Average Rating: Rate this article:

New Trojan Mimics Windows Reactivation By Barry Levine May 7, 2007 11:04AM     Symantec said that the Windows-reactivation Trojan, formally called Trojan.Kardphisher, affects Windows XP, Windows 2000, Windows Server 2003, and even earlier versions of Windows, including 95, 98, and NT. If users proceed with the Trojan reactivation, a screen appears designed to capture credit card details from unsuspecting users.   Related Topics Windows Trojan Symantec Hackers Malware Viruses Latest News Plasma-TV Ban Could Be Costly Barnes & Noble Nook Is Delayed Flat PC Shipments Hurt Dell's Stock Ballmer Says Windows 7 Sales Good New Pogoplug 'Cloud' Gets Social A new Trojan Horse is making the rounds, impersonating Windows reactivation and antipiracy messages with the goal of duping users into divulging their credit card information. According to computer security firm Symantec, the Trojan, dubbed Trojan.Kardphisher, creates a Windows look-alike screen, headlined "Microsoft piracy control," and indicates that the copy of Windows was activated by another user and needs to be reactivated. "To help reduce software piracy, please reactivate your copy of Windows now," it instructs. "You must activate Windows before you can continue to use it." The user is given two choices: reactivating Windows over the Internet immediately or doing it later. No other applications can be run, and Task Manager cannot be launched to force-quit the Trojan. Yes or No? If reactivation is deferred, the system is shut down. And if users proceed with the fake reactivation, a second screen appears, requesting private information that includes location, contact information, a credit card number, the card's expiration date and three-digit security number, and even an ATM PIN. The Trojan informs the user that the credit card information will not be charged. But, once entered, the information is sent to the fraud's perpetrators to use as they wish. The initial screen even references an actual Microsoft antipiracy site: microsoft.com/piracy. Symantec said that the Trojan affects Windows XP, Windows 2000, Windows Server 2003, and even earlier versions of Windows, including 95, 98, and NT. Sometimes, Windows does indeed require reactivation, such as after substantial hardware upgrades, but Microsoft does not ask for financial information. The Trojan's request for reactivation and its close resemblance to actual Windows screens make it a potentially effective attack against some users, Symantec said. While Symantec has posted detailed instructions on how to remove the Trojan, some observers have noted that fake information can be entered to "activate" an infected Windows machine when prompted, so that the Trojan could then be removed. Trust No One "This Trojan teaches us all a good lesson -- Trust No One," wrote Symantec's Takashi Katsuki on the company's blog. "Sometimes the creators of Trojans attempt to impersonate Microsoft, a bank, or even a government organization. Whatever the warning or message says, we must make very sure it is genuine before giving up any personal details, financial or otherwise." It is far better to doubt a genuine request until proper verification is provided, Katsuki went on to say, than it is to blindly place your trust in a message simply because it appears to have come from a trusted source. "Sad though it may be," Katsuki wrote, "the days of leaving your front door unlocked are over. In these times, we not only need a lock on the door, we need a security guard watching the front door, the back door, and everywhere in between."   Advertisement  Network Security 1.   Peer-to-Peer Software Ban Sought 2.   Los Alamos Computer Security Weak 3.   Security Firm Fortinet Plans IPO 4.   Heartland Restraining Order Denied 5.   Social-Networking Security a Concern Social-Networking Security a Concern Facebook hijacking shows dangers. Average Rating: ICANN Approves International Names Dramatic increase in users expected. Average Rating: Center Opens To Battle Cybercrime Increasing threat from hackers seen. Average Rating:

Product Information and Resources for Technology You Can Use To Boost Your Business CRM Systems   Experience CRM—and Business—Success today with Salesforce.com. Contact Centers   Run Your Entire Contact Center in the Cloud with LiveOps Enterprise Hardware   Go Green with IBM Blade Center    Enterprise I.T.    Rackspace: It makes a difference when you focus on support.   Go Green with IBM Blade Center   APC introduces server room in a box solutions!   Tell us what you think. Take a survey.   Find out how much you can save with the SQL Server value tool.   See how AT&T can help protect your network. Enterprise Software   Read the Top 10 Reasons to Upgrade to Windows Server 2008 R2. Microsoft/Windows   Rackspace: It makes a difference when you focus on support   Read the Top 10 Reasons to Upgrade to Windows Server 2008 R2. Network Security   See how AT&T can help protect your network.

Network Security Spotlight

House Lawmakers Push Ban on Peer-to-Peer Software Stung by an embarrassing electronic leak revealing ethics investigations into dozens of lawmakers, Congress moved to prohibit federal employees from using the file-sharing software blamed for the disclosure.   GAO: Los Alamos Computer Security Has Weaknesses Security weaknesses uncovered in Los Alamos National Laboratory's computer network increase the risk of a classified-information breach, says the Government Accountability Office.   Computer Security Firm Fortinet Plans IPO This Week Fortinet plans to go public in an initial public offering, giving investors a chance to tap a network security provider with sales that are expected to grow. The IPO could be valued at $137.5 million or more.

Enterprise Hardware Spotlight

Flat Shipments Hurt Dell Despite Increased Earnings Dell's earnings are up and expectations are solid, but the company's stock still took a hit after analysts signaled the company isn't playing a key role in the PC market recovery.   New Pogoplug 'Personal Cloud' Does Social Networking Cloud Engines has released its newest version of the Pogoplug, a small "multimedia sharing device" that connects hard drives to the Internet and allows a user to access the files remotely.   Apple Tablet Rumored Delayed as Publisher Gears Up There have been so many rumors of an Apple tablet that it has taken on legendary status. But now the legend is being revised with reports of a delay and that a major publisher is getting ready.

Enterprise Technology Spotlight

Flat Shipments Hurt Dell Despite Increased Earnings Dell's earnings are up and expectations are solid, but the company's stock still took a hit after analysts signaled the company isn't playing a key role in the PC market recovery.   Smartphones: A Bigger Target for Security Threats Smartphones are increasingly prevalent and adept at handling more tasks, including trading stocks, paying bills, and buying stuff online. That makes them attractive to thieves and hackers.   FBI Says Hackers Targeting Law Firms, PR Companies Hackers are targeting law firms and public relations companies with a sophisticated e-mail scheme that breaks into their computer networks to steal sensitive data, often linked to large corporate clients.

Navigation NewsFactor Network Home/Top News | Enterprise I.T. | Hardware | Software | Communications | Network Security | Wireless Tech | Linux/Open Source Apple/Macintosh | Microsoft/Windows | World Wide Web | Data Storage | E-Commerce | Personal Tech | Tech Trends | Press Releases NewsFactor Network Enterprise I.T. Sites NewsFactor Technology News | Enterprise Security Today | CRM Daily NewsFactor Business and Innovation Sites Sci-Tech Today | NewsFactor Business Report NewsFactor Services FreeNewsFeed | Free Newsletters | Free Whitepapers | About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise Privacy Policy | Terms of Service © Copyright 2000-2009 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo.