February 10, 2005 12:11 PM PST

Microsoft probes anti-spyware Trojan

Microsoft is investigating a piece of malicious code that targets the recently released beta version of its AntiSpyware product.

On Wednesday, antivirus company Sophos reported a new Trojan horse, dubbed "Bankash-A," which suppresses warning messages displayed by Microsoft AntiSpyware and deletes all of the files in the program's folder. The Trojan also steals passwords and online-banking details from Windows users.

"Microsoft is actively investigating new public reports of a criminal attack, known as the 'Bankash-A Trojan'," the company wrote in an e-mail statement. "Microsoft is not aware of any significant customer impact resulting from the Trojan. Microsoft continues to recommend customers evaluate the Microsoft AntiSpyware beta and encourage customers to follow the three steps to help keep your PC protected (at) www.microsoft.com/protect."

The software giant is also offering free support to victims of the Trojan.

Related story
Third buy's a charm for Microsoft?
Spending spree could position the company as a player in the enterprise security market.

"Customers who believe they may have been affected should contact Product Support Services," the company wrote. "Product Support Services in North America can be contacted for help with security update issues or viruses at no charge by using the PC Safety line (1-866-PCSAFETY). International customers can receive the same level of support by using any method found at this location: http://support.microsoft.com/."

Microsoft added that people should consult their local law enforcement agencies if they have been infected by the Trojan.

"Customers who believe they have been attacked should contact their local FBI office or post their complaint on www.ifccfbi.gov. Customers outside the U.S. should contact the national law enforcement agency in their country."

The Trojan targets users of U.K. online banks such as Barclays, Cahoot, Halifax, HSBC, Lloyds TSB, Nationwide, NatWest and Smile.

On Wednesday, Sophos said the Trojan was the first piece of malicious ware to target the anti-spyware product, which is still only available in a test version.

"As Microsoft's product creeps out of beta and is adopted more by the home user market, we can expect to see more attempts by Trojan horses, viruses and worms to undermine its effectiveness," said Graham Cluley, senior technology consultant for Sophos.

Dan Ilett of ZDNet UK reported from London.


Join the conversation!
Add your comment
The good side to this.
It is difficult to write a heuristic anti virus engine. If attacking Microsofts security products becoms a common theme, it will give heuristic AV engines a predictable patern to detect.
Posted by Dachi (797 comments )
Reply Link Flag
Well I guess we shouldn't be surprised...
Well I guess we shouldn't be surprised. Microsoft todate hasn't been able to create any of their programs that were secure. Funny that even their spyware software is open to attack. Totally pathetic and at some point they will probably want us to pay for it too.

Posted by (336 comments )
Reply Link Flag
Did I miss something?
Maybe I overlooked it in this article but did it say HOW the program GETS the trojan??? This is sort of important for people to know.
Posted by aglennon (10 comments )
Reply Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.