Microsoft says password stealers pose biggest threat

Powered by SC Magazine
 

The top two threat families on Microsoft's detection and removal list this month are online game password stealers (PWS).

The top two threat families on Microsoft's detection and removal list this month are online game password stealers (PWS).

These threats are now predominantly occurring in the United States -- a shift from last June when they mostly were detected in China.

In one week, Microsoft's free Malicious Software Removal Tool (MSRT) cleaned more than 980,000 machines from the Taterf worm -- the top threat family this month, Scott Wu, a spokesman in Microsoft's Malware Response Center, wrote in a blog post. The worm steals gaming credentials either through keylogging or by injecting itself into game clients and reading memory.

The MSRT, released on the second Tuesday of each month, checks computers running Windows Vista, XP, 2000 and Windows Server 2003 for infections by prevalent malware and helps remove infections.

The second most detected and removed malware family this month is Frethog, another PWS, which MSRT cleaned off 316,971 machines in one week, Wu said.

Jamz Yaneza, a threat researcher with anti-malware firm Trend Micro, told SCMagazineUS.com that the motivation behind these threats is financial. Many online games have in-game currency or "game gold." Portals to convert these various game currencies into real world cash have been available for some time.

Stolen game login credentials are similar to stolen banking passwords, since game currency can be turned into real cash, Yaneza said.

For several years, China and Korea have been the predominant locations where these threats have cropped up because games such as "Legends of Mir" and "Lineage" have large user bases there. But as of this month, the United States is the most prevalent region for PWS threats, with the most infected systems identified here.

Yaneza said this is because the rest of the world has caught up to the quality of online games produced in Asia in terms of graphics and story lines, which has prompted United States and Europe-based servers to be installed and development to increase to cater to these growing markets.

Taterf and Frethog were added to the MSRT detection list last June. Since then, Taterf has remained in the top five every month and Frethog only dropped off the list during November and December, Wu said.

Because of this, PWS threats appear to be more resilient than other threat families -- including rogue security software. The Win32/FakeSecSen rogue security software topped the MSRT list in November, then dropped in the rankings to number 20 the next month. Another threat in the rogue security software family,Win32/FakeXPA, hit number one in December then fell to number nine the following month, Wu said.

"Malware authors are busy updating Taterf and Frethog to make these threats highly polymorphic and to distribute variations of the same codebase to multiple criminal groups," Wu said. "This month we still saw 17,070 different Taterf and 26,420 different Frethog files."

Copyright © SC Magazine, US edition


 
 
 
Top Stories
How hard do you hack back?
[Blog post] Taking the offensive could have unintended consequences.
 
Five zero-cost ways to improve MySQL performance
How to easily boost MySQL throughput by up to 5x.
 
The big winners from Defence’s back-office IT refresh
Updated: The full list of subcontractors.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
This 4G smartphone costs $219
Sep 3, 2014
It's possible to spend a lot less on a smartphone if you're prepared to go with a brand you ...
Looking for storage? Seagate has five new small business NAS devices
Aug 22, 2014
Seagate has announced a new portfolio of Networked Attached Storage (NAS) solutions specifically ...
Run a small business in western Sydney?
Aug 15, 2014
This event might be of interest if you're looking to meet other people with a similar interest ...
Buying a tablet? Microsoft's Surface Pro 3 goes on sale this month
Aug 8, 2014
Microsoft has announced its Surface Pro 3 will go on sale in Australia on 28 August from ...
Apple's top MacBook Pro with Retina is now cheaper
Aug 1, 2014
Apple has updated its MacBook Pro range with faster processors and new pricing, including ...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  69%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  12%
TOTAL VOTES: 1023

Vote