trojan horses
DESCRIPTION
Trojan Horses. What you need to know about one of the world’s most dangerous forms of malicious code. A Brief History. According to legend, the ancient Greeks used a giant horse to defeat the Trojans. It was received as a gift, but inside the horse was the enemy. Trojan Horses Today. - PowerPoint PPT PresentationTRANSCRIPT
Trojan HorsesTrojan HorsesWhat you need to know about one What you need to know about one
of the world’s most dangerous of the world’s most dangerous forms of malicious codeforms of malicious code
A Brief HistoryA Brief History
► According to According to legend, the ancient legend, the ancient Greeks used a giant Greeks used a giant horse to defeat the horse to defeat the Trojans. It was Trojans. It was received as a gift, received as a gift, but inside the horse but inside the horse was the enemy.was the enemy.
Trojan Horses TodayTrojan Horses Today
►Trojan Horses, or “Trojans” are a type Trojan Horses, or “Trojans” are a type of computer virus.of computer virus.
►They are hidden behind a façade of an They are hidden behind a façade of an appealing and harmless nature.appealing and harmless nature.
►For someone to get a Trojan, they For someone to get a Trojan, they must download a file. This trap may must download a file. This trap may be very easy to fall into, because the be very easy to fall into, because the file will look good on the surface.file will look good on the surface.
How to get a Trojan HorseHow to get a Trojan Horse
DiscussionDiscussion
► In our movie, an unsuspecting gamer In our movie, an unsuspecting gamer was lured to download the Trojan with was lured to download the Trojan with the promise of something good.the promise of something good.
► If a download seems too good to be If a download seems too good to be true, it might be a Trojan.true, it might be a Trojan.
Secret and UnseenSecret and Unseen
►Many Trojan Horses do not make Many Trojan Horses do not make themselves known, and stay hidden on themselves known, and stay hidden on your computeryour computer
►From behind the scenes, they can From behind the scenes, they can gather data and send it back to their gather data and send it back to their master!master!
Types of TrojansTypes of Trojans
►Remote Access TrojansRemote Access Trojans►Data Sending TrojansData Sending Trojans►Destructive TrojansDestructive Trojans►Proxy TrojansProxy Trojans►FTP TrojansFTP Trojans►Security Software Disabler TrojansSecurity Software Disabler Trojans►Denial of Service Attack TrojansDenial of Service Attack Trojans
Remote Access TrojansRemote Access Trojans
►Allows the attacker to gain complete Allows the attacker to gain complete or partial control over a remote or partial control over a remote computer.computer.
►Often called “RATs.”Often called “RATs.”
Data Sending TrojansData Sending Trojans
►Gathers data such as passwords, Gathers data such as passwords, credit card numbers, etc.credit card numbers, etc.
►Can install keyloggers that record all Can install keyloggers that record all key strokes made.key strokes made.
►Don’t make themselves known, and Don’t make themselves known, and operate through stealth tacticsoperate through stealth tactics
Destructive TrojansDestructive Trojans
►Destroys and deletes all files from a Destroys and deletes all files from a computercomputer
►More like a virus than other types of More like a virus than other types of TrojansTrojans
Proxy TrojansProxy Trojans
►Allows the attacker to use another Allows the attacker to use another computer as a proxy server.computer as a proxy server.
► Illegal activities done by the attacker Illegal activities done by the attacker will be traced back to the victim’s will be traced back to the victim’s computer, not the attacker’s.computer, not the attacker’s.
FTP TrojansFTP Trojans
►Opens port 21 and allows the attacker Opens port 21 and allows the attacker access to a computer using File access to a computer using File Transfer ProtocolTransfer Protocol
Security Software Disabler Security Software Disabler TrojansTrojans
►Designed to kill security programs, Designed to kill security programs, such as antivirus software of firewalls.such as antivirus software of firewalls.
►Usually combined with other types of Usually combined with other types of TrojansTrojans
DoS Attack TrojansDoS Attack Trojans
►Makes a Denial of Service attack (Ping Makes a Denial of Service attack (Ping of Death, Teardrop) that floods your of Death, Teardrop) that floods your network with useless traffic, crippling network with useless traffic, crippling it.it.
Preventing TrojansPreventing Trojans
►1. Don’t open e-mails from suspicious 1. Don’t open e-mails from suspicious sources (ex. [email protected]). sources (ex. [email protected]).
►2. Change e-mail settings to prevent 2. Change e-mail settings to prevent attachments from opening attachments from opening automaticallyautomatically
Preventing TrojansPreventing Trojans
►3. Make sure antivirus and firewall 3. Make sure antivirus and firewall programs are installed on your programs are installed on your computercomputer
►4. Avoid using P2P file sharing 4. Avoid using P2P file sharing networksnetworks
Preventing TrojansPreventing Trojans
►Always be very cautious when opening Always be very cautious when opening files.files.
Attack MethodsAttack Methods
By default, file extensions such as .exe By default, file extensions such as .exe and .bat are hidden by Windows. and .bat are hidden by Windows.
Attackers take advantage of this by Attackers take advantage of this by masking files like “readme.txt.exe”.masking files like “readme.txt.exe”.
Icons can also be imitated.Icons can also be imitated.
Trojans will also open the desired Trojans will also open the desired program to satisfy the user and avoid program to satisfy the user and avoid suspicion suspicion
Attack MethodsAttack Methods
►By then, it’s too late to stop the TrojanBy then, it’s too late to stop the Trojan
BibliographyBibliography► Wikipedia (http://en.wikipedia.org/wiki/Trojan_horse_(computing))Wikipedia (http://en.wikipedia.org/wiki/Trojan_horse_(computing))► Webopedia (http://www.webopedia.com/TERM/T/Trojan_horse.html)Webopedia (http://www.webopedia.com/TERM/T/Trojan_horse.html)► Irchelp.org (http://www.irchelp.org/irchelp/security/trojan.html)Irchelp.org (http://www.irchelp.org/irchelp/security/trojan.html)► Pantheon.org (Pantheon.org (http://www.pantheon.org/articles/t/trojan_horse.htmlhttp://www.pantheon.org/articles/t/trojan_horse.html))► Searchsecurity.com Searchsecurity.com
(http://searchsecurity.techtarget.com/sDefinition/0,290660,sid14_gci213221,0(http://searchsecurity.techtarget.com/sDefinition/0,290660,sid14_gci213221,00.html)0.html)
► Netlingo.com (http://www.netlingo.com/lookup.cfm?term=Trojan%20Horse)Netlingo.com (http://www.netlingo.com/lookup.cfm?term=Trojan%20Horse)► Tech-faq.com (http://www.tech-faq.com/trojan-horse-virus.shtml)Tech-faq.com (http://www.tech-faq.com/trojan-horse-virus.shtml)► Informit.com (http://www.informit.com/articles/article.asp?p=102181&rl=1)Informit.com (http://www.informit.com/articles/article.asp?p=102181&rl=1)► Cnet News.com Cnet News.com
(http://news.com.com/The+future+of+malware+Trojan+horses/2100-7349_3-(http://news.com.com/The+future+of+malware+Trojan+horses/2100-7349_3-6125453.html)6125453.html)
► Securityfocus.com (http://www.securityfocus.com/news/11209)Securityfocus.com (http://www.securityfocus.com/news/11209)