Trojan attacks Microsoft AntiSpyware

Microsoft's AntiSpyware product is threatened by a Trojan horse that also tries to steal online banking details
Written by Dan Ilett, Contributor

Virus writers have created a malicious program that can disable Microsoft AntiSpyware, security experts warned on Wednesday.

Antivirus experts, who are calling the Trojan Bankash-A, say it is the first piece of malware to attack Microsoft's anti-spyware product, which is still in beta.

"This appears to be the first attempt yet by any piece of malware to disable Microsoft AntiSpyware," said Graham Cluley, senior technology consultant for Sophos. "As Microsoft's product creeps out of beta and is adopted more by the home user market, we can expect to see more attempts by Trojan horses, viruses and worms to undermine its effectiveness."

The Trojan is said to suppress warning messages displayed by Microsoft AntiSpyware, and delete all of the files in the program's folder.

Like many other Trojans, Bankash will also steal passwords and online banking details from Windows users. The program targets users of UK online banks such as Barclays, Cahoot, Halifax, HSBC, Lloyds TSB, Nationwide, NatWest, and Smile.

Sophos called the Trojan Bankash because it attacks banking customers and installs a file called ASH.DLL onto a victim's hard drive.

Microsoft's UK press office was awaiting comment from the US headquarters at the time of writing.

Editorial standards