What is a Trojan ?
When we think of Trojans, we normally think of the huge wooden horse that the Greeks gifted the city of Troy, in which they had secretly hidden a small number of their warriors. When the Trojans took the horse into the city the soldiers emerged and opened the gates to the cities enemies.
Computer trojans are based on the same idea; what can appear to be useful program or harmless site can be hiding a small Trojan program that once it has infected your computer opens a secret backdoor that will allow an intruder to remotely gain access to your computer.
Trojans are not viruses in that they are not designed to reproduce themselves. Instead they rely on being small and deceptive to propagate themselves across the internet, usually attached to some other file. ( Of course there are plenty intruders that do replicate themselves such as viruses and worms and protection tools usually cover multiple types of threats. )
The first computer Trojans started appearing around 1994 and by 1997 (around the time that this website was first established), they were starting to become a significant internet security threat. In 2008, over a decade later, the quantity and sophistication of trojans and other malicious software continues to grow exponentially. Luckily for the average web surfer there are a range of tools that are being continually updated that we can use to defend ourselves with the ever changing threats.
Unfortunately it is almost impossible to guarantee with 100% certainty that you can block attacks by every current and future piece of malicious software. But in the same way we can take precautions to protect our physical health, we can also take steps to minimize the risk of a computer system infection and use a range of good defense software to take care of the other 99.9% of internet nasties and keeping them regularly updated should pick up anything that slips through.
For more about effective precautions see 10 SIMPLE ANTI-TROJAN RULES.
What does a Trojan actually do ?There are two families of spyware and trojan intruders that can invade your machine. Both types are parasite programs that will be loaded without your permission, but they act towards different end goals.
- Watchers and Monitors These trojans and spyware predominantly want information from you that will help the monitoring site build a profile of you that they will exploit commercially. That is, at some stage they want to sell you things or lead you to sites where you will buy from them. Their main interest is in remaining undetected and usually the spyware from these organisations is well funded and reasonably sophisticated. Without wanting to excuse the intrusion, these variants are usually not designed to harm or hijack your PC, because the longer they can stay undetected the more information about you they can gather.
- Thieves and Hijackers
Now, the second type of trojans and spyware are much more malicious. The purpose for them being on your machine is so that it provides a doorway to a hacker to infiltrate your system and monitor your actions with such tools as keyloggers and password stealers, with a view to stealing from you. Other trojans can stay latent in the background to provide an accessway to a hacker for future exploitation such as a Denial of Service Attack.
How do Trojans operate ?
There are about 5 main types of remote access spyware trojans and various subsets of these.
- File Server The file server trojan creates a file server, usually an FTP server on the remote victims computer allowing a hacker to upload or download files used to monitor internet activity or to upload a powerful remote administration trojan. Because some of these file server trojans are small, (some are just 8 kbs) they are easily attached to other files without making any significant change in file size. These are most commonly found in games and funny programs that people send around the internet to amuse each other not realising they are infecting them selves and their friends with trojans.
- Remote AdministrationThe remote administration type of trojans give the hacker more power over the victim's computer then the owner and all without alerting the host to its presence. They include such functions as:
- the ability to intercept and steal communications and other information cached or not
- modify the registry
- upload, download, execute (run) files, and various other things.
- Password StealerThe third type of trojan is the password stealing trojan. These trojans have one purpose and that is to steal passwords from the victim's computer and send them back to the hacker, the most common way these trojans communicate with the hacker is by email. Its pretty scary to think that your computer is sending a hacker secret emails with all your passwords.
- Key LoggersNext on the list is key logger trojans. These trojans incorporate a spyware program that logs everything the victim types and either sends the info to the hacker by way of email or stores the typed info in a secret file located on the victim's computer which the hacker then downloads using the client part of the trojan. In this same category are Screenshot snappers which capture the victims information by recording screenshots of specific events which are stored or sent to the hacker. Obviously the intended use of the stolen information is only ever for malicious use against the victim.
- Denial of ServiceThe last type of trojan is probably one of the most disturbing types to have been developed this is the Distributed Denial of Service trojans or DDoS. A hacker infects a large number of victims with a DDoS trojan to create a botnet ( from robot network ), then using the client part of the trojan he can connect either to all of them at once or he sends his commands to a drone (a master server) that then sends the commands out to all the victims to attack a single website or computer. The resulting gridlock can cause the target to crash or be unavailable to other users. These types of trojans are often used to attack big sites such as well known corporations or government sites that will bring the attacker notoriety.
In summary, there is nothing good about a trojan being resident on your computer - they ONLY exist to spy or steal. If computer Viruses are the Vandals of the internet then Trojans are its Thieves relying on stealth and deception to commit their crimes.
So in the same way you need to be vigilant about security for your home or your vehicle, you need to guard your computer with good security and safe practices.
Don't think that there is anything of interest to a hacker on your computer ???
Then think again !!! If you need convincing see WHY TARGET ME ?
Where are you most likely to pick up a spyware trojan ? There are some sites and activities on the internet that definitely put you at higher risk.
Check out our BE CAREFUL LIST.