Trend Micro aims at corporate spyware

Antivirus company Trend Micro plans to tackle the growing problem of spyware by cutting the communication link between hackers and the computers they have compromised.

Spyware, such as password-stealing keyloggers, secretly reports information back to whoever planted it. Such software has been used to steal identity and banking information, and was implicated in a foiled bank robbery earlier this year.

But Trend Micro claims that a new beta version of InterScan Web Security Suite (2.5) includes a feature that will prevent spyware from reporting back to the author.

"It stops the call-home process," said Raimund Genes, European president of Trend Micro. "We will be able to highlight which computers are infected and provide a management report."

Genes said the company was also targeting the high volume of 'Rbot worms', which are frequently mutated by novice virus writers in a bid to get past antivirus software detection.

Trend Micro's program, which Genes predicted would be available in June, tries to thwart spyware by blocking data transmissions that use specified ports or protocols, in a similar manner to a firewall.

Genes said that botnets — thousands of computers which have been compromised by spyware or other malware and typically networked for malicious use — were responsible for the majority of problems of the Web.

"They seem to work very well, unfortunately. It's a lot of Eastern European activity. But some of their servers we know are hijacked — these guys are not stupid," Genes added.

Last week, Trend Micro released an update that was intended to combat Rbot worms, but caused weekend problems for IT workers. The firm apologised on Monday for distributing the faulty software.

Genes said that most of the problems caused by this update were reported in Japan.