Microsoft has warned PC users that the threat of password-stealing malware is rising, revealing that its Malicious Software Removal Tool (MSRT) identified and removed almost a million samples of a particularly virulent password-stealing worm in the first half of February 2009. Over 981 000 copies of a family of programs called Win32/Taterf, best known for stealing usernames and passwords for games, were rooted out.
Taterf has been especially widespread for months now, the software provider reports. Microsoft removed more than 700 000 copies of it in one day alone last year. The worm is a mutated version of another password stealer, known as Win32/Frethog, 317 000 copies of which MSRT has also removed in February.
Online passwords are a popular target because they can be turned to cash, often in untraceable ways. The criminals use the hacked accounts to steal characters and virtual gold or other treasures, which are then sold to fans who pay real-world cash, comments the computer magazine PC Advisor.
Although China has traditionally been the top spot for password-stealing infections, that seems to be changing, Microsoft comments. In the first week of February, the top three countries, ranked by number of Taterf infections, were the US, Taiwan and Korea, respectively.
The MSRT is available free of charge to Windows users, and it gets monthly updates from Microsoft. This month the software firm added MSRT detection for another notorious botnet, called Srizbi. Total number of Srizbi infections removed since the update: 38 697.