Airport Internet terminals open to infection
Maybe you’re already aware of the dangers that public terminals can present to you or your computer. About two months ago, we had the instance of a photo kiosk that was infecting USB drives of people who used it.
A new example comes from a Symantec engineer who encountered a fake anti-virus solution on a public Internet terminals on a large airport in England:
As you can see from the upper screenshot, Windows Security Center has popped up and claims that not anti-virus software is installed. But, what you may not know is that some rogue AV solutions can use Windows APIs to change the information presented by Windows Security Center. In this case, the rogue AV is trying to convince the user that the computer has no antivirus protection installed and that he should install the Defense Center Installer.
This particular terminal should definitely be avoided altogether – if it has managed to get “infected” by this fake AV, it is probably without defenses agains other malware, as well.
All in all, it is a good idea to refrain from entering any personal or financial information, or any usernames and passwords into any public terminal or computer that is used by a great number of people – you can never know what other malware (especially a keylogger or information-harvesting Trojan) may be hiding inside.