Windows Vista users should be watchful for the possible variant of the so called Trojan.Kardphisher, a Trojan that poses as a Windows activation program to dupe users into entering credit card information.

Trojan.Kardphisher, first reported by Symantec’s Security Response team, attempts to steal credit card numbers by tricking users into entering their credit card information to activate their Windows copy online.

While the current state of Kardphisher does not target Windows Vista, no body knows soon scammers can come up with variant especially for Vista as the new operating system is likely to require reactivation. In fact, Microsoft patched Vista in January to quash a bug in the OS’s anti-piracy technology that was erroneously telling users they needed to reactivate.

According to Symantec, Trojan.Kardphisher is not very technical - it’s really just another classic social-engineering attack. What makes it interesting is that the author has obviously taken great pains to make it appear legitimate.

After the trojan is installed and a user restarts his or her PC, a Windows XP-look-alike message pops up, “Microsoft Piracy Control.” It states that someone else uses the same activation code; to prove for a legitimate owner he or she must re-activate and provide a credit card number. If the user clicks “no”, the PC is shut down. Other applications can not be run after the restart.

But if a user does choose to run Windows over the web, the trojan asks the victim to enter his location, contact information, credit card number, PIN and card expiration date. Suppose the user do get suspicious and decide not to activate – the computer shuts down. Nasty!

Though it is tricky, users should realize that Microsoft NEVER asks its users for credit card numbers to activate its Windows operating system.

The list of compromised operating systems includes Windows 95, Windows 98, Windows Me, Windows 2000, Windows XP, Windows NT, and Windows Server 2003.

Although Microsoft’s Windows Vista is not on the list of compromised operating systems, users however should always be on watchful for modified Trojan horse version that could compromise Windows Vista in the future.

Related:

How to hide desktop icons in 64-bit Vista

Security firms warn of zero-day Vista and IE7 exploit

Security firm warns against downloading pirated Windows 7 beta

Microsoft Windows 7 maybe less of a hardware hog than Vista

Microsoft drops Vista price to entice hesitant consumers

Entry was posted on Saturday, May 5th, 2007 at 5:42 pm under Security, Vista.  Print This Post

Read more entries by Ruben Francia.
Stumble It!