Monday, 24 December 2012

Windows 8 Can be Hacked: watch here

With a host of companies launching Windows 8-based devices, Microsoft's latest operating system is getting increasingly popular. It’s just a matter of time before cyber criminals will take advantage of Windows 8 popularity.

Here are the two samples that are packaged as key generator apps for Windows 8, which are available on http://{BLOCKED}en2eqqh2.cloudfront.net. Key generators are used to generate serial numbers and are typically used for bootleg copies of paid software. Trend Micro found the apps that are malicious. The company has detected these malicious apps as ADW_SOLIMBA and JOKE_ARCHSMS respectively.





Rajat Sahu, product marketing manager, India and SAARC, Trend Micro, said, “The people behind these malware are hoping to ride on Windows 8′s popularity and users' eagerness to try out the software. For security purposes, users must avoid visiting or downloading from untrusted sources. Better yet, users should instead purchase the legitimate program.”

When executed, ADW_SOLIMBA displays a fake message informing users to click ‘OK’ to download Windows 8 via the Web browser. On the other hand, JOKE_ARCHSMS purports as a Windows 8 activator. Similar to ADW_SOLIMBA, JOKE_ARCHSMS also displays images to trick users into thinking that they can activate Windows once they have sent an SMS to a certain number. In addition, it also connects to the following URLs for click fraud:
*http://{BLOCKED}rchant.net/api/open.php?aid=2102499&v
*http://{BLOCKED}rchant.net/50qjpr21e2bd/2102499/

When translated, the first window reads as:

Select the installation path:
To start the installation “Windows 8 Activator 2011″ click “Install”

For the second window:

Installation successful
To generate a personal code, go free activation!
(Protection from automatic activation)
Country:
operator:
SMS with text:
on number:
Enter your activation code:

So far, using new programs, software, or apps as a social engineering lure has been an effective vehicle for attacks. Remember the malicious Instagram apps that surfaced just as news of Facebook’s acquisition of the app broke out? Similarly, malicious versions of Bad Piggies, Angry Birds Space were also uncovered in time for these apps’ release.

Cybercriminals and other bad guys on the Internet know what users want and they’ll use it to their advantage. Users can never be too careful about what to download and from what sites. These samples may not be the only malicious key generators tools available on the Internet.

JOKE_ARCHSMS has been renamed to TROJ_ARCHSMS.B while ADW_SOLIMBA has been renamed toTROJ_DLOADR.AAD.

No comments:

Post a Comment

Share

Widgets

Information Centre