Something new to be aware of - don't fall victim to this new threat. Once your pc has been activated, there's never a reason to do this. BD
Symantec reported recently on a Trojan horse that mimics the Microsoft Windows activation interface. Called Trojan.Kardphisher, it doesn't do most of the technical things that Trojans usually do: It's purely a social-engineering attack, aimed at stealing credit card information. In a sense, it's a standalone phishing program.
Once you reboot, Kardphisher asks you to reactivate your copy of Windows, citing piracy issues and telling you that another user has activated your copy. Though it assures you that you will not actually be charged, it asks for credit card information. If you don't enter the credit card information, Kardphisher shuts down the PC. The Trojan also disables the Windows Task Manager, which makes it more difficult to shut the malware down.
Running on the first reboot is clever. It makes the process look more like a legitimate message coming from Microsoft, and it won't seem to occur as a result of the user clicking on a new file. The program even runs on versions of Windows that were made prior to XP and do not require activation. That's a bit of a red flag, although I bet there's a strong correlation between people running pre-XP versions of Windows and people who aren't as well educated about malware as they could be .
Beware Windows Hactivation Threat - Expert Help by PC Magazine
0 comments :
Post a Comment