Trojan Horse
A Trojan Horse is a program that does something else that the user thought it would do. It is mostly done to someone on purpose.
The Trojan Horses are usually masked so that they look interesting, for example a saxophone.wav file that interests a person
collecting sound samples of instruments. A Trojan Horse differs from a destructive virus in that it doesn't reproduce. There has been
a password trojan out in AOL land (the American On Line). Password30 and Pasword50 which some people thought were wav. files,
but they were disguised and people did not know that they had the trojan in their systems until they tried to change their passwords.
A Trojan horse is so named due to the fact that the actual malicious software is programmed inside of an innocent piece of software,
browser toolbars being one of many techniques. Once the carrier software is installed the virus on the host system the virus will then
deliver its payload. Trojan viruses don’t always replicate, they often simply wait for the end-user to initiate an action that allows them
to install themselves.
According to an administrator of AOL, the Trojan steals passwords and sends an E-mail to the hackers fake name and then the
hacker has your account in his hands
Installation
• Secretly installed when an infected executable is run
– Much like a virus
– Executables typically come from P2P networks or unscrupulous websites
• ActiveX controls on websites
– ActiveX allows automatic installation of software from websites
– User probably does not know what they are running
– Misleading descriptions often given
– Not sandboxed!
– Digital signatures used, signing not necessary.
• Certificate Authority
• Misleading Certificate Description
• Who is trusted?
Effects
• Allows remote access
–To spy
–To disrupt
–To relay a malicious connection, so as to disguise the attacker’s location (spam, hacking)
–To access resources (i.e. bandwidth, files)
–To launch a DDoS attack