Microsoft says password stealers pose biggest threat

Powered by SC Magazine
 

The top two threat families on Microsoft's detection and removal list this month are online game password stealers (PWS).

The top two threat families on Microsoft's detection and removal list this month are online game password stealers (PWS).

These threats are now predominantly occurring in the United States -- a shift from last June when they mostly were detected in China.

In one week, Microsoft's free Malicious Software Removal Tool (MSRT) cleaned more than 980,000 machines from the Taterf worm -- the top threat family this month, Scott Wu, a spokesman in Microsoft's Malware Response Center, wrote in a blog post. The worm steals gaming credentials either through keylogging or by injecting itself into game clients and reading memory.

The MSRT, released on the second Tuesday of each month, checks computers running Windows Vista, XP, 2000 and Windows Server 2003 for infections by prevalent malware and helps remove infections.

The second most detected and removed malware family this month is Frethog, another PWS, which MSRT cleaned off 316,971 machines in one week, Wu said.

Jamz Yaneza, a threat researcher with anti-malware firm Trend Micro, told SCMagazineUS.com that the motivation behind these threats is financial. Many online games have in-game currency or "game gold." Portals to convert these various game currencies into real world cash have been available for some time.

Stolen game login credentials are similar to stolen banking passwords, since game currency can be turned into real cash, Yaneza said.

For several years, China and Korea have been the predominant locations where these threats have cropped up because games such as "Legends of Mir" and "Lineage" have large user bases there. But as of this month, the United States is the most prevalent region for PWS threats, with the most infected systems identified here.

Yaneza said this is because the rest of the world has caught up to the quality of online games produced in Asia in terms of graphics and story lines, which has prompted United States and Europe-based servers to be installed and development to increase to cater to these growing markets.

Taterf and Frethog were added to the MSRT detection list last June. Since then, Taterf has remained in the top five every month and Frethog only dropped off the list during November and December, Wu said.

Because of this, PWS threats appear to be more resilient than other threat families -- including rogue security software. The Win32/FakeSecSen rogue security software topped the MSRT list in November, then dropped in the rankings to number 20 the next month. Another threat in the rogue security software family,Win32/FakeXPA, hit number one in December then fell to number nine the following month, Wu said.

"Malware authors are busy updating Taterf and Frethog to make these threats highly polymorphic and to distribute variations of the same codebase to multiple criminal groups," Wu said. "This month we still saw 17,070 different Taterf and 26,420 different Frethog files."

Copyright © SC Magazine, US edition


 
 
 
Top Stories
First look: Microsoft Outlook for iOS
[Update] Office productivity suite for iOS completed with Outlook.
 
NewSat defaults on $26m in overdue Lockheed payments
Jabiru-1 satellite build hits further hurdles.
 
IBM denies plans to cut 112k jobs
But admits to further restructuring.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Microsoft Outlook is now on iPhone and iPad: why could this be useful?
Jan 30, 2015
Microsoft today released Office for Android and Outlook for iOS - complementing the other Office ...
Franchisees, here's something you should know about
Jan 23, 2015
You need to know the Code if you are a franchisee or franchisor as the penalties are significant.
Xero users rejoice! Quoting has finally arrived
Jan 23, 2015
It has taken years, but Xero has at last added integrated quoting to its online accounting software.
You can now get a no-contract wi-fi tablet from Telstra
Jan 17, 2015
Telstra has began selling wi-fi tablets out of contract without paying extra for cellular ...
Get your business ready for 2015: mobile payments
Jan 2, 2015
These handy apps from MYOB, Xero and others can reduce your administrative load and improve ...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  36%
 
Your insurance company
  5%
 
A technology company (Google, Facebook et al)
  9%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  4%
 
A Federal Government agency (ATO, Centrelink etc)
  18%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  7%
TOTAL VOTES: 3112

Vote
Do you support the abolition of the Office of the Information Commissioner?

   |   View results
I support shutting down the OAIC.
  27%
 
I DON'T support shutting the OAIC.
  73%
TOTAL VOTES: 994

Vote