Microsoft has added detection and removal of the trojan “Win32/Simda” to its Malicious Software Removal Tool. According to the Microsoft Malware Protection Center blog, the Simda is a multi-component malware family that includes trojan, backdoor, password-stealing, downloader and file-infector variations.
“It is very rare for a single malware family to possess all of these characteristics; Alureon and Sirefef are among the few families also in this category,” writes Microsoft Anti-Virus Researcher Rex Plantado.
Simda first appeared in 2009 as a variant that allowed a remote user to connect to an infected machine and carry out malicious actions, such as stealing user credentials and taking screen images. However, the Simda has also evolved to target banks (primarily in Russia and Europe).
Coverage for Simda is the latest addition to the Microsoft Malicious Software Removal Tool – an anti-malware utility that’s delivered monthly with the Microsoft Update and Windows Update. Because computers can appear to function normally when infected, the Safety and Security Center suggests running this tool regularly even if your computer appears to be fine.
For more about Simda, take a look at this post on the Microsoft Malware Protection Center blog.
You might also be interested in:
- Check out fall’s hottest PCs for business
- Microsoft helps lead panel on ways to use technology to fight child sex trafficking
- How information security officers handle compliance in the cloud
Deborah Pisano
Microsoft News Center Staff