator: The Mod Squad

Microsoft probes AntiSpyware Trojan

Postby Copper » Thu Feb 10, 2005 3:24 pm

Microsoft probes AntiSpyware Trojan
By Dan Ilett, ZDNet UK

Microsoft is offering support to people hit by BankAsh-A, the Trojan targeting its anti-spyware application


Microsoft is investigating a piece of malicious code that targets the recently released beta version of its AntiSpyware product.

On Wednesday, antivirus company Sophos reported a new Trojan, dubbed Bankash-A, which suppresses warning messages displayed by Microsoft AntiSpyware and deletes all of the files in the program's folder. The Trojan also steals passwords and online banking details from Windows users.

"Microsoft is actively investigating new public reports of a criminal attack, known as the 'Bankash-A Trojan'," Microsoft wrote in an emailed statement. "Microsoft is not aware of any significant customer impact resulting from the Trojan. Microsoft continues to recommend customers evaluate the Microsoft AntiSpyware beta and encourage customers to follow the three steps to help keep your PC protected: www.microsoft.com/protect."

The software giant is also offering free support to victims of the Trojan.

"Customers who believe they may have been affected should contact Product Support Services Product Support Services in North America can be contacted for help with security update issues or viruses at no charge by using the PC Safety line (1-866-PCSAFETY). International customers can receive the same level of support by using any method found at this location: http://support.microsoft.com/."

Microsoft then added that people should consult their local law enforcement agencies if they have been infected by the Trojan.

"Customers who believe they have been attacked should contact their local FBI office or post their complaint on www.ifccfbi.gov. Customers outside the U.S. should contact the national law enforcement agency in their country."

The Trojan targets users of UK online banks such as Barclays, Cahoot, Halifax, HSBC, Lloyds TSB, Nationwide, NatWest, and Smile.

On Wednesday, Sophos said the Trojan was the first piece of malware to target the anti-spyware product.

"As Microsoft's product creeps out of beta and is adopted more by the home user market, we can expect to see more attempts by Trojan horses, viruses and worms to undermine its effectiveness," said Graham Cluley, senior technology consultant for Sophos.



"Only two thing are infinite, the universe and human stupidity,and Im not sure about the former." Albert Einstein (1879 - 1955)
Copper
Black Belt 5th Degree
Black Belt 5th Degree
 
Posts: 8640
Joined: Mon Jul 14, 2003 12:38 pm
Location: Midlands UK

Postby snap355 » Thu Feb 10, 2005 4:22 pm

:lol:
Someone is already out to get MS spyware products
[url=http://www.motherboards.org/folding/index.html] Lend a hand and help with the folding project. Come join our 33258 team!

Image
[/url]
snap355
Black Belt 5th Degree
Black Belt 5th Degree
 
Posts: 9258
Joined: Mon Sep 13, 2004 3:22 pm
Location: 33258

Postby Black Wolf » Thu Feb 10, 2005 4:32 pm

Read about this morning, couldn't stop smiling.
Image
Black Wolf
Black Belt 5th Degree
Black Belt 5th Degree
 
Posts: 8955
Joined: Fri Aug 08, 2003 1:47 pm
Location: Ottawa, Canada

Postby snap355 » Fri Feb 11, 2005 6:56 am

Black Wolf wrote:Read about this morning, couldn't stop smiling.


You must have some deep hatred towards Microsoft :twisted:
[url=http://www.motherboards.org/folding/index.html] Lend a hand and help with the folding project. Come join our 33258 team!

Image
[/url]
snap355
Black Belt 5th Degree
Black Belt 5th Degree
 
Posts: 9258
Joined: Mon Sep 13, 2004 3:22 pm
Location: 33258

Postby EmilyB » Fri Feb 11, 2005 7:15 am

snap355 wrote::lol:
Someone is already out to get MS spyware products


Its fairly clever doing this on a product that is still in BETA.

I wonder if the Trojan is still in BETA too :lol:
EmilyB
 

Postby evasive » Fri Feb 11, 2005 11:13 pm

I think this is only the top of the iceberg of what is coming once they release it and ask money for it...
We hate rut, but we fear change.
********************************
System error, strike any user to continue...
evasive
Mobo-fu Master
Mobo-fu Master
 
Posts: 37389
Joined: Sun May 06, 2001 12:01 am
Location: Netherlands

Postby Copper » Sat Feb 12, 2005 10:38 am

i agree with evasive

Microsoft build cheese grater software , full of holes
"Only two thing are infinite, the universe and human stupidity,and Im not sure about the former." Albert Einstein (1879 - 1955)
Copper
Black Belt 5th Degree
Black Belt 5th Degree
 
Posts: 8640
Joined: Mon Jul 14, 2003 12:38 pm
Location: Midlands UK

Postby kltsin » Sat Feb 12, 2005 10:56 pm

I was on a few security forums where one of Giants developers back in Oct 2004 when they first came out was actually in a security forum and getting feedback from the users, this was a great sign for a new company even though Giant returned a bunch of false positives and missed alot in its scanning it still had a chance as being a very good product. (The registry scan seemed to be highly touted)

But many other malicious programs have attacked Spybot and Adaware and everyone else, this is no different, but now it has the MS name on it....

What may be different about this is that all AV companies will include a fix for this since its attacking an MS product. And the fix may come in a windows update as well, spybot and others didnt have this choice when it came to some nasty's such as coolweb.

It also may get some news media attention encouraging people to do this or that, in the end it may be good thing, beta or not.
kltsin
Black Belt 2nd Degree
Black Belt 2nd Degree
 
Posts: 2792
Joined: Tue Jun 29, 2004 9:05 am
Location: St. Augustine, Fl


Return to Virus/Spyware/Security

Who is online

Users browsing this forum: Lindex [Bot] and 2 guests