Researchers at Symantec recently warned of a on the loose Trojan horse that masquerade as a Windows activation program to swindle users into entering credit card info in order to reanimate their systems. Takashi Katsuki, a Symantec researcher was reported to have said that the Trojan, known as Kardphisher, is nothing much technically, but its author seemed have obviously taken much pains to make it look like legitimate.
Rated as very low risk by Symantec, Kardphisher, through self-installation, camouflages itself as a legitimate Windows activation dialog box, making it look like an authentic system message, which in turn, spits out the following message:
Your copy of Windows has been activated by another user.To help reduce software piracy, please re-activate your copy of Windows now.
We will ask for your billing details, but your credit card will NOT be charged.
You must activate Windows before you can continue to use it.
Microsoft is committed to your Privacy. For more information, www.microsoft.com/piracy.
Do you want to activate Windows now?
Takashi Katsuki said that selecting “No,” would close down the computer. While “Yes,” in the meantime, leads the user to a second screen where he or she is told to enter his/her name and credit card info, which is after that relayed to the hacker’s server. Advising PC users Katsuki said that this Trojan provides us all a good lesson. “Trust no one.”
