On Wednesday, antivirus company Sophos reported a new Trojan, dubbed Bankash-A, which suppresses warning messages displayed by Microsoft AntiSpyware and deletes all of the files in the program's folder. The Trojan also steals passwords and online banking details from Windows users.
"Microsoft is actively investigating new public reports of a criminal attack, known as the 'Bankash-A Trojan'," Microsoft wrote in an emailed statement. "Microsoft is not aware of any significant customer impact resulting from the Trojan. Microsoft continues to recommend customers evaluate the Microsoft AntiSpyware beta and encourage customers to follow the three steps to help keep your PC protected: www.microsoft.com/protect."
The software giant is also offering free support to victims of the Trojan.
"Customers who believe they may have been affected should contact Product Support Services Product Support Services in North America can be contacted for help with security update issues or viruses at no charge by using the PC Safety line (1-866-PCSAFETY). International customers can receive the same level of support by using any method found at this location: http://support.microsoft.com/."
Microsoft then added that people should consult their local law enforcement agencies if they have been infected by the Trojan.
"Customers who believe they have been attacked should contact their local FBI office or post their complaint on www.ifccfbi.gov. Customers outside the U.S. should contact the national law enforcement agency in their country."
The Trojan targets users of UK online banks such as Barclays, Cahoot, Halifax, HSBC, Lloyds TSB, Nationwide, NatWest, and Smile.
On Wednesday, Sophos said the Trojan was the first piece of malware to target the anti-spyware product.
"As Microsoft's product creeps out of beta and is adopted more by the home user market, we can expect to see more attempts by Trojan horses, viruses and worms to undermine its effectiveness," said Graham Cluley, senior technology consultant for Sophos.
ZDNet UK's Dan Ilett reported from London. For more coverage from ZDNet UK, click here.
I thought the so far genericly branded Giant Anti-Spyware by Microsoft, has already p****ed an original beta phase with Giant customers. Graham Cluley's marketing speak makes me wonder how they convinced Microsoft to actually purchase their product in the first place. Stick to technical!
As the excellent developers that they are, Microsoft calculatingly put the product back through their own beta testing. As far as security products go, that sounds better than other business models, where constant patching is preferred after full product release. As it has only been a few months, in any case, I would hardly call that "creeping". At least the brilliant marketing team at SOPHOS, do know very well, that many business decision makers have personal opinions based on their home use of security products. Some security insiders might argue that a corporate product that has not been tested on the home market, has not been tested. It is all relative.