Difference between revisions of "Trojan Horse"
Bob Zenith (talk | contribs) m |
(Revert major vandalism) |
||
| (14 intermediate revisions by 3 users not shown) | |||
| Line 1: | Line 1: | ||
| − | + | A Trojan Horse is a computer program that releases a malicious code hidden inside a harmless programming or data, so it can get control of your computer and do damage, such as to the file allocation table on your hard disk. [http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci213221,00.html] A Trojan Horse may also bog down your computer with needless files, which slows down your system, eventually resulting in your computer crashing. [http://www.ehow.com/about_5127889_trojan-horse-attack.html] | |
| − | A Trojan Horse is | + | |
| + | == Types of Trojan Horses == | ||
| + | |||
| + | There are many different types of Trojan Horses, but a few of the more common ones include: | ||
| + | |||
| + | 1. '''Hacker Control''': A type of Trojan Horse that is downloaded and controlled by the hacker to open [[Backdoor|Backdoors]] in your system and then the hacker has full and complete control of your computer, to use it for his or her needs. | ||
| + | |||
| + | 2. '''Anti-Virus Virus''': A type of Trojan Horse that can spread to your Anti-Virus software and disable it to render it useless- or delete it altogether. | ||
| + | |||
| + | 3. '''Privacy Infiltration / Data Sending''': A type of Trojan Horse that can hide in legit software programs and are used to steal your [[Personally Identifiable Information (PII)]] (such as email addresses, passwords, and credit card numbers), which can result in Identity Theft. | ||
| + | |||
| + | 4. '''Denial of Service (DoS)''': A type of Trojan Horse that infiltrates into your system to deny the user the control of his or her own internet, along with any other applications involving the use of the internet. A DoS Trojan can also increase traffic on the victim's computer to the extent that it becomes so bogged down that it can no longer let anyone use the internet. | ||
| + | |||
| + | 5. '''System Wipes''': A type of Trojan Horse that embeds itself into your system and when it is released it deletes everything on your system, including files, programs, and applications. | ||
| + | |||
| + | 6. '''Remote Access Trojans (RATs)''': A type of Trojan Horse that are designed to give the hacker complete control over the victim's computer; the hacker can go through the files and access any [[Personally Identifiable Information (PII)|personal information]] about the user that may be stored in the files, such as credit card numbers, passwords, and financial documents. RATs are usually hidden in small and seemingly harmless downloaded games. | ||
| + | |||
| + | 7. '''Annoyance''': This Trojan Horse does nothing except annoy (obviously) the user. Some ways it could do this include turning the text on the screen or web page upside down playing random sounds, or making mouse motions erratic. Most of the time this type of Trojan Horse doesn't harm the computer directly, but the trial of an inexperienced user trying to get rid of the Trojan could harm the computer's hard drive. | ||
| + | |||
| + | |||
| + | |||
| + | == Preventing a Trojan Horse Attack == | ||
| + | |||
| + | The golden rule to protect your computer from any malicious software is to never download files or programs from an untrusted source. Whenever downloading files, always check the file extension (usually Trojan Horses end in an extension such as .exe, .vbs, .com, or .bat) If a file seems the least bit suspicious, always scan the file with your Anti-Virus software before opening it. This can be done for free at http://www.virustotal.com. But remember, even if an Anti-Virus or other program does not find anything wrong with a file, that does not necessarily mean that the file is safe. So good rules of thumb are never open a file from an untrusted source, never open a file with a suspicious extension, and if your gut says that the file isn't safe, don't download it; These rules may seem meticulous, but it is always better to be safe than sorry when dealing with dangerous computer threats. | ||
| Line 7: | Line 30: | ||
If your computer has been attacked by a Trojan Horse follow these steps immediately: | If your computer has been attacked by a Trojan Horse follow these steps immediately: | ||
| − | |||
| − | |||
| − | |||
| − | + | 1. '''Call IT Support if you have it''': Notify them of the situation | |
| − | + | 2. '''Disconnect from the internet''': In some cases intruders who sent the Trojan Horse may have access to personal information stored on your computer; if you disconnect your computer from the internet, it should stop this activity. | |
| − | + | 3. '''Back up any important files''': Copy or transfer important files onto a separate storage item (ie: CD, DVD, or flash drive); however it is important to note that these files should not be trusted--they may have become infected, so always scan them with an Anti-Virus program before reopening them on a different computer, to avoid another computer becoming infected. | |
| − | + | 4. '''Scan your machine''': Since your computer and/or operating system may be infected with a malicious program, it is safest to scan the machine from a live CD (or “rescue” CD) rather than a previously installed Anti-Virus program. Many Anti-Virus products provide this functionality. Another alternative is to use a web-based virus removal service, which some Anti-Virus software vendors offer. Another option is to use Microsoft’s web-based PC Protection Scan. The next best action is to install an Anti-Virus program from an uncontaminated source such as a CD-ROM. If you don’t have one, there are many to choose from, but all of them should provide the tools you need. After you install the software, complete a scan of your machine. The initial scan will hopefully identify the malicious program(s). Ideally, the Anti-Virus program will even offer to remove the malicious files from your computer; follow the advice or instructions you are given. Once you have removed the malicious program(s), you must scan your computer again to be sure that all the traces of the program are gone. | |
| + | 5. '''Reinstall your operating system''': If the previous step failed to clean your computer, the most effective option is to wipe or format the hard drive and reinstall the operating system. Although this corrective action will also result in the loss of all your programs and files, it is the only way to ensure your computer is free from [[backdoor|Backdoors]] and intruder modifications. Before conducting the reinstall, make a note of all your programs and settings so that you can return your computer to its original condition. It is also vital that you also reinstall your Anti-Virus software and apply any patches that may be available. | ||
| − | + | 6. '''Restore your files''': If you have backed-up your files, scan them with an Anti-Virus before restoring them into your computer. | |
| − | + | Source: [http://www.us-cert.gov/reading_room/trojan-recovery.pdf] | |
Latest revision as of 15:38, 12 April 2015
A Trojan Horse is a computer program that releases a malicious code hidden inside a harmless programming or data, so it can get control of your computer and do damage, such as to the file allocation table on your hard disk. [1] A Trojan Horse may also bog down your computer with needless files, which slows down your system, eventually resulting in your computer crashing. [2]
Types of Trojan Horses
There are many different types of Trojan Horses, but a few of the more common ones include:
1. Hacker Control: A type of Trojan Horse that is downloaded and controlled by the hacker to open Backdoors in your system and then the hacker has full and complete control of your computer, to use it for his or her needs.
2. Anti-Virus Virus: A type of Trojan Horse that can spread to your Anti-Virus software and disable it to render it useless- or delete it altogether.
3. Privacy Infiltration / Data Sending: A type of Trojan Horse that can hide in legit software programs and are used to steal your Personally Identifiable Information (PII) (such as email addresses, passwords, and credit card numbers), which can result in Identity Theft.
4. Denial of Service (DoS): A type of Trojan Horse that infiltrates into your system to deny the user the control of his or her own internet, along with any other applications involving the use of the internet. A DoS Trojan can also increase traffic on the victim's computer to the extent that it becomes so bogged down that it can no longer let anyone use the internet.
5. System Wipes: A type of Trojan Horse that embeds itself into your system and when it is released it deletes everything on your system, including files, programs, and applications.
6. Remote Access Trojans (RATs): A type of Trojan Horse that are designed to give the hacker complete control over the victim's computer; the hacker can go through the files and access any personal information about the user that may be stored in the files, such as credit card numbers, passwords, and financial documents. RATs are usually hidden in small and seemingly harmless downloaded games.
7. Annoyance: This Trojan Horse does nothing except annoy (obviously) the user. Some ways it could do this include turning the text on the screen or web page upside down playing random sounds, or making mouse motions erratic. Most of the time this type of Trojan Horse doesn't harm the computer directly, but the trial of an inexperienced user trying to get rid of the Trojan could harm the computer's hard drive.
Preventing a Trojan Horse Attack
The golden rule to protect your computer from any malicious software is to never download files or programs from an untrusted source. Whenever downloading files, always check the file extension (usually Trojan Horses end in an extension such as .exe, .vbs, .com, or .bat) If a file seems the least bit suspicious, always scan the file with your Anti-Virus software before opening it. This can be done for free at http://www.virustotal.com. But remember, even if an Anti-Virus or other program does not find anything wrong with a file, that does not necessarily mean that the file is safe. So good rules of thumb are never open a file from an untrusted source, never open a file with a suspicious extension, and if your gut says that the file isn't safe, don't download it; These rules may seem meticulous, but it is always better to be safe than sorry when dealing with dangerous computer threats.
Recovering from a Trojan Horse Attack
If your computer has been attacked by a Trojan Horse follow these steps immediately:
1. Call IT Support if you have it: Notify them of the situation
2. Disconnect from the internet: In some cases intruders who sent the Trojan Horse may have access to personal information stored on your computer; if you disconnect your computer from the internet, it should stop this activity.
3. Back up any important files: Copy or transfer important files onto a separate storage item (ie: CD, DVD, or flash drive); however it is important to note that these files should not be trusted--they may have become infected, so always scan them with an Anti-Virus program before reopening them on a different computer, to avoid another computer becoming infected.
4. Scan your machine: Since your computer and/or operating system may be infected with a malicious program, it is safest to scan the machine from a live CD (or “rescue” CD) rather than a previously installed Anti-Virus program. Many Anti-Virus products provide this functionality. Another alternative is to use a web-based virus removal service, which some Anti-Virus software vendors offer. Another option is to use Microsoft’s web-based PC Protection Scan. The next best action is to install an Anti-Virus program from an uncontaminated source such as a CD-ROM. If you don’t have one, there are many to choose from, but all of them should provide the tools you need. After you install the software, complete a scan of your machine. The initial scan will hopefully identify the malicious program(s). Ideally, the Anti-Virus program will even offer to remove the malicious files from your computer; follow the advice or instructions you are given. Once you have removed the malicious program(s), you must scan your computer again to be sure that all the traces of the program are gone.
5. Reinstall your operating system: If the previous step failed to clean your computer, the most effective option is to wipe or format the hard drive and reinstall the operating system. Although this corrective action will also result in the loss of all your programs and files, it is the only way to ensure your computer is free from Backdoors and intruder modifications. Before conducting the reinstall, make a note of all your programs and settings so that you can return your computer to its original condition. It is also vital that you also reinstall your Anti-Virus software and apply any patches that may be available.
6. Restore your files: If you have backed-up your files, scan them with an Anti-Virus before restoring them into your computer.
Source: [3]
