Microsoft Puts Out Trojan-Horse Killer
Similar to previous tools that Microsoft has made available for such worms as Sasser and MSBlast, the Download.Ject Payload Detection and Removal Tool is available free of charge from the Redmond, Wash.-based developer's Web site. It's petite, just 118K in size.
The tool sniffs for the Trojan Berbew -- the payload that Download.Ject injected into end users' PCs via vulnerabilities in Internet Explorer -- and deletes them.
While the original attack was relatively mild in comparison with, say, Sasser or even MyDoom, Microsoft put some scary language into the online description of the tool.
"When this Trojan horse runs on the user's computer, it may perform several actions, including monitoring Internet access to capture sensitive information such as logon names and passwords, or opening fake dialog boxes that prompt the user to enter confidential information such as ATM card codes, credit card numbers or other confidential information," Microsoft said on the site.
Tools of this ilk have been very popular with users, who have downloaded millions of copies from the Microsoft site. Since the MSBlast cleaner was released in January, some 40 million customers have used the tools, said Microsoft.
The cleaner is the latest effort by Microsoft to put the attack behind it. On July 2, the company posted a critical update to Windows which disables the ADODB.Stream component, which the hackers used to invisibly plant Trojans on users' PCs.
Even though Microsoft posted a large number of patches Tuesday, however, no permanent plug has been issued for the hole used by the attack.
*This story courtesy of Techweb.com.