New program attacks Microsoft's AntiSpyware

IDG News Service - One month after Microsoft Corp. released a beta version of its new antispyware software (see story), security researchers at Sophos PLC said they have detected the first malware program that seeks to attack it.
The program, named BankAsh-A, tries to disable Microsoft AntiSpyware and delete all files within its folder, Sophos said. It also tries to steal users' banking passwords by installing a keystroke logger that records information typed into online banking sites, according to the antivirus firm.
The program appears to targets users of U.K.-based online banks Barclays Bank PLC, Cahoot, Halifax PLC, HSBC Bank PLC, Lloyds TSB Bank PLC, Nationwide Building Society, National Westminster Bank PLC and Smile, Sophos said.
While there are a number of malware programs that attempt to steal banking passwords, this one is interesting because it seems to single out Microsoft's antispyware software for attack, said Sophos senior technology consultant Graham Cluley. AntiSpyware is designed to protect Windows users from programs that surreptitiously monitor computer users' actions as well as other malicious programs.
Sophos was first made aware of the program yesterday morning, Cluley said. Although the researchers have seen only a handful of incidents of the program out on the Internet, the speed with which hackers targeted Microsoft's AntiSpyware software is concerning, Cluley said.
The software maker began offering the beta of AntiSpyware in early January via free download from its Web site.
Sophos advised Internet users not to download unknown files and to make sure that their antivirus software is updated to protect against attack. Microsoft representatives weren't immediately available to comment on the threat today.