Trojan horse, Greek Myth or Computer Nemesis, As Trojan Horse comes to be the most .... |
In the context of computing and software, a Trojan horse, or simply trojan, is a piece of software which appears to perform a certain action but in fact performs another such as a computer virus Contrary to popular belief, this action, usually encoded in a hidden payload, may or may not be actually malicious, but Trojan horses are notorious today for their use in the installation of backdoor programs. Simply put, a Trojan horse is not a computer virus in most cases. Unlike such malware, it does not propagate by self-replication but relies heavily on the exploitation of an end-user (see Social engineering). It is instead a categorical attribute which can encompass many different forms of codes. The term is derived from the classical story of the Trojan Horse, and In the field of computer architecture, 'Trojan Horse' can also refer to security loopholes that allow kernel code to access anything for which it is not authorized ,as well The word 'Trojan horse' is generally attributed to Daniel Edwards of the NSA. A very classic example is due to computer pioneer Ken Thompson in his 1983 ACM Turing Award lecture,Thompson noted that it is possible to add code to the UNIX "login" command that would accept either the intended encrypted password or a particular known password, allowing a back door into the system with the latter password ,Furthermore, Thompson argued, the C compiler itself could be modified to automatically generate the rogue code, to make detecting the modification even harder, Because the compiler is itself a program generated from a compiler, the Trojan horse could also be automatically installed in a new compiler program, without any detectable modification to the source of the new compiler. A simple example of a Trojan horse would be a program named "waterfalls, When run, it instead unloads hidden programs, commands, scripts, or any number of commands with or without the user's knowledge or consent. we have two types of Trojan horse virus: 1-Malicious Trojan Horse programs are often used to circumvent protection systems in effect creating a vulnerable system to allow unauthorized access to the user's computer. 2-Non-malicious Trojan Horse programs are used for managing systems, deploying software, surveillance, and forensics. Trojan horse payloads are almost designed to do various harmful things, but can also be harmless They are broken down in classification based on how they breach and damage systems, The nine main types of Trojan horse payloads are:Remote Access, Email Sending, Data Destruction,Downloader Proxy,Trojan (disguising others as the infected computer)FTP Trojan (adding or copying data from the infected computer),Security software disablerTrojan, Jakposh Denial-of-service attack (DoS), URL trojan (directing the infected computer to only connect to the internet via an expensive dial-up connection). and Some examples of damage are:erasing or overwriting data on a computer encrypting files in a crypto viral extortion attack corrupting files in a subtle way upload and download files allowing remote access to the victim's computer. The majority of Trojan horse infections occur because the user was tricked into running an infected program.This is why it is advised not to open unexpected attachments on emails -- the program is often a cute animation or an image, but behind the scenes it infects the computer with a Trojan or worm, The infected program doesn't have to arrive via email; it can be sent in an Instant Message, downloaded from a Web site or by FTP, or even delivered on a CD or floppy disk (Physical delivery is uncommon, but if one were the specific target of an attack, it would be a fairly reliable way to infect a computer) Furthermore, an infected program could come from someone who sits down at a computer and loads it manually, However, receiving a Trojan in this manner is very rare ,It is usually received through a download. also The attacker leaves a malware-infected floppy disc, CD ROM or USB flash drive in a location sure to be found or that is commonly visited, gives it a legitimate looking label and then waits in the hopes that someone will eventually use it, An example of this would be to get the corporate logo from the web site of the software that is infected and affixing a legitimate-looking label ("Employee Salaries Summary FY06") for the infected physical media. There are many types of Trojan horses, as listed in the next section, most of them are hidden in the computer without user notice,They are hidden by using Registry, hidden service, etc. The Trojan horses are hidden by using Registry as mentioned before, it adds some entries in the Registry in order to start the program every time the computer boots up,It also uses methods that add service(s) to the computer which also makes the Trojan horse run when the computer is turned on. Except these, Trojan horses are combined with a variety of files that seem to be legitimate. The Trojan horse starts when the files that have been combined with Trojan horse are opened,It is accomplished by using some programs to help the attacker. Since Trojan horses have a variety of forms, there is no single method to delete them, but there are some ways which have answered to somebody on whom their computer have infected by Trojan: 1-The simplest responses involve clearing the temporary internet files on a computer, or finding the file and deleting it manually. 2-Normally, anti-virus software is able to detect and remove the trojan automatically. 3-If the antivirus cannot find it, Rebooting the computer in Safemode (with or without networking) may allow an antivirus program to find a trojan and delete it. At last Nothing can guarantee the security of your computer 100 percent. However, you can continue to improve your computer's security and decrease the possibility of infection by consistently following these guidelines. |