Top Threat: Windows Hacktivation

May 05, 2007

A clever Trojan tries to steal your credit card information by posing as the Windows activation interface.

Symantec is reporting on a Trojan horse that mimics the Windows activation interface.

What they are calling Trojan.Kardphisher doesn't do most of the technical things that Trojan horses usually do; it's a pure social engineering attack, aimed at stealing credit card information. In a sense, it's a standalone phishing program.

Once you reboot your PC after running the program, the program asks you to activate your copy of Windows and, while it assures you that you will not be charged, it asks for credit card information. If you don't enter the credit card information it shuts down the PC. The Trojan also disables Task Manager, making it more difficult to shut down..

Running on the first reboot is clever. It inherently makes the process look more like it's coming from Windows itself, and it removes the temporal connection to running the Trojan horse. The program even runs on versions of Windows prior to XP, which did not require activation.

This is not an attack that will sneak by you. The executable is nearly 1MB large. But if you find yourself in this situation you should be able to disable it in Windows Safe mode by removing the registry keys described in the Symantec writeup and deleting the program it points to. Updated antivirus software should also be able to remove it.

Copyright 2007 by Ziff Davis Media, Distributed by United Press International

Explore further: Mobile app could speed O'Hare passport lines

Related Stories

Quantum dot TVs are unveiled at China tech expo

11 hours ago

At this month's China Information Technology Expo (CITE) event, a headline-maker was the launch of quantum dot televisions, by QD Vision and Konka, the consumer electronics company. QD Vision's calling card ...

A call to US educators: Learn from Canada

14 hours ago

As states and the federal government in the U.S. continue to clash on the best ways to improve American education, Canada's Province of Ontario manages successful education reform initiatives that are equal parts cooperation ...

Recommended for you

Google's Waze app to alert kidnappings in LA

Apr 22, 2015

Alerts about hit-and-runs and kidnappings in Los Angeles will soon pop up on traffic app Waze, along with road closure information, the West Coast city's mayor said.

How the first smart shopping mall in Europe works

Apr 21, 2015

Researchers from Zendos TecnologĂ­a and the IMDEA Networks Institute have developed an innovative tool to analyze the behavior of customers and visitors to shopping malls. The result is a technological platform called Ubicua ...

Energy-tracking app encourages sustainable behaviors

Apr 21, 2015

For a generation motivated by technology and fast-moving information, a professor at the University of Wisconsin-Madison has created an energy-tracking app to make reducing day-to-day energy usage more accessible.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.