HOW TROJAN HORSES SPREAD

by CEO Justin Tomel.
Share
|
Homepage | Submit your article | Contact | TOS
More articles on software  

You are here: Categories » Computers and technology » Software

Before a Trojan horse program can attack, it must first find a way to entice the victim to copy, download, and run it. Since few people knowingly run a malicious program, Trojan horses must disguise themselves as other programs that the victim believes to be harmless (such as games, utilities, or popular applications).

Besides disguising themselves as harmless programs, Trojan horses can also disguise themselves inside a legitimate program, such as Adobe Photoshop or Microsoft Excel. To do this, malicious hackers have created special wrapper or binder programs with names like Saran Wrap, Silk Rope, or The Joiner, which can package any Trojan horse inside another program, thereby reducing the likelihood that someone will discover it. Since most users won't suspect that a program from a large, well-known publisher would contain a Trojan horse, the victim is likely to run the linked program containing the Trojan horse.

Once someone has written a Trojan horse, the next step is to spread it by copying it onto a victim's computer, posting it on a website for others to download, sending it as a file attachment via email, distributing it through IRC and online service chat rooms, or sending it through ICQ and other instant messaging services.

Physically copying a Trojan horse to a computer

If someone has physical access to your computer, he can simply copy a Trojan horse to your hard disk. If the attacker is particularly skilled, he can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer, such as a corporate log-in screen or a company database program. Not only would such a Trojan horse be more likely to trick its victim, but the Trojan horse could also perform an action specific to that particular computer, such as stealing a company's list of credit card numbers or copying the source code of a game company's unreleased products and posting them on the Internet.

Downloading software from a website

Trojan horses are commonly found on websites that offer free software, such as shareware programs. These communal gathering spots on the Web give Trojan horse writers a degree of anonymity along with the chance of attacking as many random victims as possible. Since website operators rarely have time to thoroughly examine every file posted, an occasional Trojan horse can slip through the checking procedures unnoticed.

Of course, as soon as the website administrator discovers the existence of the Trojan horse, she can delete it to prevent others from downloading it. However, between the time that the Trojan horse was posted and the time the website administrator deletes it, many people could have downloaded the Trojan horse and passed it along to others. So, even though deleting a Trojan horse may be easy, finding and deleting all copies of that Trojan horse will be time-consuming, difficult, and nearly impossible.

Rather than post a Trojan horse to somebody else's website, some people set up their own websites and pretend to offer hacker tools or pornographic files for others to download. Naturally, some of these files will be Trojan horses, so the moment an unwary user downloads and runs them, the programs are free to cause whatever damage their writer intended.

Receiving a Trojan horse as an email attachment

Another common way to spread a Trojan horse is to attach the program file to an email message. To get you to open the file attachment, it may be disguised as a message from a legitimate organization (such as Microsoft or America Online); as a tempting program, such as a hacker tool for gaining illegal access or privileges to a well-known computer; or as a contest announcement, pornographic file, or similar message designed to pique your curiosity.

Catching a Trojan horse from a chat room or instant messaging service

Many people send Trojan horses to people visiting online chat rooms because they can do so without having to find an email address. The hacker typically strikes up a friendly conversation with a potential victim and then offers to send the person a hacker program or pornographic file. When the victim accepts the file and tries to open it, the Trojan horse attacks.

Hackers also send Trojan horses to people who use an instant messaging service such as ICQ or AOL Instant Messenger. Like email, instant messaging services allow an attacker to send a Trojan horse directly to a particular person, based on the person's instant messaging ID, which is readily available through member directories.

Share
Leave a comment or ask a question
Total comments: 0

Software Disclaimer

  • The e-articles directory is not responsible for any and all copyright infringements by writers and authors. If you suspect the information contained by this page for any copyright infringements, please contact us to investigate the issue
Should You Go For VMware or HyperV - VMware and Microsoft have been providing several solutions to host VMs at no charge and if you are a newbie to virtual machines it may be a good idea to inform yourself about the advantages of ea (more...)
Remote Access Services (RAS) under Windows XP Professional - Authentication protocols • EAP - Extensible Authentication Protocol. A set of APIs in Windows for developing new security protocols as needed to accommodate new technol (more...)
Detecting SoftICE by Calling INT 3h - This is one of the most well known anti-debugging tricks, and it uses a back door in SoftICE itself. It works in all versions of Windows, and it is based on calling INT 3h with registers containing (more...)
Detecting SoftICE by Calling INT 68h - Here's a way to detect the presence of SoftICE in memory by calling INT contain the value 43h before calling INT be in the AX register. 68h. The AH register must 68h. If SoftICE is active in memor (more...)
How Can You Increase Your computer performance - Basic computer knowledge or/ and appropriate technical assistance can help you increase computer performance. Computers have become an expected supporter in this modern world. O (more...)
Detecting SoftICE by Searching Memory - This detection searches the memory in the V86 mode for the WINICE.BR string. Because this method is infrequently used, it's worth considering, though it can only be used in Windows 9x. Thi (more...)
Fight for the Future, Digital Future: Google VS Apple - We can be proud as we watch one of the greatest virtual wars unleashing at the digital market. If 15 years ago it was Apple Vs Windows confrontation, today it has slightly changed its main parties (more...)
The Beginner's Guide to iPad Video Conversion on Mac - So, you've just taken in a shiny new iPad and impressed by its beautiful display. There are several possible sources of content that you will want to convert for viewi (more...)
Touch and View: iPad application - iPad application development has become an extremely popular topic at numerous conferences and workshops since the product introduction keynote. Mobile software companies went boldly into the une (more...)
Deciding on TIFF vs. JPEG Output for Scanned Images - It can be difficult to understand which file type is best for saving your scanned images. Here's a brief breakdown of the two most common options. Preserving beloved memories is on (more...)
 
free content
    Copyright © 2006 - 2012 e-articles.info.
The texts, articles and tutorials in the directory are property of their respective owners and authors.