The Second Coming of the Fake Windows XP Activation Malware
Article by George Norman
On 19 Nov 2008
Kardphisher, the data stealing Trojan that impersonates the Windows XP activation and that was launched back in 2007, has made a recent comeback. All PC users that have decided to stick with XP, as opposed to switching to Vista, are well advised to be on the lookout, especially since the Trojan was redesigned to look more like the genuine article.

The malware program known as Kardphisher is a Trojan that was first detected by security company Symantec, better known for their Norton Antivirus software, last year in April, and is used as a means to gather your personal credit card information. What is new in this 2.0 version of the malware? Kardphisher now employs a more genuine looking color scheme, meant to trick the user into giving up his credit card details; there is also improved software functionality, meaning that the Trojan will no longer give itself away by specifically asking for your PIN number.


There are several things that must be noted in regard to the “improved functionality feature”. If for example you figure out it is a bogus Windows activation program and enter a random email address, the Trojan has a built-in email validation program. There is also a credit card validation program as well, meaning you will not be able to feed the Trojan fake data. There is even a feature that detects the current Windows XP activation key and displays it in an attempt to make the malware look genuine.

What will happen if you are fooled by Kardphisher? Well, in order to do so you have to fill in all the requested fields, meaning that you will hand over the following data: name, address, email, phone number, credit card credentials, social security number, and even the date on which you were born. All this data is stored by the Trojan and sent out to an IRC channel; Kardphisher will then proceed to delete itself from your machine, giving you the impression that you were actually registering your Windows XP operating system and that everything went okay.

Tags: Trojan, Windows XP, Kardphisher
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
The Second Coming of the Fake Windows XP Activation Malware
HTML Linking Code