Skip to main content

Microsoft Eradicates Password Stealers From More Than Two Million Computers

Several malicious programs were wiped out, but most belong to the Win32/Taterf family which is actually a mutation of an earlier password stealing program. According to Microsoft data, China, Taiwan and Spain had the most infected machines. The software tool removed the Trojans from more than 500,000 machines in China alone. Approximately 213,000 machines were cleaned from the United States.

"These are ridiculous numbers of infections my friends, absolutely mind-boggling; many, many whelps," said McCormack.

The high infection rate in China and Taiwan is probably due to the prevalence of illegal software and the lack of decent anti-virus software. In addition, Lineage and other online games enjoy a huge following in Asia, but are relatively unknown in the United States. McCormack believes many of the Trojans are transferred via infected USB drives or network shares. LAN parties and the prevalence of Internet Cafes in Asia may have something to do with this.

McCormack explains that the password stealing Trojans transfer game logins to a central repository and hackers then try to sell the information to the highest bidder. Then criminals log into the accounts and steal all of the virtual gold and equipment. The accounts can also be used to funnel gold to other players.

You can read McCormack’s TechNet blog entry here.