Windows Vista users warned about modified Trojan.Kardphisher version

May 5, 2007
by Ruben Francia

Windows Vista users warn on modified Trojan.Kardphisher versionWindows Vista users should be watchful for the possible variant of the so called Trojan.Kardphisher, a Trojan that poses as a Windows activation program to dupe users into entering credit card information.

Trojan.Kardphisher, first reported by Symantec’s Security Response team, attempts to steal credit card numbers by tricking users into entering their credit card information to activate their Windows copy online.

While the current state of Kardphisher does not target Windows Vista, no body knows soon scammers can come up with variant especially for Vista as the new operating system is likely to require reactivation. In fact, Microsoft patched Vista in January to quash a bug in the OS’s anti-piracy technology that was erroneously telling users they needed to reactivate.

According to Symantec, Trojan.Kardphisher is not very technical – it’s really just another classic social-engineering attack. What makes it interesting is that the author has obviously taken great pains to make it appear legitimate.

After the trojan is installed and a user restarts his or her PC, a Windows XP-look-alike message pops up, “Microsoft Piracy Control.” It states that someone else uses the same activation code; to prove for a legitimate owner he or she must re-activate and provide a credit card number. If the user clicks “no”, the PC is shut down. Other applications can not be run after the restart.

But if a user does choose to run Windows over the web, the trojan asks the victim to enter his location, contact information, credit card number, PIN and card expiration date. Suppose the user do get suspicious and decide not to activate – the computer shuts down. Nasty!

Though it is tricky, users should realize that Microsoft NEVER asks its users for credit card numbers to activate its Windows operating system.

The list of compromised operating systems includes Windows 95, Windows 98, Windows Me, Windows 2000, Windows XP, Windows NT, and Windows Server 2003.

Although Microsoft’s Windows Vista is not on the list of compromised operating systems, users however should always be on watchful for modified Trojan horse version that could compromise Windows Vista in the future.

  • Facebook
  • Twitter
  • Digg
  • Fark
  • Technorati
  • del.icio.us

Related Posts:

Posted in Security, Vista | 5 Comments » Read more from Ruben Francia

5 Responses to “Windows Vista users warned about modified Trojan.Kardphisher version”

  1. Windows Vista News » Blog Archive » Windows Vista users warn on modified Trojan.Kardphisher version:
    May 5th, 2007

    [...] Full article here: Source [...]

  2. Windows activation Trojan - beforeyoukillyourcomputer.com - Saving computers one at a time from their owners:
    May 6th, 2007

    [...] Vista users should beware as there is a variant for Vista as well. [...]

  3. ardchoille:
    May 7th, 2007

    If you were using Linux, you wouldn’t have to worry about activation, viruses, trojans, worms, etc.

    Also, see this: http://www.theregister.co.uk/2003/10/06/linux_vs_windows_viruses/

  4. Filipe:
    May 8th, 2007

    If you were using Linux, you wouldn’t be able to run half of your software, you would be busy trying to get good drivers for your graphics card and you would be reading a manual to learn how to calibrate your microphone and uninstall a program, etc.

    Also, see this: http://marketshare.hitslink.com/report.aspx?qprid=2

  5. Viruses And Worms Privacy Software:
    February 14th, 2008

    Viruses And Worms: Your System Needs Protection…

    Computer systems across the world are constantly threatened by viruses and worms. These malwares are created by disgruntled or malicious programmers, who let loose their treacherous creations on unwary hosts. Oftentimes, the damage that is caused is im…

Leave a Reply:


Copyright © 2009 Blorge.com