Top Threat: Windows Hacktivation

May 05, 2007

A clever Trojan tries to steal your credit card information by posing as the Windows activation interface.

Symantec is reporting on a Trojan horse that mimics the Windows activation interface.

What they are calling Trojan.Kardphisher doesn't do most of the technical things that Trojan horses usually do; it's a pure social engineering attack, aimed at stealing credit card information. In a sense, it's a standalone phishing program.

Once you reboot your PC after running the program, the program asks you to activate your copy of Windows and, while it assures you that you will not be charged, it asks for credit card information. If you don't enter the credit card information it shuts down the PC. The Trojan also disables Task Manager, making it more difficult to shut down..

Running on the first reboot is clever. It inherently makes the process look more like it's coming from Windows itself, and it removes the temporal connection to running the Trojan horse. The program even runs on versions of Windows prior to XP, which did not require activation.

This is not an attack that will sneak by you. The executable is nearly 1MB large. But if you find yourself in this situation you should be able to disable it in Windows Safe mode by removing the registry keys described in the Symantec writeup and deleting the program it points to. Updated antivirus software should also be able to remove it.

Copyright 2007 by Ziff Davis Media, Distributed by United Press International

Explore further: Thanksgiving travel woes? There's an app for that

add to favorites email to friend print save as pdf

Related Stories

LiquidPiston unveils quiet X Mini engine prototype

4 hours ago

LiquidPiston has a new X Mini engine which is a small 70 cubic centimeter gasoline powered "prototype. This is a quiet, four-stroke engine with near-zero vibration. The company said it can bring improvements ...

Rare new species of plant: Stachys caroliniana

4 hours ago

The exclusive club of explorers who have discovered a rare new species of life isn't restricted to globetrotters traveling to remote locations like the Amazon rainforests, Madagascar or the woodlands of the ...

New terahertz device could strengthen security

4 hours ago

We are all familiar with the hassles that accompany air travel. We shuffle through long lines, remove our shoes, and carry liquids in regulation-sized tubes. And even after all the effort, we still wonder if these procedures ...

European space plane set for February launch

5 hours ago

Europe's first-ever "space plane" will be launched on February 11 next year, rocket firm Arianespace said Friday after a three-month delay to fine-tune the mission flight plan.

Recommended for you

Thanksgiving travel woes? There's an app for that

7 hours ago

Traveling by plane, train or automobile can be a headache. Mixing in Thanksgiving can make it a throbbing migraine. Technology provides some pain relief in the form of apps to let you know which roads are ...

Singapore moves to regulate taxi booking apps

Nov 21, 2014

Singapore on Friday announced new rules for mobile taxi booking apps, including US-based Uber, in the latest move by governments around the world to regulate the increasingly popular services.

Protecting personal data in the cloud

Nov 20, 2014

IBM today announced it has patented the design for a data privacy engine that can more efficiently and affordably help businesses protect personal data as it is transferred between countries, including across private clouds.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.