Don't activate your copy of Windows yet - read this first
Recently we came across an interesting Trojan sample, detected by Symantec as Trojan.Kardphisher. The Trojan is not very technical - it's really just another classic social-engineering attack. What makes it interesting is that the author has obviously taken great pains to make it appear legitimate.
How legitimate? Look at the screenshot:
The trojan runs on startup and pretend to be a Windows Activation dialog. Note how it asks for name, address, credit card number, expiry date and even ATM PIN!
So, beware. Windows Activation does not ask for this information. Also it offers the option to activate over the phone. If you are in doubt and the machine has been activated before, run an anti-virus!
Tag(s):
Other related posts:
Register for .Net Code Camp Wellington now
Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2 available now
Windows 7 RC Wallpapers
Comment by Security should be top priority, on 5-MAY-2007 15:30
People are always trying to take advantage of others. It has been that way since the beginning of civilization. Yet, human beings as a race have found new ways to protect themselves against people who are scum.
Computer users, whether it be a Macintosh, Linux, or a Windows user, should take extra precautions to ensure that their computing environment is safe.
When people get on a pedestal and say that their computing environment is safe because they have a certain operating system, that's when things get hairy.
There have been numerous exploitations for the Macintosh platform, the most recent one being an exploit with the way QuickTime handles Java. No computer that is connected to the Internet is safe. All machines, regardless of what operating system they are running, are programmed by human beings. Human beings are notorious for making errors. There are bugs in the Macintosh Operating System, the Linux Operating System, and the Windows Operating System. Some mistakes are easier to find, while others are more obscure.
No matter how safe you think you are, it is vital to take extra precautions. One of the best things you can do is to be alert. The next best thing is to install an array of security hurdles for hackers to overcome. This is a very good model:
1. Hardware Firewall (can be a router, or even a standalone computer.)
2. Software Firewall (such as Zone Alarm. The free version in Stealth Mode does a terrific job of alerting you against suspicious activities.)
3. Anti-Virus Software (Avira AntiVir is a consistent top rated free anti virus program. Avast! is also a wonderful utility.) Make sure these programs update every night when you are asleep. Ensure that a full system scan occurs every night when you are asleep. This can be accomplished with the built in scheduling functions found in many anti virus utilities.
4. Windows Automatic Updates (Or Mac, Or Linux) Make sure that your updates are configured to update automatically every evening while you are asleep.
5. Anti Spyware Utilities (Spybot Search and Destroy is my preference.) Also ensure that this program is set to update every night and do a full system scan while you are asleep.
6. Overall system setting protection (Spybot Search and Destroy comes with a utility called TeaTimer that constantly monitors and alerts you if a setting is changed, such as new programs that request to run at startup, deletion or modification of important system files, etc.)
While this seems like overkill, it saves you hours of potential headaches.
The application that asks for your credit card information would be zapped at either the hardware or software firewall level. If you have these systems properly configured, the information will be bounced back to your machine and never be sent out. You will also be alerted that you were about to send information to some scumbag on an island somewhere.
More information from more qualified people can be found on various security resources online.
Comment by Giles Wells, on 5-MAY-2007 15:39
That is just hillarious.
I wonder how many have submitted their info.
Comment by Techie Buzz, on 6-MAY-2007 06:33
Great news, but how does this get installed on your system.
Are there any web sites that install this software?
Providing this information will avoid users from visiting such web sites.
Comment by Daniel, on 7-MAY-2007 08:58
Too funny! Yet another reason to just get a Mac! hehe
Comment by Michael, on 7-MAY-2007 16:33
Daniel: "There have been numerous exploitations for the Macintosh platform, the most recent one being an exploit with the way QuickTime handles Java. No computer that is connected to the Internet is safe. All machines, regardless of what operating system they are running, are programmed by human beings."
Don't get suckered in by advertising and a false sense of security; you aren't immune by buying an Apple computer. You'd be ignorant to think you are.
Comment by MOHANNAD, on 19-SEP-2007 07:08
I AM MOHANNAD I WANNA SAY HELLO TO ALL OF YOU AND WELCOME TO MY WORLD
IN ZARQA
Comment by Yann, on 19-MAR-2008 10:42
I thought Linux was free of viruses. I once searched for a Linux anti virus but couldn't find any. Instead I found a forum saying that Linux was one of the best secured OS and a computer expert I know confirmed it.
Buying a hardware firewall is expensive and is not really necessary for the average user in my opinion. It may be useful for big companies though.
Add a comment
Please note: comments that are inappropriate or promotional in nature will be deleted.
E-mail addresses are not displayed, but you must enter a valid e-mail address to confirm your comments.
Are you a registered Geekzone user? Login to have the fields below automatically filled in for you and to enable links in comments.
If you have (or qualify to have) a Geekzone Blog then your comment will be automatically confirmed and shown in this blog post.
Comment by Seras, on 5-MAY-2007 11:58
Just enter in fake info - that's the best revenge!