MS Windows Anti-Spyware Disabled by Spyware Trojan

The Internet Patrol default featured image
Share the knowledge

Security firm Sophos is reporting today that a new spyware Trojan, BankAsh-A, is specifically targeting Microsoft’s new anti-spyware, and very effectively so, it would seem.

Once having disabled the anti-spyware, it sets about stealing passwords and other vital information, which it reports back to the mothership via ftp, and keeps tabs on what the computer’s user does (hence it being designated as spyware).

BankAsh-A completely disables the new Microsoft anti-spyware by, get this, simple deleting all of the files in the spyware program’s folder. It also deletes all of the anti-spyware’s registry entries.

Ouch.

Said Ken Dunham, Director of Malicious Code Intelligence (did any of us envision such job titles even ten years ago?) at iDefense, “While some smaller security firms are rightfully concerned about being pushed out of the market by a competitor as imposing as Microsoft, individual Windows users should also be worried.”

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

He added, “There are many implications. If they embed [security software] the way they did with Internet Explorer, it would be hard to lock down and make it secure because it’s integrated and it’s complicated.”

Get New Internet Patrol Articles by Email!

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

 


Share the knowledge

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.