Top Threat: Windows Hacktivation

May 05, 2007

A clever Trojan tries to steal your credit card information by posing as the Windows activation interface.

Symantec is reporting on a Trojan horse that mimics the Windows activation interface.

What they are calling Trojan.Kardphisher doesn't do most of the technical things that Trojan horses usually do; it's a pure social engineering attack, aimed at stealing credit card information. In a sense, it's a standalone phishing program.

Once you reboot your PC after running the program, the program asks you to activate your copy of Windows and, while it assures you that you will not be charged, it asks for credit card information. If you don't enter the credit card information it shuts down the PC. The Trojan also disables Task Manager, making it more difficult to shut down..

Running on the first reboot is clever. It inherently makes the process look more like it's coming from Windows itself, and it removes the temporal connection to running the Trojan horse. The program even runs on versions of Windows prior to XP, which did not require activation.

This is not an attack that will sneak by you. The executable is nearly 1MB large. But if you find yourself in this situation you should be able to disable it in Windows Safe mode by removing the registry keys described in the Symantec writeup and deleting the program it points to. Updated antivirus software should also be able to remove it.

Copyright 2007 by Ziff Davis Media, Distributed by United Press International

Explore further: Review: Windows Phone advances with 8.1 update

add to favorites email to friend print save as pdf

Related Stories

Malware: Vobfus and Beebone infections are double-trouble

Jul 02, 2013

(Phys.org) —Vobfus and Beebone sound like two lovable crayon-colored goldfish still on the Pixar drawing boards: Wouldn't that be nice. Microsoft's security team would much prefer they be animated box-office ...

Apple kicks SMS scam fraudsters to the curb

Dec 14, 2012

(Phys.org)—Just what you never wanted. Mac-based malware, just ponder that phrase alone, not Windows-based but Mac-based, that tricks users into paying subscription fees. The malware masquerades as an installer ...

Malware can take ugly leap forward to virtual machines

Aug 23, 2012

(Phys.org) -- A piece of malware categorized as a malicious rootkit can spread via an installer disguised as an Adobe Flash Player installer and is capable of spreading to four different platform environments, ...

Energizer Duo battery charger hides a Trojan

Mar 09, 2010

(PhysOrg.com) -- The Energizer Duo USB battery charger has been hiding a backdoor Trojan in its software that affects computers using Windows. According to Symantec the Trojan has probably been there since ...

Apple's Maps fiasco and the mobile arms race

Oct 16, 2012

A sense of vindication has most likely spread throughout the headquarters of Google in Mountain View, Calif., after reports surfaced that Apple's new Maps app contained glaring imperfections, such as removing ...

Recommended for you

Enabling dynamic prioritization of data in the cloud

Apr 14, 2014

IBM inventors have patented a cloud computing invention that can improve quality of service for clients by enabling data to be dynamically modified, prioritized and shared across a cloud environment.

Uber meets local lookalikes in Asia taxi-app wars

Apr 14, 2014

Riding on its startup success and flush with fresh capital, taxi-hailing smartphone app Uber is making a big push into Asia. There's a twist, though: Instead of being the game-changing phenomena it was in ...

User comments : 0

More news stories

Patent talk: Google sharpens contact lens vision

(Phys.org) —A report from Patent Bolt brings us one step closer to what Google may have in mind in developing smart contact lenses. According to the discussion Google is interested in the concept of contact ...

Tech giants look to skies to spread Internet

The shortest path to the Internet for some remote corners of the world may be through the skies. That is the message from US tech giants seeking to spread the online gospel to hard-to-reach regions.

Wireless industry makes anti-theft commitment

A trade group for wireless providers said Tuesday that the biggest mobile device manufacturers and carriers will soon put anti-theft tools on the gadgets to try to deter rampant smartphone theft.

ESO image: A study in scarlet

This new image from ESO's La Silla Observatory in Chile reveals a cloud of hydrogen called Gum 41. In the middle of this little-known nebula, brilliant hot young stars are giving off energetic radiation that ...

First direct observations of excitons in motion achieved

A quasiparticle called an exciton—responsible for the transfer of energy within devices such as solar cells, LEDs, and semiconductor circuits—has been understood theoretically for decades. But exciton movement within ...

Warm US West, cold East: A 4,000-year pattern

Last winter's curvy jet stream pattern brought mild temperatures to western North America and harsh cold to the East. A University of Utah-led study shows that pattern became more pronounced 4,000 years ago, ...