SlideShare a Scribd company logo

Guide to Trojan Horses: Functions, Modes of Transmission & Prevention

Download as PPTX, PDF
Akshay Sharma
Akshay Sharma

This document discusses Trojan horses, which are unauthorized programs that perform unwanted functions on a user's computer. It defines Trojans and explains how they work, providing examples of common Trojans like remote access Trojans and password stealing Trojans. The document also outlines how Trojans are transmitted and describes ways for users to obtain and install a Trojan on another person's computer without their consent.

Technology
1 of 24
INDEX INTRODUCTION WHAT IS TROJAN HORSE WHAT ARE THEIR FUNCTIONS HOW TROJAN WORKS MOST COMMON TROJANS MODES OF TRANSMISSION GET A TROJAN CONCLUSION
INTRODUCTION Trojan Horses pose one of the most significant threats to the Windows OS, thus exposing sensitive information to malicious attackers, as well as providing them with full access to the computer, which often results in further illegal activities done via the infected computer.
WHAT IS A TROJAN HORSE? Basically a Trojan horse can be defined as:  An unauthorized program contained within a legitimate program. This unauthorized program performs functions unknown (and probably unwanted) by the user.  A legitimate program that has been altered by the placement of unauthorized code within it; this code performs functions unknown (and probably unwanted) by the user.  Any program that appears to perform a desirable and necessary function but (because of unauthorized code within it that is unknown to the user) performs functions unknown (and definitely unwanted) by the user. The trojan has borrowed it's name from the old mythical story about how the Greeks gave their enemy a huge wooden horse as a gift, but after the enemy accepted it, during the night the Greek soldiers crept out of the horse and conquered the city.
WHAT ARE THEIR FUNCTIONS?  Hide/show the Start button. Enable/Disable keyboard. Restart windows. Open/Close the CD-ROM tray. Turn monitor on/off.  File manager: This function acts as an explorer for the attacker while browsing through your system. Retrieve passwords: This function will provide the attacker with the recorded passwords on your computer.  KeyLogger: Logs all of the keys you've pressed, could be achieved in offline/online mode.
HOW TROJANS WORK? Trojans work similar to the client-server model. Trojans come in two parts, a Client part and a Server part. The attacker deploys the Client to connect to the Server, which runs on the remote machine when the remote user (unknowingly) executes the Trojan on the machine. The typical protocol used by most Trojans is the TCP/IP protocol, but some functions of the Trojans may make use of the UDP protocol as well. When the Server is activated on the remote computer, it will usually try to remain in a stealth mode, or hidden on the computer. This is configurable - for example in the Back Orifice Trojan, the server can be configured to remain in stealth mode and hide its process. Once activated, the server starts listening on default or configured ports for incoming connections from the attacker. It is usual for Trojans to also modify the registry and/or use some other auto starting method.
MOST COMMON TROJANS Remote Access Trojans Password Sending Trojans Keyloggers Destructive Proxy/Wingate Trojans FTP Trojans Software Detection Killers
REMOTE ACCESS TROJAN These are the Trojans usually seen referred to in the media and hence gain high visibility because of their ability to give the attackers the power to do more things on the victim's machine than the victim itself, while standing in front of the machine. A remote access Trojan (RAT) is a malware program that includes a back door for administrative control over the target computer.
RATs are usually downloaded invisibly with a user- requested program -- such as a game -- or sent as an email attachment. Once the host system is compromised, the intruder may use it to distribute RATs to other vulnerable computers and establish a botnet.
 Because a RAT enables administrative control, it makes it possible for the intruder to do just about anything on the targeted computer, including: Monitoring user behavior through keyloggers or other spyware. Accessing confidential information, such as credit card and social security numbers. Activating a system's webcam and recording video. Taking screenshots. Distributing viruses and other malware. Formatting drives. Deleting, downloading or altering files and file systems.
Password Sending Trojan These Trojans are directed towards extracting all the cached passwords and also capture other passwords entered by the victim and email them across to an attacker specified mail address, without the victim realizing it. The password harvest may include passwords for ICQ, IRC, FTP, HTTP or any other application that require a user to enter a login and password. Most of them do not restart when Windows is loaded, as the objective is to gather as much info about the victim's machine as passwords, mIRC logs, ICQ conversations and mail them to the attacker.
A PASSWORD STEALING TROJAN IS USUALLY A STANDALONE APPLICATION THAT INSTALLS ITSELF TO SYSTEM AND SOMETIMES DROPS A KEYLOGGING COMPONENT. SUCH TROJAN STAYS ACTIVE IN WINDOWS MEMORY AND STARTS KEYLOGGING (RECORDING KEYSTROKES) WHEN A USER IS ASKED TO INPUT A LOGIN AND A PASSWORD. THEN A TROJAN STORES THE RECORDED KEYSTROKES DATA FOR LATER SUBMISSION OR SENDS THIS DATA TO A HACKER IMMEDIATELY. IN MANY CASES SUCH TROJANS ALSO SEND INFORMATION ABOUT USER'S COMPUTER IP, RAS (REMOTE ACCESS SERVER), AND NETWORK CONFIGURATION. A HACKER WHO GETS THIS INFO IS CAPABLE OF MISUSING OTHER PERSON'S INTERNET ACCOUNT AND IN SOME CASES HACK INTO USER'S NETWORK. STOLEN LOGINS AND PASSWORDS CAN ALLOW A HACKER TO READ USER'S E- MAIL ON PUBLIC AND CORPORATE MAIL SERVERS.
KEYLOGGERS The only function of these Trojans is to destroy and delete files. They can deliberately delete core system files (for example: .dll, .ini or .exe files, possibly others) on the target machine. These Trojans log the keystrokes of the victim and then let the attacker search for passwords or other sensitive data in the log file. They usually come with two functions such as online and offline recording. As with the previous group, these Trojans can be configured to send the log file to a specific e-mail address on a regular basis. Destructive
A DESTRUCTIVE TROJAN IS A VIRUS DESIGNED TO DESTROY OR DELETE FILES. DESTRUCTIVE TROJANS HAVE MORE TYPICAL VIRUS CHARACTERISTICS THAN OTHER TYPES OF TROJANS BUT DO NOT ALWAYS RESULT IN DATA THEFT. DESTRUCTIVE TROJANS MAY NOT BE DETECTED BY ANTIVIRUS SOFTWARE. ONCE A DESTRUCTIVE TROJAN INFECTS A COMPUTER SYSTEM, IT RANDOMLY DELETES FILES, FOLDERS, AND REGISTRY ENTRIES, OFTEN RESULTING IN OS FAILURES. A DESTRUCTIVE TROJAN IS USUALLY IN PROGRAM FORM OR MANIPULATED TO STRIKE LIKE A LOGIC BOMB PROGRAMMED AND SPECIFIED BY THE ATTACKER.
PROXY/WINGATE TROJANS These Trojans open port 21(the port for FTP transfers) and lets anybody or just the attacker connect to the machine. They may be password protected so only the attacker is able connect to the computer. Underground sites are known to announce freely available proxy servers. These Trojans turn the victim's computer into a proxy/Wingate server available to the whole world or to the attacker only. It is used for anonymous Telnet, ICQ, IRC, etc., and also to register domains with stolen credit cards and for other illegal activities. This gives the attacker complete anonymity and the chance to do everything and point the trail to the victim. FTP Trojans
SOFTWARE DETECTION KILLERS There are such functionalities built into some Trojans, but there are also separate programs that will kill Zone Alarm, Norton Anti-Virus and many other (popular anti- virus/firewall) programs, that protect the target machine. When they are disabled, the attacker has full access to the machine to perform some illegal activity or use the computer to attack others and often disappear.
MODES OF TRANSMISSION  ICQ  IRC  Attachments  Physical Access  Browser And E-mail Software Bugs NETBIOS(FILE SHARING) Fake Programs Un-trusted Sites And Freeware Software
ICQ Here also, the threat comes from exchange of files no matter what they claim to be or where they come from. It is possible that some of these are infected files or disguised files. People can also get infected while chatting / talking / video messaging over ICQ or any other Instant Messenger Application. It is a risk that the user undertakes when it comes to receiving files no matter from whom or where it comes. IRC
ATTACHMENTS Physical access to a target machine is perhaps the easiest way for an attacker to infect a machine. The motive may be a prank or just plain curiosity. Physical Access Any attachment, even if it is from a known source should be screened as it is possible that the source was infected earlier and is not aware of it.
BROWSER AND E-MAIL SOFTWARE BUGS If port 139 is opened, the attacker can install trojan .exe and modify some system file, so that it will run the next time the system is rebooted. To block file sharing in Windows version, go to: Start->Settings->Control Panel->Network->File and Print Sharing and uncheck the boxes there. Having outdated applications can expose the system to malicious programs such as Trojans without any other action on behalf of the attacker. NetBIOS (File Sharing)
GET A TROJAN LINK:- http://www.sourcecodester.com/visual- basic/trojan-subseven-alike.html From the above link download the server & client.exe files install the server file on your computer & send the client file to the IP address whom you want to hack or you want remote access on the computer.
CONCLUSION VIRUSES ARE NOT ONLY USED FOR HACKING OR FOR CRASHING HARD-DISK OR FOR DISTURBING OTHERS THEY ARE ALSO USED FOR REMOTE ACCESING A COMPUTER DURING SOFTWARE TROUBLE SHOOTING OR FOR CHECKING LISCENCE SOFTWARE AS EXAMPLE-WINDOWS GENUINE TEST PERFORMED BY MICROSOFT FOR TESTING LISCENCED OPERATING SYSTEM . SOMETIMES TROJAN SOFTWARE IS ALSO USED FOR KNOWING PASSWORDS OF YOUR COMPUTER OR FOR E-MAIL ID PASSWORDS OR FOR CREDIT CARDS NUMBERS AND THEIR PASSWORD .SO, BECARE FULL BEFORE SAVING PICTURES OR DATA SEND BY OTHERS.
Guide to Trojan Horses: Functions, Modes of Transmission & Prevention

Recommended

Ethical Hacking4
Ethical Hacking4Ethical Hacking4
Ethical Hacking4dodontn
 
Module 6 (trojans and backdoors)
Module 6 (trojans and backdoors)Module 6 (trojans and backdoors)
Module 6 (trojans and backdoors)Wail Hassan
 
Introduction to trojans and backdoors
Introduction to trojans and backdoorsIntroduction to trojans and backdoors
Introduction to trojans and backdoorsjibinmanjooran
 
Trojan backdoors
Trojan backdoorsTrojan backdoors
Trojan backdoorsseth edmond
 
Seminar On Trojan Horse
Seminar On Trojan HorseSeminar On Trojan Horse
Seminar On Trojan HorseNikhil Chabukswar
 
Information security & EthicalHacking
Information security & EthicalHackingInformation security & EthicalHacking
Information security & EthicalHackingAve Nawsh
 
Trojans and backdoors
Trojans and backdoorsTrojans and backdoors
Trojans and backdoorsGaurav Dalvi
 
Backdoor
BackdoorBackdoor
Backdoorphanleson
 

Recommended

Ethical Hacking4
Ethical Hacking4Ethical Hacking4
Ethical Hacking4dodontn
 
Module 6 (trojans and backdoors)
Module 6 (trojans and backdoors)Module 6 (trojans and backdoors)
Module 6 (trojans and backdoors)Wail Hassan
 
Introduction to trojans and backdoors
Introduction to trojans and backdoorsIntroduction to trojans and backdoors
Introduction to trojans and backdoorsjibinmanjooran
 
Trojan backdoors
Trojan backdoorsTrojan backdoors
Trojan backdoorsseth edmond
 
Seminar On Trojan Horse
Seminar On Trojan HorseSeminar On Trojan Horse
Seminar On Trojan HorseNikhil Chabukswar
 
Information security & EthicalHacking
Information security & EthicalHackingInformation security & EthicalHacking
Information security & EthicalHackingAve Nawsh
 
Trojans and backdoors
Trojans and backdoorsTrojans and backdoors
Trojans and backdoorsGaurav Dalvi
 
Backdoor
BackdoorBackdoor
Backdoorphanleson
 
BackDoors Seminar
BackDoors SeminarBackDoors Seminar
BackDoors SeminarChaitali Patel
 
Introduction of hacking and cracking
Introduction of hacking and crackingIntroduction of hacking and cracking
Introduction of hacking and crackingHarshil Barot
 
Trojan
TrojanTrojan
Trojanbelcy d mathews
 
Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz) Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz) Komal Mehfooz
 
Detection of running backdoors
Detection of running backdoorsDetection of running backdoors
Detection of running backdoorsmridulahuja
 
Software security
Software securitySoftware security
Software securityjes_d
 
Hacking by Pratyush Gupta
Hacking by Pratyush GuptaHacking by Pratyush Gupta
Hacking by Pratyush GuptaTenet Systems Pvt Ltd
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9Geoff Pesimo
 
Hacking Presentation
Hacking PresentationHacking Presentation
Hacking PresentationAnimesh Behera
 
Final malacious softwares
Final malacious softwaresFinal malacious softwares
Final malacious softwaresMirza Adnan Baig
 
Botnets
BotnetsBotnets
BotnetsKavisha Miyan
 
Web backdoors attacks, evasion, detection
Web backdoors attacks, evasion, detectionWeb backdoors attacks, evasion, detection
Web backdoors attacks, evasion, detectionn|u - The Open Security Community
 
Botnets presentation
Botnets presentationBotnets presentation
Botnets presentationMahmoud Ibra
 
Mitppt
MitpptMitppt
MitpptAarti Prakash
 
Ce hv6 module 59 how to steal passwords
Ce hv6 module 59 how to steal passwordsCe hv6 module 59 how to steal passwords
Ce hv6 module 59 how to steal passwordsVi Tính Hoàng Nam
 
about botnets
about botnetsabout botnets
about botnetsAlain Bindele
 
BOTNET
BOTNETBOTNET
BOTNETArjo Ghosh
 
trojan horse- malware(virus)
trojan horse- malware(virus)trojan horse- malware(virus)
trojan horse- malware(virus)NamanKikani
 
Botnet
BotnetBotnet
BotnetJoshin Gomez
 
Security R U Totally Secure !
Security R U Totally Secure ! Security R U Totally Secure !
Security R U Totally Secure ! trendy updates
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoorsShrey Vyas
 
Trojan Backdoors
Trojan BackdoorsTrojan Backdoors
Trojan BackdoorsJauwadSyed
 

More Related Content

What's hot

Introduction of hacking and cracking
Introduction of hacking and crackingIntroduction of hacking and cracking
Introduction of hacking and crackingHarshil Barot
 
Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz) Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz) Komal Mehfooz
 
Detection of running backdoors
Detection of running backdoorsDetection of running backdoors
Detection of running backdoorsmridulahuja
 
Software security
Software securitySoftware security
Software securityjes_d
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9Geoff Pesimo
 
Botnets presentation
Botnets presentationBotnets presentation
Botnets presentationMahmoud Ibra
 
Ce hv6 module 59 how to steal passwords
Ce hv6 module 59 how to steal passwordsCe hv6 module 59 how to steal passwords
Ce hv6 module 59 how to steal passwordsVi Tính Hoàng Nam
 
trojan horse- malware(virus)
trojan horse- malware(virus)trojan horse- malware(virus)
trojan horse- malware(virus)NamanKikani
 
Security R U Totally Secure !
Security R U Totally Secure ! Security R U Totally Secure !
Security R U Totally Secure ! trendy updates
 

What's hot (20)

BackDoors Seminar
BackDoors SeminarBackDoors Seminar
BackDoors Seminar
 
Introduction of hacking and cracking
Introduction of hacking and crackingIntroduction of hacking and cracking
Introduction of hacking and cracking
 
Trojan
TrojanTrojan
Trojan
 
Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz) Security & threats Presentation => (Presenter: Komal Mehfooz)
Security & threats Presentation => (Presenter: Komal Mehfooz)
 
Detection of running backdoors
Detection of running backdoorsDetection of running backdoors
Detection of running backdoors
 
Software security
Software securitySoftware security
Software security
 
Hacking by Pratyush Gupta
Hacking by Pratyush GuptaHacking by Pratyush Gupta
Hacking by Pratyush Gupta
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9
 
Hacking Presentation
Hacking PresentationHacking Presentation
Hacking Presentation
 
Final malacious softwares
Final malacious softwaresFinal malacious softwares
Final malacious softwares
 
Botnets
BotnetsBotnets
Botnets
 
Web backdoors attacks, evasion, detection
Web backdoors attacks, evasion, detectionWeb backdoors attacks, evasion, detection
Web backdoors attacks, evasion, detection
 
Botnets presentation
Botnets presentationBotnets presentation
Botnets presentation
 
Mitppt
MitpptMitppt
Mitppt
 
Ce hv6 module 59 how to steal passwords
Ce hv6 module 59 how to steal passwordsCe hv6 module 59 how to steal passwords
Ce hv6 module 59 how to steal passwords
 
about botnets
about botnetsabout botnets
about botnets
 
BOTNET
BOTNETBOTNET
BOTNET
 
trojan horse- malware(virus)
trojan horse- malware(virus)trojan horse- malware(virus)
trojan horse- malware(virus)
 
Botnet
BotnetBotnet
Botnet
 
Security R U Totally Secure !
Security R U Totally Secure ! Security R U Totally Secure !
Security R U Totally Secure !
 

Similar to Guide to Trojan Horses: Functions, Modes of Transmission & Prevention

Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoorsShrey Vyas
 
Trojan Backdoors
Trojan BackdoorsTrojan Backdoors
Trojan BackdoorsJauwadSyed
 
The trojan horse virus
The trojan horse virusThe trojan horse virus
The trojan horse virusHTS Hosting
 
RAT - Kill or Get Killed! by Karan Bansal
RAT - Kill or Get Killed! by Karan BansalRAT - Kill or Get Killed! by Karan Bansal
RAT - Kill or Get Killed! by Karan BansalOWASP Delhi
 
The Trojan Horse (Computing)
The Trojan Horse (Computing)The Trojan Horse (Computing)
The Trojan Horse (Computing)Angel Sophie
 
Ids 007 trojan horse
Ids 007 trojan horseIds 007 trojan horse
Ids 007 trojan horsejyoti_lakhani
 
Security Pp Cis
Security Pp CisSecurity Pp Cis
Security Pp CisRobC76
 
Meeting02_RoT.pptx
Meeting02_RoT.pptxMeeting02_RoT.pptx
Meeting02_RoT.pptxothmanomar13
 
Methods of Cybersecurity Attacks
Methods of Cybersecurity AttacksMethods of Cybersecurity Attacks
Methods of Cybersecurity AttacksZyrellLalaguna
 
Presentation Virus (salami attack and trojan horse)
Presentation Virus (salami attack and trojan horse)Presentation Virus (salami attack and trojan horse)
Presentation Virus (salami attack and trojan horse)siti zulaikha
 
virus salami attack and trojan horse
virus salami attack and trojan horsevirus salami attack and trojan horse
virus salami attack and trojan horsesiti zulaikha
 
Torjan horse virus
Torjan horse virusTorjan horse virus
Torjan horse virussumitra22
 

Similar to Guide to Trojan Horses: Functions, Modes of Transmission & Prevention (20)

Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoors
 
Trojan Backdoors
Trojan BackdoorsTrojan Backdoors
Trojan Backdoors
 
Cyber Security Seminar Day 2
Cyber Security Seminar Day 2Cyber Security Seminar Day 2
Cyber Security Seminar Day 2
 
The trojan horse virus
The trojan horse virusThe trojan horse virus
The trojan horse virus
 
RAT - Kill or Get Killed! by Karan Bansal
RAT - Kill or Get Killed! by Karan BansalRAT - Kill or Get Killed! by Karan Bansal
RAT - Kill or Get Killed! by Karan Bansal
 
Case study
Case studyCase study
Case study
 
Trojan horse
Trojan horseTrojan horse
Trojan horse
 
Security threats
Security threatsSecurity threats
Security threats
 
Security threats
Security threatsSecurity threats
Security threats
 
The Trojan Horse (Computing)
The Trojan Horse (Computing)The Trojan Horse (Computing)
The Trojan Horse (Computing)
 
Ids 007 trojan horse
Ids 007 trojan horseIds 007 trojan horse
Ids 007 trojan horse
 
Information security
Information securityInformation security
Information security
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Security Pp Cis
Security Pp CisSecurity Pp Cis
Security Pp Cis
 
Meeting02_RoT.pptx
Meeting02_RoT.pptxMeeting02_RoT.pptx
Meeting02_RoT.pptx
 
Trojan Virus.pptx
Trojan Virus.pptxTrojan Virus.pptx
Trojan Virus.pptx
 
Methods of Cybersecurity Attacks
Methods of Cybersecurity AttacksMethods of Cybersecurity Attacks
Methods of Cybersecurity Attacks
 
Presentation Virus (salami attack and trojan horse)
Presentation Virus (salami attack and trojan horse)Presentation Virus (salami attack and trojan horse)
Presentation Virus (salami attack and trojan horse)
 
virus salami attack and trojan horse
virus salami attack and trojan horsevirus salami attack and trojan horse
virus salami attack and trojan horse
 
Torjan horse virus
Torjan horse virusTorjan horse virus
Torjan horse virus
 

Recently uploaded

SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetEnjoy Anytime
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 

Recently uploaded (20)

SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 

Guide to Trojan Horses: Functions, Modes of Transmission & Prevention

  • 1.
  • 2. INDEX INTRODUCTION WHAT IS TROJAN HORSE WHAT ARE THEIR FUNCTIONS HOW TROJAN WORKS MOST COMMON TROJANS MODES OF TRANSMISSION GET A TROJAN CONCLUSION
  • 3. INTRODUCTION Trojan Horses pose one of the most significant threats to the Windows OS, thus exposing sensitive information to malicious attackers, as well as providing them with full access to the computer, which often results in further illegal activities done via the infected computer.
  • 4. WHAT IS A TROJAN HORSE? Basically a Trojan horse can be defined as:  An unauthorized program contained within a legitimate program. This unauthorized program performs functions unknown (and probably unwanted) by the user.  A legitimate program that has been altered by the placement of unauthorized code within it; this code performs functions unknown (and probably unwanted) by the user.  Any program that appears to perform a desirable and necessary function but (because of unauthorized code within it that is unknown to the user) performs functions unknown (and definitely unwanted) by the user. The trojan has borrowed it's name from the old mythical story about how the Greeks gave their enemy a huge wooden horse as a gift, but after the enemy accepted it, during the night the Greek soldiers crept out of the horse and conquered the city.
  • 5. WHAT ARE THEIR FUNCTIONS?  Hide/show the Start button. Enable/Disable keyboard. Restart windows. Open/Close the CD-ROM tray. Turn monitor on/off.  File manager: This function acts as an explorer for the attacker while browsing through your system. Retrieve passwords: This function will provide the attacker with the recorded passwords on your computer.  KeyLogger: Logs all of the keys you've pressed, could be achieved in offline/online mode.
  • 6. HOW TROJANS WORK? Trojans work similar to the client-server model. Trojans come in two parts, a Client part and a Server part. The attacker deploys the Client to connect to the Server, which runs on the remote machine when the remote user (unknowingly) executes the Trojan on the machine. The typical protocol used by most Trojans is the TCP/IP protocol, but some functions of the Trojans may make use of the UDP protocol as well. When the Server is activated on the remote computer, it will usually try to remain in a stealth mode, or hidden on the computer. This is configurable - for example in the Back Orifice Trojan, the server can be configured to remain in stealth mode and hide its process. Once activated, the server starts listening on default or configured ports for incoming connections from the attacker. It is usual for Trojans to also modify the registry and/or use some other auto starting method.
  • 7. MOST COMMON TROJANS Remote Access Trojans Password Sending Trojans Keyloggers Destructive Proxy/Wingate Trojans FTP Trojans Software Detection Killers
  • 8. REMOTE ACCESS TROJAN These are the Trojans usually seen referred to in the media and hence gain high visibility because of their ability to give the attackers the power to do more things on the victim's machine than the victim itself, while standing in front of the machine. A remote access Trojan (RAT) is a malware program that includes a back door for administrative control over the target computer.
  • 9. RATs are usually downloaded invisibly with a user- requested program -- such as a game -- or sent as an email attachment. Once the host system is compromised, the intruder may use it to distribute RATs to other vulnerable computers and establish a botnet.
  • 10.  Because a RAT enables administrative control, it makes it possible for the intruder to do just about anything on the targeted computer, including: Monitoring user behavior through keyloggers or other spyware. Accessing confidential information, such as credit card and social security numbers. Activating a system's webcam and recording video. Taking screenshots. Distributing viruses and other malware. Formatting drives. Deleting, downloading or altering files and file systems.
  • 11. Password Sending Trojan These Trojans are directed towards extracting all the cached passwords and also capture other passwords entered by the victim and email them across to an attacker specified mail address, without the victim realizing it. The password harvest may include passwords for ICQ, IRC, FTP, HTTP or any other application that require a user to enter a login and password. Most of them do not restart when Windows is loaded, as the objective is to gather as much info about the victim's machine as passwords, mIRC logs, ICQ conversations and mail them to the attacker.
  • 12. A PASSWORD STEALING TROJAN IS USUALLY A STANDALONE APPLICATION THAT INSTALLS ITSELF TO SYSTEM AND SOMETIMES DROPS A KEYLOGGING COMPONENT. SUCH TROJAN STAYS ACTIVE IN WINDOWS MEMORY AND STARTS KEYLOGGING (RECORDING KEYSTROKES) WHEN A USER IS ASKED TO INPUT A LOGIN AND A PASSWORD. THEN A TROJAN STORES THE RECORDED KEYSTROKES DATA FOR LATER SUBMISSION OR SENDS THIS DATA TO A HACKER IMMEDIATELY. IN MANY CASES SUCH TROJANS ALSO SEND INFORMATION ABOUT USER'S COMPUTER IP, RAS (REMOTE ACCESS SERVER), AND NETWORK CONFIGURATION. A HACKER WHO GETS THIS INFO IS CAPABLE OF MISUSING OTHER PERSON'S INTERNET ACCOUNT AND IN SOME CASES HACK INTO USER'S NETWORK. STOLEN LOGINS AND PASSWORDS CAN ALLOW A HACKER TO READ USER'S E- MAIL ON PUBLIC AND CORPORATE MAIL SERVERS.
  • 13. KEYLOGGERS The only function of these Trojans is to destroy and delete files. They can deliberately delete core system files (for example: .dll, .ini or .exe files, possibly others) on the target machine. These Trojans log the keystrokes of the victim and then let the attacker search for passwords or other sensitive data in the log file. They usually come with two functions such as online and offline recording. As with the previous group, these Trojans can be configured to send the log file to a specific e-mail address on a regular basis. Destructive
  • 14. A DESTRUCTIVE TROJAN IS A VIRUS DESIGNED TO DESTROY OR DELETE FILES. DESTRUCTIVE TROJANS HAVE MORE TYPICAL VIRUS CHARACTERISTICS THAN OTHER TYPES OF TROJANS BUT DO NOT ALWAYS RESULT IN DATA THEFT. DESTRUCTIVE TROJANS MAY NOT BE DETECTED BY ANTIVIRUS SOFTWARE. ONCE A DESTRUCTIVE TROJAN INFECTS A COMPUTER SYSTEM, IT RANDOMLY DELETES FILES, FOLDERS, AND REGISTRY ENTRIES, OFTEN RESULTING IN OS FAILURES. A DESTRUCTIVE TROJAN IS USUALLY IN PROGRAM FORM OR MANIPULATED TO STRIKE LIKE A LOGIC BOMB PROGRAMMED AND SPECIFIED BY THE ATTACKER.
  • 15. PROXY/WINGATE TROJANS These Trojans open port 21(the port for FTP transfers) and lets anybody or just the attacker connect to the machine. They may be password protected so only the attacker is able connect to the computer. Underground sites are known to announce freely available proxy servers. These Trojans turn the victim's computer into a proxy/Wingate server available to the whole world or to the attacker only. It is used for anonymous Telnet, ICQ, IRC, etc., and also to register domains with stolen credit cards and for other illegal activities. This gives the attacker complete anonymity and the chance to do everything and point the trail to the victim. FTP Trojans
  • 16. SOFTWARE DETECTION KILLERS There are such functionalities built into some Trojans, but there are also separate programs that will kill Zone Alarm, Norton Anti-Virus and many other (popular anti- virus/firewall) programs, that protect the target machine. When they are disabled, the attacker has full access to the machine to perform some illegal activity or use the computer to attack others and often disappear.
  • 17. MODES OF TRANSMISSION  ICQ  IRC  Attachments  Physical Access  Browser And E-mail Software Bugs NETBIOS(FILE SHARING) Fake Programs Un-trusted Sites And Freeware Software
  • 18. ICQ Here also, the threat comes from exchange of files no matter what they claim to be or where they come from. It is possible that some of these are infected files or disguised files. People can also get infected while chatting / talking / video messaging over ICQ or any other Instant Messenger Application. It is a risk that the user undertakes when it comes to receiving files no matter from whom or where it comes. IRC
  • 19. ATTACHMENTS Physical access to a target machine is perhaps the easiest way for an attacker to infect a machine. The motive may be a prank or just plain curiosity. Physical Access Any attachment, even if it is from a known source should be screened as it is possible that the source was infected earlier and is not aware of it.
  • 20. BROWSER AND E-MAIL SOFTWARE BUGS If port 139 is opened, the attacker can install trojan .exe and modify some system file, so that it will run the next time the system is rebooted. To block file sharing in Windows version, go to: Start->Settings->Control Panel->Network->File and Print Sharing and uncheck the boxes there. Having outdated applications can expose the system to malicious programs such as Trojans without any other action on behalf of the attacker. NetBIOS (File Sharing)
  • 21. GET A TROJAN LINK:- http://www.sourcecodester.com/visual- basic/trojan-subseven-alike.html From the above link download the server & client.exe files install the server file on your computer & send the client file to the IP address whom you want to hack or you want remote access on the computer.
  • 22.
  • 23. CONCLUSION VIRUSES ARE NOT ONLY USED FOR HACKING OR FOR CRASHING HARD-DISK OR FOR DISTURBING OTHERS THEY ARE ALSO USED FOR REMOTE ACCESING A COMPUTER DURING SOFTWARE TROUBLE SHOOTING OR FOR CHECKING LISCENCE SOFTWARE AS EXAMPLE-WINDOWS GENUINE TEST PERFORMED BY MICROSOFT FOR TESTING LISCENCED OPERATING SYSTEM . SOMETIMES TROJAN SOFTWARE IS ALSO USED FOR KNOWING PASSWORDS OF YOUR COMPUTER OR FOR E-MAIL ID PASSWORDS OR FOR CREDIT CARDS NUMBERS AND THEIR PASSWORD .SO, BECARE FULL BEFORE SAVING PICTURES OR DATA SEND BY OTHERS.