Anti-virus experts at Sophos have discovered the first piece of malware to attack Microsoft's new anti-spyware product, currently still in beta.
The Troj/BankAsh-A Trojan horse is designed to steal passwords and online banking passwords from unsuspecting Windows users. The Trojan horse also disables Microsoft AntiSpyware, currently available only as a beta download from Microsoft's website, attempting to suppress warning messages that Microsoft AntiSpyware may display and deleting all files within the program's folder.
"This appears to be the first attempt yet by any piece of malware to disable Microsoft AntiSpyware, but it may be the first of many such future attacks," said Graham Cluley, senior technology consultant for Sophos. "As Microsoft's product creeps out of beta, and is properly released and is adopted more by the home user market, we can expect to see more and more attempts by Trojan horses, viruses and worms to try and undermine its effectiveness."
Sophos experts have warned that, besides disabling Microsoft's anti-spyware product, the Trojan horse also targets users of UK online banks such as Barclays, Cahoot, Halifax, HSBC, Lloyds TSB, Nationwide, NatWest, and Smile.
"More and more malware is being written by criminals, designed to steal bank account information from innocent computer users," continued Cluley. "All internet users need to ensure their computers are properly defended with the latest up-to-date protection software, and make sure they are not putting themselves in jeopardy."
The British banking industry has published information about how online bank users can help stay safe online at www.banksafeonline.org.uk.
Sophos anti-virus products have been protecting against the Bankash-A Trojan horse since 06:03 GMT on 9 February. Sophos recommends that businesses ensure their computers are kept automatically up-to-date with the very latest protection against viruses, spam and malicious spyware
*posted Feb 9
http://www.sophos.com/virusinfo/articles/bankash.html