Microsoft's anti-spyware software, released only a month ago, is under attack by a program it is designed to tackle.
Security company Sophos has said the program, named BankAsh-A, tries to disable Microsoft AntiSpyware and delete all files within its folder. It also tries to steal users' banking passwords by installing a keystroke logger that records information typed into online banking sites.
The program appears to targets users of UK online banks Barclays, Cahoot, Halifax, HSBC, Lloyds, Nationwide, NatWest and Smile.
While there are a number of malware programs that attempt to steal banking passwords this one is interesting because it seems to single out Microsoft's anti-spyware software for attack, said Sophos senior technology consultant Graham Cluley. AntiSpyware is designed to protect Windows users from spyware, or programs that surreptitiously monitor computer users' actions, and other malicious programs.
Sophos was first made aware of the program Wednesday morning, Cluley said. Although the researchers have only seen a handful of incidents of the program in the wild, the speed in which hackers targeted Microsoft's AntiSpyware software is concerning, Cluley said.
Sophos advised Internet users not to download unknown files and to make sure their anti-virus software is updated to protect against attack.