Sectors
Companies
About
Subscribe

Trojan strikes Microsoft beta program

By Damian Clarkson, ITWeb junior journalist
Johannesburg, 10 Feb 2005

A Trojan that attacks Microsoft`s AntiSpyware product has surfaced, even though the product is still in beta form.

The BankAsh-A Trojan is designed to steal online passwords from unsuspecting Windows users, and also disables Microsoft`s latest anti-spyware program, says Netxactics CEO Brett Myroff.

"It attempts to suppress warning messages that AntiSpyware may display, and deleting all files within the program`s folder."

The Trojan also targets users of UK online such as Barclays, Cahoot, Halifax, HSBC, Lloyds TSB, Nationwide, NatWest and Smile.

While it is unlikely to cause any real headaches, the malware is noteworthy simply because it targets a product currently only available as a beta download from the Microsoft site.

"This appears to be the first attempt yet by any piece of malware to disable Microsoft AntiSpyware, but it may be the first of many such future attacks," adds Myroff.

While the emergence of such malware is likely to make Microsoft sit up and take notice, people should avoid making any judgements about the product, says NOD32 SA CEO Justin Stanford.

"The Microsoft`s product isn`t even released yet, so no one outside the company can fairly comment on the of the product in terms of how easily it could be disabled by malware," says Stanford.

Microsoft will no doubt choose to learn from this and build in better security for the actual release version, adds Stanford.

"Bear in mind this is not unusual and happens to many security software vendors, so while many will choose to consider it yet another 'slap in the face` in terms of Microsoft`s product security, Microsoft has already been so battle-worn by security flaws that it doesn`t particularly seem to feel it any more, nor does the world in general find it unusual," he says.

The BankAsh-A Trojan does, however, have a bearing on the upcoming release of Microsoft`s own anti-virus product. "However, it is unfair to criticise a product that is not yet released or finished. Microsoft is used to being the main target of worms, viruses and other malware, with its products being the most targeted and being home for probably over 99% of malware to date.

"Perhaps Microsoft considers this a compliment rather than a slap in the face," says Stanford.

Related stories:
Critical IE vulnerability identified
Year`s first threatening worm arrives
Worm hides in 'news`

Share