Difference between revisions of "Trojan Horse"

A Trojan Horse is a computer program that releases a malicious, harmful code hidden inside a seemingly harmless programming or data, so it can get control of your computer and do damage, such as to the file allocation table on your hard disk. [1] A Trojan Horse may also bog down your computer with needless files, which slows down your system, eventually resulting in your computer crashing.[2]

Types of Trojan Horses

There are many different types of Trojan Horses, but a few of the more common ones include:

1. Hacker Control: A type of Trojan Horse that is downloaded and controlled by the hacker to open backdoors in your system and then the hacker has full and complete control of your computer, to use it for his or her needs.

2. Anti-Virus Virus: A type of Trojan Horse that can spread to your Anti-Virus software and disable it to render it useless- or delete it altogether.

3. Privacy Infiltration: A type of Trojan Horse that can hide in trusted, legitimate software programs and are used to steal your personal information, which can result in Identity Theft.

4. Denial of Service: A type of Trojan Horse that infiltrates into your system to deny the user the control of his or her own internet, along with any other applications involving the use of the internet.

5. System Wipes: A type of Trojan Horse that embeds itself into your system and when it is released it deletes everything on your system, including files, programs, and applications.

Preventing a Trojan Horse Attack

The golden rule to protect your computer from any malicious software -especially Trojan Horses- is to never download files or programs from an untrusted source. Whenever downloading files, always check the file extension (usually Trojan Horses end in an extension such as exe., .vbs, .com, or .bat) If a file seems the least bit suspicious, always scan the file with your Anti-Virus software before opening it. This can be done for free at www.virustotal.com. But remember, even if an Anti-Virus or other program does not find anything wrong with a file, that does not necessarily mean that the file is safe. So good rules of thumb are never open a file from an untrusted source, never open a file with a suspicious extension, and if your gut says that the file isn't safe, don't download it; These rules may seem meticulous, but it is always better to be safe than sorry when dealing with dangerous computer threats.

Recovering from a Trojan Horse Attack

If your computer has been attacked by a Trojan Horse follow these steps immediately:

1. Call IT Support if you have it: Notify them of the situation[3]

2. Disconnect from the internet: In some cases intruders who sent the Trojan Horse may have access to personal information stored on your computer; if you disconnect your computer from the internet, it stops this activity.[4]

3. Back up any important files: Copy or transfer important files onto a separate storage item (ie: CD, DVD, or flash drive); however it is important to note that these files should not be trusted--they may have become infected, so always scan them with an Anti-Virus program before reopening them on a different computer.[5]

4. Scan your machine: Since your computer and/or operating system may be infected with a malicious program, it is safest to scan the machine from a live CD (or “rescue” CD) rather than a previously installed Anti-Virus program. Many Anti-Virus products provide this functionality. Another alternative is to use a web-based virus removal service, which some Anti-Virus software vendors offer. Another option is to use Microsoft’s web-based PC Protection Scan. The next best action is to install an Anti-Virus program from an uncontaminated source such as a CD-ROM. If you don’t have one, there are many to choose from, but all of them should provide the tools you need. After you install the software, complete a scan of your machine. The initial scan will hopefully identify the malicious program(s). Ideally, the Anti-Virus program will even offer to remove the malicious files from your computer; follow the advice or instructions you are given. [6] Once you have removed the malicious program(s), you must scan your computer again to be sure that all the traces of the program are gone.

5. Reinstall your operating system: If the previous step failed to clean your computer, the most effective option is to wipe or format the hard drive and reinstall the operating system. Although this corrective action will also result in the loss of all your programs and files, it is the only way to ensure your computer is free from backdoors and intruder modifications. Before conducting the reinstall, make a note of all your programs and settings so that you can return your computer to its original condition. It is also vital that you also reinstall your Anti-Virus software and apply any patches that may be available.[7]

6. Restore your Files: If you have backed-up your files, scan them with an Ant-Virus before restoring them into your computer.[8]