Windows Hacktivation

I though maybe you are interested about new internet attacks using Microsoft windows activation interface, Its from PC Magazine July 17,2007

DDoS FADING?
Symantec reports a decline in the number of organized DDoS (Distributed Denial of Service) attacks launched for profit. The security company attributes this to lower profitability. How much of this sort of blackmail really goes on is difficult to know most companies would want to keep it quiet.
Engaging in DDoS attacks is risky: Attackers could lose part or all of their botnets. DDoS attacks aren't like spamming: Cops are losing no sleep over spamming, and ISPs aren't exactly working overtime to take down the hots on their own networks. A DDoS attack, however, garners much more unwanted attention.
SYMANTEC REPORTED RECENTLY ON A Trojan horse that mimics the Microsoft
Windows activation interface. Called Trojan.Kardphisher, it doesn't do most
of the technical things that Trojans usually do: It's purely a social-engineering attack, aimed at stealing credit card information. In a sense, it's a standalone phishing program.
Once you reboot, Kardphisher asks you to reactivate your copy of Windows, citing piracy issues and telling you that another user has activated your copy. Though it assures you that you will not actually be charged, it asks for credit card information. If you don't enter the credit card information, Kardphisher shuts down the PC. The Trojan also disables the Windows Task Manager, which makes it more difficult to shut the malware down.
Running on the first reboot is clever. It makes the process look more like a legitimate message coming from Microsoft, and it won't seem to occur as a result of the user clicking on a new file. The program even runs on versions of Windows that were made prior to XP and do not require activation. That's a bit of a red flag, although I bet there's a strong correlation between people running pre-XP versions of Windows and people who aren't as well educated about malware as they could be.
With a nearly 1MB executable, Kardphisher is not a sneak attack. But if you find yourself infected, disable the Trojan in Windows Safe mode by removing the Registry keys described in Symantec's write¬up (at www.symantec.com, search on the malware name) and deleting the program they point to. Updated antivirus software should also remove it.


( look at following pictures: LOOKS PRETTY OFFICIAL Kardphisher has the bask look clown (left), but Mlcrosoft's activation scheme has never required a credit card number (right).

 

Wow, thanks for the info man.

 

oohh shady.

Even if it was Mikerowesoft you'd have to be a fool to give them your credit card info.

 

I know and if you do you deserve what you get lol.

 

Its easy to say it now , but imagine after getting some bluescreens and already angry at Lenovo , finishing your clean install and get that page ( and there was no clue of any kind of hacking like that before ) sure you may make that mistake a lot of people may think thats Microsoft's new trick and even if you don't enter your credit card your system won't boot so you may think to install it again ( Blaming Lenovo and Microsoft for causing you more trouble) and maybe second time you give up your credit card , Not everyone are very familiar with computers that they can get to Safe Mode before they complete installation and even think of any hacking like that , as if you read carefully they called it " It's purely a social-engineering attack ".