Trojan horse (computing): Wikis

  
  

Encyclopedia

From Wikipedia, the free encyclopedia

Beast, a Windows-based backdoor trojan horse

A Trojan, sometimes refered to as a Trojan horse, is non-self-replicating malware that appears to perform a desirable function for the user but instead facilitates unauthorized access to the user's computer system. The term is derived from the Trojan Horse story in Greek mythology.

Contents

Purpose and operation

Trojan horses are designed to allow a hacker remote access to a target computer system. Once a Trojan horse has been installed on a target computer system, it is possible for a hacker to access it remotely and perform various operations. The operations that a hacker can perform are limited by user privileges on the target computer system and the design of the Trojan horse.

Operations that could be performed by a hacker on a target computer system include:

Trojan horses require interaction with a hacker to fulfill their purpose, though the hacker need not be the individual responsible for distributing the Trojan horse. In fact, it is possible for hackers to scan computers on a network using a port scanner in the hope of finding one with a Trojan horse installed, that the hacker can then use to control the target computer.[1]

A trojan differs from a virus in that only a file specifically designed to carry it can do so.

Installation and distribution

Trojan horses can be installed through the following methods:

  • Software downloads (e.g., a Trojan horse included as part of a software application downloaded from a file sharing network)
  • Websites containing executable content (e.g., a Trojan horse in the form of an ActiveX control)
  • Email attachments
  • Application exploits (e.g., flaws in a web browser, media player, messaging client, or other software that can be exploited to allow installation of a Trojan horse)

Also, there have been reports of compilers that are themselves Trojan horses.[citation needed] While compiling code to executable form, they include code that causes the output executable to become a Trojan horse.

Removal

Antivirus software is designed to detect and delete Trojan horses, as well as preventing them from ever being installed. Although it is possible to remove a Trojan horse manually, it requires a full understanding of how that particular Trojan horse operates. In addition, if a Trojan horse has possibly been used by a hacker to access a computer system, it will be difficult to know what damage has been done and what other problems have been introduced. In situations where the security of the computer system is critical, it is advisable to simply erase all data from the hard disk and reinstall the operating system and required software.

Current use

Due to the growing popularity of botnets among hackers, Trojan horses are becoming more common. According to a survey conducted by BitDefender from January to June 2009, "Trojan-type malware is on the rise, accounting for 83-percent of the global malware detected in the wild".[2]

See also

Notes

References

  1. ^ Jamie Crapanzano (2003): [http://www.sans.org/reading_room/whitepapers/malicious/deconstructing_subseven_the_trojan_horse_of_choice_953, "Deconstructing SubSeven, the Trojan Horse of Choice", SANS Institute], Retrieved on 2009-06-11,
  2. ^ http://news.bitdefender.com/NW1094-en--BitDefender-Malware-and-Spam-Survey-finds-E-Threats-Adapting-to-Online-Behavioral-Trends.html BitDefender Malware and Spam Survey

External links


Citable sentences

Up to date as of December 20, 2010

Unfortunately, we could not find any sentences from other sites similar to those above.








Got something to say? Make a comment.
Your name
Your email address
Message