Why "Trojan Horses" Are So Dangerous for Internet Users
|
|
|
| 4.0/5.0 (2 votes total) |
|
|
|
Kira Foster December 06, 2006
|
Kira Foster |
Kira Foster is an expert on modern IT technologies and security
software. She is also a Project Manager of Arovax Company which is one
of the leaders in the field of software development and PC protection.
More articles by Kira Foster - http://www.arovax.blogspot.com |
Kira Foster
has written 1 articles for WebKnowHow. |
View all articles by Kira Foster... |
The origin of th term 'Trojan Horse' is known to everybody from
school. It embodies a "present" with a hidden threat for its recipient.
These "presents" can be of great danger for Internet users. So, in this
article we will describe the work of Trojan Horses.
Trojan Horses are one of the most
dangerous threats for a PC and its owner. These malicious programs can
be completely different. Major worms can also be related to Trojan
Horses. Describing and classifying them is very difficult. However,
there is one parameter by which all Trojan Horses can be classified to
different groups. This parameter is a target of the virus, or in other
words, the harm that they cause on the victim-PC. There are six groups
of malicious programs that exert influence upon the victim.
Remote Administration Nowadays,
there are a lot of programs that make it possible to provide remote
administration of both separate PCs and computer systems. These
programs are very convenient utilities that make things easier for
local network administrators. The operation principle of such programs
is easy: a special agent is installed on a remote PC; after that the
administrator can launch the main module onto his computer, connect to
another computer and get an opportunity to completely control it. Now
imagine that a PC user does not know about the agent installed into his
system. And this agent connects not to another local network computer,
but to a thousands miles remote PC on which a hacker works. In this
case the criminal can do anything he wants: steal passwords, copy
personal documents, install any software, even reboot or turn off the
PC. That is why Trojan Horses (in fact, these are agents utility for
remote administration) of this group are most dangerous. They offer the
criminal splendid opportunities to control a victim-PC.
Data Stealing Another
very dangerous group of Trojan Horses includes those viruses that are
focused on stealing users' data. They are of serious threat for home PC
owners. Prima facie this may seem strange. What secret data can an
ordinary user have? Hackers should be interested in huge companies
which have their commercial secrets and are afraid that their data will
be sold to competitors. However, there is one problem here. Trojan
Horses cannot themselves find files with secret data. Moreover, it is
rather difficult to send big data volumes over the Internet. At the
same time it is very easy to steal data (for example passwords for
access to OS or Internet) from home PCs which are usually less
protected. This variant is the most popular. With the help of Trojan
Horses which steal passwords for access to the Global Network a
criminal connected up to the same provider as the victim, can easily
make other people cover his Internet costs by using their authorization
data. Besides, there are malicious programs with a complicated
algorithm. They can try to steal passwords saved in browser from
different web-services, FTP-servers, etc.
Spies Nowadays
spies are used more and more often. The principle of their work is as
follows: A special agent is installed on user's PC. Working without
being noticed by the user, it collects certain data and sends it over
the Internet to a hacker. Such software is called spyware. Modern
spyware can do a lot of things: keep log of the pressed keyboard keys,
make screenshots of the whole screen and visited web-pages from time to
time. All this enables criminals to collect very detailed data about
their victims, including passwords necessary for access to the Internet
and different services. However, it should be noticed that the
majority of this kind of Trojan Horses record only the order of typed
keys. First, this information is the most critical. This is the way to
learn user's passwords and using the resources on behalf of the victim.
Second, the list of pressed keys is relatively small in size. So, it
can be easily sent to hackers' PC. Today, there are a lot of
different programs to fight spyware, however, not of them are really
effective and user-friendly. Of the best solutions for PC protection is
Arovax Shield (http://www.arovaxshield.com). It offers real-time
monitor which enables a user to detect and prevent attempts to steal
his personal information and impact the work of his computer. One ff
the leaders in the anti-spyware software market - Arovax Company
(http://www.arovaxcompany.com) - offers a number of products to help
users protect their PCs.
Homepage Hijackings Today there are
a lot of partnership programs in the Internet. Their function is as
follows: A person attracts visitors to the sponsored site, getting some
fee for every visitor. In fact, partnership programs is a common thing,
but only unless both sides stick to the rules. However, many web
resources with the "adult" content look through their fingers at
partners' actions. As a result we have the following: Aiming to have
the highest profit, some people use Trojan Horses. They infect Internet
users' computers with such malicious programs that constantly hijack
the browser home page and change it to partner's site's address.
Visiting it will immediately open some other pop-ups with the sponsor's
web-projects. Besides, such Trojan Horses themselves are able to
initiate opening of the defined address during certain activity of the
user (connecting to the Internet, opening new browser window, etc.)
Attacks The
most popular type of remote attacks are denial of service
(DDoS-attacks). Their main point is in the following: criminals send
great amount of special network packets. As a result, the computer
cannot cope with this flood and becomes inaccessible for ordinary
users. However, it is impossible to create such a huge amount of
threads to completely load a server. And it is dangerous for hackers as
well. That is why criminals often use the following scheme: First of
all they infect as much ordinary Internet users' PCs as possible with a
special Trojan Horse. This malicious program lives in the PC without
identifying itself or making any activity. However, when it receives a
special command from the control centre, the Trojan is activated and
starts sending network packets to the pointed victim. There can be
hundreds and thousands of such computers, so it is not a surprise that
the server "falls down". In fact, such Trojans Horses are not harmful
for a user, except that when he works his channel is overloaded.
Downloading and Installation of Other Software Lately,
spyware requirements have changed. All viruses were very small before,
but modern Trojan Horses can be huge in size. This is because of their
multi-functionality (for example spy-programs and remote administration
utilities) and technologies they use. It is not always possible to
place such big data volumes on user's PC. That is why hackers use the
following method: First a PC is infected with a small utility which
connects to a certain server, downloads malicious spyware from there,
installs and launches it. In this case multi-purpose downloaders are
most dangerous as they enable a criminal to install different Trojan
Horses on user's PC. It depends on what is kept on the server at this
moment.
Conclusions So, we can be certain of the fact that
modern Trojan Horses are really very dangerous for any computer
connected to the Internet. It is also necessary to consider that modern
programs can relate to two, three and more groups. Such Trojans can for
example spy on the user, secretly download and install different
software on his PC and take part in attacks.
It is not difficult to
protect your PC from such threats. It is enough to have a regularly
updated antivirus program, such as ArovaxShield
(http://www.arovaxshield.com) for example, correctly set firewall and
regular updates of OS and software.
|