Robert McLaws: Windows Edition

Blogging about Windows since before Vista became a bad word

Malware Posing as Windows Product Activation

Alex Kochis of the WGA Blog posted today that Symantec has details of a new trojan that masquerades as Windows XP Product Activation to steal a user's credit card information.

If you select "no", your system immediately shuts down. It also disables the Task Manager, and renders your computer unable to do anything else until you give them what they want (your card info). You can see video of this virus in action below.


It's important to note that Microsoft *NEVER* asks for credit card information inside Windows. This trojan hopes that you're too inexperienced to realize that. Symantec is rating it low risk, but fact that it preys on inexperienced users makes me think that this might become much more widespread in the near future. So keep an eye out for it.



  • Ultima said:

    Wow, can't you enter just 000000's, I don't think the trojan checks if its valid.

    May 23, 2007 3:50 PM