In computers, a Trojan horse is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the file allocation table on your hard disk. In one celebrated case, a Trojan horse was a program that was supposed to find and destroy computer viruses. A Trojan horse may be widely redistributed as part of a computer virus.
The term comes from Greek mythology about the Trojan War, as told in the Aeneid by Virgil and mentioned in the Odyssey by Homer. According to legend, the Greek
presented the citizens of Troy with a large wooden horse in which they had ecretly hidden their warriors. During the night, the warriors emerged from the wooden horse and overran the city.
The most important difference between a trojan virus/trojan horse and a virus is that trojans don’t spread themselves. Trojan horses disguise themselves as valuable and useful software available for download on the internet. Most people are fooled by this ploy and end up dowloading the virus disguised as some other application. The name comes from the mythical “Trojan Horse” that the Ancient Greeks set upon the city of Troy.
A trojan horse is typically separated into two parts – a server and a client. It’s the client that is cleverly disguised as significant software and positioned in peer-to-peer file sharing networks, or unauthorized download websites. Once the client Trojan executes on your computer, the attacker, i.e. the person running the server, has a high level of control over your computer, which can lead to destructive effects depending on the attacker’s purpose.
A trojan horse virus can spread in a number of ways. The most common means of infection is through email attachments. The developer of the virus usually uses various spamming techniques in order to distribute the virus to unsuspecting users. Another method used by malware developers to spread their trojan horse viruses is via chat software such as Yahoo Messenger and Skype. Another method used by this virus in order to infect other machines is through sending copies of itself to the people in the address book of a user whose computer has already been infected by the virus.
Types of Trojan Horse Viruses
Trojan Horses have developed to a remarkable level of cleverness, which makes each one radically different from each other. For an inclusive understanding, we have classified them into the following:
Remote Access Trojans
Remote Access Trojans are the most frequently available trojans. These give an attacker absolute control over the victim’s computers. The attacker can go through the files and access any personal information about the user that may be stored in the files, such as credit card numbers, passwords, and vital financial documents.
Password Sending Trojans
The intention of a Password Sending Trojan is to copy all the cached passwords and look for other passwords as you key them into your computer, and send them to particular email addresses. These actions are performed without the awareness of the users. Passwords for restricted websites, messaging services, FTP services and email services come under direct threat with this kind of trojan.
Key Loggers
Key Loggers type of Trojans logs victims’ keystrokes and then send the log files to the attacker. It then searches for passwords or other sensitive data in the log files. Most of the Key Loggers come with two functions, such as online and offline recording. Of course, they can be configured to send the log file to a specific email address on a daily basis.
Destructive Trojans
The only purpose of Destructive Trojans is to destroy and delete files from the victims’ computers. They can automatically delete all the core system files of the computer. The destructive trojan could be controlled by the attacker or could be programmed to strike like a logic bomb, starting on a particular day or at specific time.
Denial of Service (DoS) Attack Trojans
The core design intention behind Denial of Service (DoS) Attack Trojan is to produce a lot of internet traffic on the victim’s computer or server, to the point that the Internet connection becomes too congested to let anyone visit a website or download something. An additional variation of DoS Trojan is the Mail-Bomb Trojan, whose key plan is to infect as many computers as possible, concurrently attacking numerous email addresses with haphazard subjects and contents that cannot be filtered.
Proxy/Wingate Trojans
Proxy/Wingate Trojans convert the victim’s computer into a Proxy/Wingate server. That way, the infected computer is accessible to the entire globe to be used for anonymous access to a variety of unsafe Internet services. The attacker can register domains or access pornographic websites with stolen credit cards or do related illegal activities without being traced.
FTP Trojans
FTP Trojans are possibly the most simple, and are outdated. The only action they perform is, open a port numbered 21 – the port for FTP transfers – and let anyone connect to your computer via FTP protocol. Advance versions are password-protected, so only the attacker can connect to your computer.
Software Detection Killers
Software Detection Killers kill popular antivirus/firewall programs that guard your computer to give the attacker access to the victim’s machine.
FTP Trojans
Note: A Trojan could have any one or a combination of the above mentioned functionalities. Some might also come on USB drives, usually as “Autorun.inf” viruses.
The best way to prevent a Trojan Horse Virus from entering and infecting your computer is to never open email attachments or files that have been sent by unknown senders. However, not all files we can receive are guaranteed to be virus-free. With this, a good way of protecting your PC against malicious programs such as this harmful application is to install and update an antivirus program.