Header Ads

Header ADS

TROJAN HORSE

January 12, 2019 0



What is a Trojan Virus or Trojan horse?

In Greek mythology, there is a story about the Trojan War. This war lasted many years, as the Greeks could not penetrate the heavily barricaded city of Troy. So one day, a few of the Greek soldiers brought the people of Troy a large wooden horse, which they accepted as a peace offering. The horse was moved inside the city walls, where it sat until the night. After the people of the city had fallen asleep, Greek soldiers jumped out of the wooden horse, opened the gates to let their fellow soldiers in, and took over the city.





So what is the moral of this story? Mainly, beware of Trojan horses. But how does that relate to computers? That's a good question. In the computing world, Trojan horses are more than just a myth. They really exist and can cause damage to your computer. Trojan horses are software programs that masquerade as regular programs, such as games, disk utilities, and even antivirus programs. But if they are run, these programs can do malicious things to your computer.

For example, a Trojan horse might appear to be a computer game, but once you double-click it, the program starts writing over certain parts of your hard drive, corrupting your data. While this is certainly something you want to avoid, it is good to know that these malicious programs are only dangerous if they are given a chance to run. Also, most antivirus programs can catch Trojan horses when scanning for viruses. Unlike viruses, however, Trojan horses don't replicate themselves. 

Though it is possible for a Trojan horse to be attached to a virus file that spreads to multiple computers.

So as a general rule, don't open a program unless you know it is legitimate. This applies especially to e-mail attachments that are executable files. Even if you are pretty sure the attachment is OK, it is still a good idea to run it through your virus scan program (with the latest virus definitions) just to be safe. Remember what happened to the people of Troy -- don't let a Trojan horse catch you off guard.


A Trojan is also known as Trojan horse. It is a type of malicious software developed by hackers to disguise as legitimate software to gain access to target users' systems. Users are typically tricked by some attractive social media adds who then directed to malicious website thereby loading and executing Trojans on their systems. Cyber-criminals use Trojans to spy on the victim user, gain illegal access to the system to extract sensitive data. 



A Trojan horse or Trojan is a type of malware that is often disguised as legitimate software. Trojans can be employed by cyber-thieves and hackers trying to gain access to users' systems. Users are typically tricked by some form of social engineering into loading and executing Trojans on their systems. Once activated, Trojans can enable cyber-criminals to spy on you, steal your sensitive data, and gain backdoor access to your system. These actions can include:

  • Deleting data
  • Blocking data
  • Modifying data
  • Copying data
  • Disrupting the performance of computers or computer networks
Unlike computer viruses and worms, Trojans are not able to self-replicate.

How Trojans can impact you

Trojans are classified according to the type of actions that they can perform on your computer:
  •  Backdoor 
     
    A backdoor Trojan gives malicious users remote control over the infected computer. They enable the author to do anything they wish on the infected computer – including sending, receiving, launching and deleting files, displaying data and rebooting the computer. Backdoor Trojans are often used to unite a group of victim computers to form a botnet or zombie network that can be used for criminal purposes.
     
  • Exploit 
     
    Exploits are programs that contain data or code that takes advantage of a vulnerability within application software that’s running on your computer.

  • Rootkit 
     
    Rootkits are designed to conceal certain objects or activities in your system. Often their main purpose is to prevent malicious programs being detected – in order to extend the period in which programs can run on an infected computer.

  • Trojan-Banker 
     
    Trojan-Banker programs are designed to steal your account data for online banking systems, e-payment systems and credit or debit cards.

  • Trojan-DDoS 
     
    These programs conduct DoS (Denial of Service) attacks against a targeted web address. By sending multiple requests – from your computer and several other infected computers – the attack can overwhelm the target address… leading to a denial of service.

  • Trojan-Downloader  
     
    Trojan-Downloaders can download and install new versions of malicious programs onto your computer – including Trojans and adware.

  • Trojan-Dropper  
     
    These programs are used by hackers in order to install Trojans and / or viruses – or to prevent the detection of malicious programs. Not all antivirus programs are capable of scanning all of the components inside this type of Trojan.

  • Trojan-FakeAV  
     
    Trojan-FakeAV programs simulate the activity of antivirus software. They are designed to extort money from you – in return for the detection and removal of threats… even though the threats that they report are actually non-existent.

  • Trojan-GameThief 
     
    This type of program steals user account information from online gamers.

  • Trojan-IM 
     
    Trojan-IM programs steal your logins and passwords for instant messaging programs – such as ICQ, MSN Messenger, AOL Instant Messenger, Yahoo Pager, Skype and many more.

  • Trojan-Ransom 
     
    This type of Trojan can modify data on your computer – so that your computer doesn’t run correctly or you can no longer use specific data. The criminal will only restore your computer’s performance or unblock your data, after you have paid them the ransom money that they demand.

  • Trojan-SMS 
     
    These programs can cost you money – by sending text messages from your mobile device to premium rate phone numbers.

  • Trojan-Spy 

    Trojan-Spy programs can spy on how you’re using your computer – for example, by tracking the data you enter via your keyboard, taking screen shots or getting a list of running applications.

  • Trojan-Mailfinder 
     
    These programs can harvest email addresses from your computer.

    Remote Access Trojan

    This Trojan can give an attacker full control over your computer via a remote network connection. Its uses include stealing your information or spying on you.

  • Other types of Trojans include:
    • Trojan-ArcBomb
    • Trojan-Clicker
    • Trojan-Notifier
    • Trojan-Proxy
    • Trojan-PSW 

 

How do Trojans work?

Here’s a Trojan malware example to show how it works.

The victim receives an official-looking email with an attachment. The attachment contains malicious code that is executed as soon as the victim clicks on the attachment. Because nothing bad happens and the computer continues to work as expected, the victim does not suspect that the attachment is actually a Trojan horse and his computing device is now infected.

The malicious code resides undetected until a specific date or until the victim carries out a specific action, such as visiting a banking website. At that time, the trigger activates the malicious code and carries out its intended action. Depending upon how the Trojan has been created, it may delete itself after it has carried out its intended function, it may return to a dormant state or it may continue to be active.



You might think you’ve received an email from someone you know and click on what looks like a legitimate attachment. But you’ve been fooled. The email is from a cybercriminal, and the file you clicked on — and downloaded and opened — has gone on to install malware on your device.

When you execute the program, the malware can spread to other files and damage your computer.
How? It varies. Trojans are designed to do different things. But you’ll probably wish they weren’t doing any of them on your device.

Examples of Trojan malware attacks

Trojan malware attacks can inflict a lot of damage. At the same time, Trojans continue to evolve. Here are three examples.

  1. Emotet banking Trojan. After a long hiatus, Emotet’s activity increased in the last few months of 2017, according to the Symantec 2018 Internet Security Threat Report. Detections increased by 2,000 percent in that period. Emotet steals financial information, among other things.
  2. Rakhni Trojan.This malware has been around since 2013. More recently, it can deliver ransomware or a cryptojacker (allowing criminals to use your device to mine for cryptocurrency) to infected computers. “The growth in coin mining in the final months of 2017 was immense,” the 2018 Internet Security Threat Report notes. “Overall coin-mining activity increased by 34,000 percent over the course of the year.”
  3. ZeuS/Zbot.This banking Trojan is another oldie but baddie. ZeuS/Zbot source code was first released in 2011. It uses keystroke logging — recording your keystrokes as you log into your bank account, for instance — to steal your credentials and perhaps your account balance as well.
  4. Bitfrost -- remote access Trojan RAT (A remote access Trojan (RAT) is a malware program that includes a back door for administrative control over the target computer. RATs are usually downloaded invisibly with a user-requested program -- such as a game -- or sent as an email attachment. Once the host system is compromised, the intruder may use it to distribute RATs to other vulnerable computers and establish a botnet. ) that infected Windows clients by changing, creating and altering components.
  5.  Magic Lantern -- a keystroke logging Trojan created by the FBI around the turn of the century to assist with criminal surveillance.
  6. A government Trojan is spyware installed on a computer or network by a law enforcement agency for the purpose of capturing information relevant to a criminal investigation. Depending on the program, government Trojan horses may intercept email or VoIP traffic, scan hard drives for relevant digital media or even record conversations and videoconferences. As this type of software captures data and then sends it back to a central server for processing and analysis without a user's knowledge, it is generally classified as a back door Trojan horse virus.
    Governments have approached implementing Trojan horses in different ways. Swiss government agencies have been reported to be working with Internet service providers (ISPs) to record speech on an infected PC's microphone, as opposed to of intercepting encrypted voice packets. German agencies have sought authority to plant Trojan horses on the hard drives of suspected criminals using email that would install keyloggers, record webcams and microphones and scan infected hard drives for for documents, diagrams and photography. These email messages would be tailored to each unique target, similar to the method used in spear phishing attacks.
    The German government received widespread attention in 2007 when its Interior Minister disclosed a plan to install Trojan horses. Switzerland and Austria have been reported to have similar programs in development. Romania, Cyprus, Latvia and Spain already have laws that allow "online searches." Chinese covert intelligence bodies have also been associated with Trojan horse activity against both other governments and private industry. The Federal Bureau of Investigation (FBI) is known to use a tool called CIPAV (computer and Internet Protocol address verifier) that can record IP addresses and send the data back to government computers. Given recent disclosures of warrantless wiretapping, the FBI may well be conducting covert surveillance of hard drives. Although no official U.S. government Trojan program is known to exist, past revelations regarding the NSA's Total Information Awareness (TIA) project and Echelon, a signals intelligence (SIGINT) collection and analysis network operated by the U.S. government in cooperation with several other nations, make the existence of such a program credible.
    For many years, hackers and crackers have been attacking government networks and computers to try to gain access to classified information, financial or personal data, or to simply embarrass agencies that fail to take appropriate measures. Government Trojans represent a step in turning the tables on cybercriminals by using a proven mechanism for capturing data covertly. As Al Queda, organized crime and rogue states increasingly turn to modern information technology tools for planning, organization and even so-called "cyberwars," the development of more robust information gathering mechanisms by government agencies is a natural and important step in combating malicious activity.
    As with other forms of electronic surveillance, however, the potential for governmental abuse of the techology is significant. If government agencies are able to establish partnerships with hardware manufacturers similar to the assistance in the past provided by telecommunications companies to government agencies requesting phone records, even informed consumers may be able to do little to detect or defuse back door malware. As laws and controls on new ways of monitoring citizens have typically lagged technological innovation, the best protection concerned citizens have against unwanted surveillance may be to use spyware scanners and watch activity logs for unexpected network activity.

How Trojans impact mobile devices

Trojans aren’t problems for only laptop and desktop computers. They can also impact your mobile devices, including cell phones and tablets.

In general, a Trojan comes attached to what looks like a legitimate program. In reality, it is a fake version of the app, loaded up with malware. Cybercriminals will usually place them on unofficial and pirate app markets for unsuspecting users to download.

In addition, these apps can also steal information from your device, and generate revenue by sending premium SMS texts.
One form of Trojan malware has targeted Android devices specifically. Called Switcher Trojan, it infects users’ devices to attack the routers on their wireless networks. The result? Cybercriminals could redirect traffic on the Wi-Fi-connected devices and use it to commit various crimes.

How to protect yourself against Trojans

  • Computer security begins with installing and running an internet security suite. Run periodic diagnostic scans with your software. You can set it up so the program runs scans automatically during regular intervals.
  • Update your operating system’s software as soon as updates are made available from the software company. Cybercriminals tend to exploit security holes in outdated software programs. In addition to operating system updates, you should also check for updates on other software that you use on your computer.
  • Protect your accounts with complex, unique passwords. Create a unique password for each account using a complex combination of letters, numbers, and symbols.
  • Keep your personal information safe with firewalls.
  • Back up your files regularly. If a Trojan infects your computer, this will help you to restore your data.
  • Be careful with email attachments. To help stay safe, scan an email attachment first. 
A lot of things you should do come with a corresponding thing not to do — like, do be careful with email attachments and don’t click on suspicious email attachments. Here are some more don’ts.

  • Don’t visit unsafe websites. Some internet security software will alert you that you’re about to visit an unsafe site, such as Norton Safe Web.
  • Don’t open a link in an email unless you’re confident it comes from a legitimate source. In general, avoid opening unsolicited emails from senders you don’t know.
  • Don’t download or install programs if you don’t have complete trust in the publisher.
  • Don’t click on pop-up windows that promise free programs that perform useful tasks.
  • Don’t ever open a link in an email unless you know exactly what it is.
By installing effective anti-malware software, you can defend your devices – including PCs, laptops, Macs, tablets and smartphones – against Trojans. A rigorous anti-malware solution – such as Kaspersky Anti-Virus – will detect and prevent Trojan attacks on your PC, while Kaspersky Mobile Security can deliver world-class virus protection for Android smartphones. Kaspersky Lab has anti-malware products that defend the following devices against Trojans:
  • Windows PCs
  • Linux computers                                 
  • Apple Macs                                              
  • Smartphones
  •  Tablets 
Tags:

No comments

Subscribe to: Post Comments ( Atom )
Powered by Blogger.