Saturday, May 12, 2007

Microsoft needs your Credit Card details?

I recently came across an interesting Trojan, detected by Symantec as Trojan.Kardphisher.

This Trojan is not very technical - it's really just another classic social-engineering attack. What makes this one interesting is the pain author taken to make it appear legitimate.

When you restart your PC after this Trojan is installed, following window will popup during startup:

Kardphisher Trojan

You can choose only Yes or No. You can't run any other applications or task manager. If you choose No your PC will shutdown immediately. If you choose Yes, you'll see the following window:


Trojan asking for user credit card information.

Now you may think It can't be true! I have already activated my copy of Windows. Microsoft can't do this! Hopefully everyone will notice that something is strange and will not become the victim.

Video: Following video shows this threat in action.

Solution: In short run the solution is to install antivirus and anti-spyware software if you don't have one yet! If you already have one, don't forget to update them frequently for new virus/spyware definitions.

The actual root cause of this kind of problems is the weak security model of Microsoft Windows. Windows security model is so weak that any program can gain the super user access and can potentially harm your system.

Microsoft has stated that they have improved the security model of Windows Vista to avoid such kind of problems, however still a very large number of users use Windows XP as their main operating system and for most of them it is not possible to upgrade to Windows Vista due to old hardware. For such people only solution is to install good antivirus, anti-spyware and keeping them always enabled & up-to date.

A better alternative: There is a better alternative solution to this problem. Yes, your guess is correct! The solution is to use Linux.

As of now Linux users need not worry about viruses and spywares. The security model of Linux is pretty strong, it doesn't allow any user program to harm the kernel space. Also we have SELinux to further enhance the Linux security.

At present there is almost no virus threat for Linux. It may be because of strong security model or may be because of the small market share. Generally the developers of viruses/spywares want to hit the mass audience, hence they are most likely to target Windows.

So I would suggest everyone to use Linux at-least for internet browsing. Linux distributions such as Ubuntu are very easy to use. If you want to try Linux and don't know where to begin then you can order for FREE Ubuntu CD here. It's worth a try! :)

No comments: