Google+ Badge

Sunday, June 29, 2008

Trojan Horse Viruses, Not A Myth

Most people are familiar with the legend of the Trojan horse. During the siege of Troy, the Greeks left a large wooden horse outside the gates, allegedly as a peace offering. The Trojans brought the horse inside the city walls only to discover it was full of Greek soldiers who quickly sacked the city.

A computer Trojan horse is similar. It looks like a benign or useful program but actually contains hidden code that can destroy data or install spyware.

A Trojan horse is often referred to as a virus, but unlike a true computer virus doesn't replicate itself. It's simply designed to gain access to your system and wreak havoc - like the mythical Greek soldiers.

Many Trojan horses (or simply 'Trojans') are spyware, used to monitor your computer activity and send information to a third party without your knowledge or consent.

Spyware can be used to deliver unsolicited pop-up ads, or to log private information such as credit card numbers and passwords, or even reroute your browser to a commercial site. The unscrupulous vendor at that site usually paid the spyware creator to do just that.

Another common use for a Trojan is to install a 'backdoor' - an access point to your computer which bypasses the normal login procedure. Hackers use backdoors to gain control of your computer to send spam or to wreak malicious damage. Since the damage appears to originate from your system it can be hard to combat.

Geeks make a distinction between 'crackers' who gain access to a system to do harm, and 'hackers' who just want to understand the details of how a system works. We'll stick with the more common, though less accurate, term.

How Trojans Are Distributed

Trojans are hidden in programs which appear useful. You visit a free utility site, download one and run the program. Your system is infected.

They can also be spread by e-mail attachments. If the attachment contains an executable file, that program can also contain a Trojan which will infect your computer as soon as it is run.

Executable files have extensions such as .exe but sometimes the extensions are hidden to make the file look like a harmless text file. An example of this would be a file named 'look_at_me.txt.exe. The user may not notice the '.exe' part of the filename (the extension) and think it's a text file. Some operating systems allow users to hide extensions, so in this case the user would simply see 'look_at_me.txt'.

Newer tactics involve embedding them in certain image files. The lesson is: never open a file from someone unknown, or when its arrival is unexpected. Even well-meaning individuals pass on viruses this way.

It's common for Trojans to be spread through operating system vulnerabilities. An operating system controls the basic functions of the computer. Computers connect to the Internet through 'ports', some of which present security risks. Malware takes advantage of these vulnerabilities.

One well-known Trojan is called Sub7. Some claim it has legitimate uses (such as remotely controlling your own computer), though it's often used for illegal activities. Computers with Sub7 installed are accessible from a remote location and can be used to steal credit card numbers by logging keystrokes for example.

Fighting Trojans - The modern way

Most antivirus software will detect and remove Trojans. Keep your virus database up to date to provide the best protection. Some antivirus programs require you to manually scan attachments or other incoming files. Get one that does it automatically. The cost difference is negligible.

Always use caution when opening email attachments, even if they come from a known source. If the attachment is unexpected it should be suspected.

Firewalls should also be used to close vulnerabilities when using the Internet.

New! Ezy-Internet Safety Guide is the perfect blueprint to the truth about Internet safety. Learn everything you need to know about making your computer safer, safety software that works and how to avoid all the nasty spyware, malware, viruses, worms and trojans.