TROJAN

-




Why do we call this kind of malware a “Trojan horse?” Because in Greek mythology, the Greeks won the Trojan War by building a hollow horse, filling it with soldiers and leaving it for the Trojans, supposedly as a gift. A Trojan priest was suspicious of the “gift” and said to “beware of Greeks bearing gifts” but the Trojans ignored him and brought the horse through the gates into the city. Later, when the Trojans were asleep the Greek soldiers jumped out, captured the city and burned it to the ground.

And so the “Trojan horse” came about.

A Trojan horse (also known as a Trojan) is one of several kinds of malware you might find on your computer after a successful virus attack. Trojans are a particularly sneaky kind of malware because they look harmless or even beneficial and trick you into installing them on your system. Trojans fall into the category of “social engineering” attacks because they trick people. Trojans are typically used by cybercriminals for online fraud and theft.

Storm Trojan surfaced in 2007 inundating thousands of computers. Users would be lured into opening emails because of the subject headers such as ‘230 dead as storm batters Europe.’  Once an email attachment was opened the Trojan implanted a service called wincom32.  This passed data to other infected computers and all of the infected computers became zombies or bots, that is, a huge global network of computers enslaved by Storm Trojan.

Each computer would then attempt to infect other computers. And while it  sounds like the plot from a James Bond movie, with the evil villain trying to take over the world, this throbbing, thriving, and monster botnet aimed to infect every computer on the planet. It was estimated that at its peak up to 10 million CPUs, that is the processor that powers your computer, was under the control of Storm Trojan. Most antivirus vendors picked up the infection surge and updated their detection signatures but Storm Trojan’s creators constantly altered the  code to evaded detection. It was eventually contained but not after the wiping of many fevered brows and millions of man hours spent on trying to halt its activity.

Some Trojans :

 1. The File Serving Trojan Horse Virus

Trojan horse viruses from this category are able to create a file server on the infected machine. Usually this server is configured as an FTP server and with its help the intruder will be able to control network connections, upload and download various files. These Trojan horse viruses are rather small in size, sometimes not more than 10Kb, which makes it difficult to detect them. They are often attached to emails or hidden in other files that users may download from the Internet. Regularly these Trojan viruses spread with the help of funny forwarded messages that a user receives from friends. Trojan horse viruses may also be hidden in small downloadable games.

2. The Remote Administration Trojan Horse Virus

This type of Trojan horse virus gives hacker behind the malware the possibility to gain control over the infected system. Often the remote administration Trojan horse virus functions without being identified. It can help the hacker to perform different functions including altering the registry, uploading or downloading of files, interrupting different types of communications between the infected computer and other machines.

3. The Password Stealing Trojan Horse Virus

The name speaks for itself - Trojans from this category are used to steal passwords. The Trojan transmits information about passwords to the hacker through email. Just like keylogging Trojans, this malware is used mainly for hacker's financial benefit (a lot of people use passwords to access their bank accounts or credit cards).

4. The System Killing Trojan Horse Virus

These Trojans are meant to destroy everything in the system starting with drive Z and ending with drive A. One of the recent Trojan horse viruses of this type is called Trojan.Killfiles.904. The reasons for creating such Trojans are unknown but the results could be catastrophic.

5. Distributed Denial of Service Attack Trojan Horse Virus

A lot of computers can be tricked intro installing the Distributed Denial of Service Trojan so that the hacker can gain control over one, several or all computers through a client that is connected with a master server. Using the primary computer within one huge zombie network of machines, hackers are able to sent attacks at particular targets, including companies and websites. They simply flood the target server with traffic, thus making it impossible for simple users to access certain websites or systems. Often these attacks are used to stop the activity of famous brands that could handle different financial demands.

6. Keylogging Trojan Horse Virus

These Trojan horse viruses make use of spyware with the goal of recording every step of user's activity on the computer. They are called keylogging because they transmit to the hacker via email the information about logged and recorded keystrokes. Hackers use this type of malware for their financial benefit (through card fraud or identity theft). Some individuals or companies can offer a great reward for valuable information.

Comments

Post a Comment

Popular posts from this blog

INSTALL TIGHTVNC ON KALI LINUX RASPBERRY PI

-
Image
Install TightVNC server using the following command apt-get install tightvncserver Run VNCserver to generate the configuration files. vncserver :1 VNC sessions are not linked to Linux user authentication.It is just protected by a password.So, it is better to change your password. Change your password using vncpasswd Run the command to check the VNC connection netstat -tupln Use a VNC application such as VNC CONNECT and login using the PI's IP Address. Download the  VNC CONNECT   To run VNC over SSH, we can create a SSH tunnel. Start your VNC server vncserver :1 -geometry 1280x800 -depth 16 -localhost -nolisten tcp -locahost option will ensure VNC port is listening only on local interface. -nolisten tcp - X Server will not listen on the network. Now, create a SSH tunnel  ssh -L 5901:localhost:5901 -N -f <user>@<ip> Any connection to this port will be tunneled by SSH. ENABLE AT STARTUP To...
Read more

ENABLE AUTOSTART FOR X11VNC

-
Image
ENABLING AUTOSTART FOR X11VNC ON KALI LINUX RASPBERRY PI TO INSTALL VNC check my last post INSTALL X11VNC ON KALI LINUX RASPBERRY PI   O nce you've started the service, it'll run until you stop it or reboot. To Autostart it during BOOT , follow these steps. Create a file "sharex11vnc" in the directory /usr/local/bin Open a terminal, type cd /usr/local/bin this will take you to that directory. To create a file, type nano sharex11vnc Enter the following,   #!/bin/sh x11vnc -ncache 10 -auth guess -repeat -nap -loop -forever -rfbauth ~/.vnc/passwd -desktop "VNC ${USER}@${HOSTNAME}"|grep -Eo "[0-9]{4}">~/.vnc/port.txt # comment this out if you dont want a pop up telling you which port you're using zenity --info --text="Your VNC port is 'cat~/.vnc/port.txt'" press Ctrl+x then press "y" then hit Enter . This will save the file. This script will run the x11vnc during boot. Once t...
Read more

INSTALL X11VNC ON KALI LINUX RASPBERRY PI

-
Image
Once your PI is  configured, update it.  apt-get update  apt-get upgrade After everything is updated, install x11vnc by typing apt-get install x11vnc  After it is installed, set up a password to connect to your PI. Type, x11vnc -storepasswd Enter your password and press enter and you're done. To connect through vnc, first you need to start the service.Type the following command to start it. x11vnc -ncache 10 -auth guess -nap -forever -loop -repeat -rfbauth /root/.vnc/passwd -rfbport 5900 -noncache Use a VNC application such as VNC CONNECT and login using the PI's IP Address. Download the VNC CONNECT   https://www.realvnc.com/download/vnc/ CHECK MY   ENABLE AUTOSTART FOR X11VNC    TO AUTOSTART IT DURING BOOT
Read more