New program attacks Microsoft's AntiSpyware

One month after Microsoft released a beta version of its new antispyware software, security researchers at Sophos say they have detected the first malware program that seeks to attack it.

The program, named BankAsh-A, tries to disable Microsoft AntiSpyware and delete all files within its folder, Sophos said. It also tries to steal users' banking passwords by installing a keystroke logger that records information typed into online banking sites, according to the antivirus firm.

The program appears to targets users of U.K. online banks Barclays Bank, Cahoot, Halifax, HSBC Bank, Lloyds TSB Bank, Nationwide, NatWest, and Smile, Sophos said

While there are a number of malware programs that attempt to steal banking passwords this one is interesting because it seems to single out Microsoft's antispyware software for attack, said Sophos senior technology consultant Graham Cluley. AntiSpyware is designed to protect Windows users from spyware, or programs that surreptitiously monitor computer users' actions, and other malicious programs.

Sophos was first made aware of the program Wednesday morning, Cluley said. Although the researchers have only seen a handful of incidents of the program "in the wild" -- out on the Internet -- the speed in which hackers targeted Microsoft's AntiSpyware software is concerning, Cluley said.

The Redmond, Washington, software maker began offering the beta of AntiSpyware in early January, via free download from its Web site.

Sophos advised Internet users not to download unknown files and to make sure their antivirus software is updated to protect against attack. Microsoft representatives weren't immediately available to comment on the threat Thursday.