December 18, 2013

3.1.5 Trojans

Trojans

Whatever it is, I’m afraid of Greeks even those bearing gifts.

From classic literature such as Virgil's Aeneid, Book II and Homer's Odyssey, we get the tale of Greek soldiers hiding in a large wooden horse (Trojan Horse) in order to gain access to the city of Troy. Once they had access, they surreptitiously opened the gates of the city and let in an invading Greek force.

A Trojan or Trojan horse in computing is a type of malicious software that is disguised as something useful, legitimate or interesting. Since Trojans cannot replicate on their own, they are designed to trick the user into installing and running it on their computer.

“A Trojan horse is a malicious software program that hides inside other programs. It enters a computer hidden inside a legitimate program, such as a screen saver. It then puts code into the operating system, which enables a hacker to access the infected computer. Trojan horses do not usually spread by themselves; they are spread by viruses, worms, or downloaded software.”

Trojans do not self-activate and are non-self-replicating programs. Trojans rely on the user to execute the malicious software and in so doing activate the program to carry out its function. Among other things, Trojan horse software can:
  • Install backdoor program giving an attacker remote access to the system
  • Install malicious code such as spyware to gather information surreptitiously
  • Conscript the system into a botnet for use in spamming and distributed denial-of-service (DDoS) attacks.
  • Modify system files and configurations for malicious purposes
Trojans are propagated in a variety of ways including as attached documents in an email message or disguised as an application you might want to download, on a web site or file-sharing network.

To protect computers from Trojan horses:
  • Keep operating system and applications updated
  • Install antivirus and antispyware software and keep them updated
  • Do not open email attachments unless you have confirmed its purpose
  • Make sure your email setting does not automatically open attachments
  • Enable appropriate security and privacy features on web browsers
  • Use an up-to-date firewall program to filter out suspicious traffic
  • Take precautions when using peer-to-peer (P2P) networks
In general, use common sense when online. Perform regular full back ups to increase the chance of recovering infected or deleted files. Secure the browser by disabling ActiveX, Java, JavaScript features. While this may diminish the browsing experience, it also removes major opportunities for compromising browser security. Those features can be enabled if needed and after the legitimacy of the site has been confirmed.


Note: Use Trojan horse when referring to the malware and Trojan Horse with a capital H, when citing Greek mythology.

References:

No comments:

Post a Comment