Microsoft Removes Password Stealers from 860,000 Computers
Microsoft has recently cleaned numerous PCs from infections caused by password stealing programs within just seven days since May 12, 2009. The company's MSRT (Malicious Software Removal Tool) was able to eliminate malware that garnered credit card details and account passwords from nearly 860,000 computers.
The software major said that within the category of Password Stealers and Monitoring Software classification, the malware samples that MSRT tackled included Win32/Frethog compromising 95,581 systems, Win32/Bancos infecting 92,565 PCs and Win32/Lolyda that was spotted on 54,871 PCs.
Further, two more worms, Win32/Taterf with a total detection of 347,424 and Win32/Koobface with 78,113 were removed from the infected systems.
Scott Wu, Program Manager at Microsoft, states that three among the ten most prevalent threat groups were password snatchers. More specifically, there were 5 if one also includes the Koobface and Taterf worms, both equipped with critical payload for seizing user data. The number could reach 6 if the Alureon Trojan that harvests users' credit details and passwords is considered, as reported by SoftPedia on May 21, 2009.
Wu further said that counting all the infected computers together, 859,842 systems were infected by password stealers culled from the Top Ten malicious programs. However, the figure does not represent a direct total as some systems were infected by two or more of these programs, he added.
Additionally, the Company emphasized that malware written to disseminate fake antivirus applications remained high among the rankings of the malware families. The reference was to the Trojan downloader Renos, which works like a channel for distributing rogue security software. MSRT spotted and eliminated Renos from 78,113 PCs.
Microsoft disclosed that among the ten most prevalent malware groups, six climbed up in ranking from their April 2009 ranking. A few among these 6 groups such as Vundo and Alureon have been making the rounds since 2007, whereas Koobface and others have been in sight for only past few months.
This, according to Wu, shows that each malware group has a specific lifecycle and at times, their writers choose to rebuild their current distributions rather than invest anywhere else.
Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails
» SPAMfighter News - 26-05-2009