SlideShare a Scribd company logo

trojon horse Seminar report

Download as DOCX, PDF
NamanKikani
NamanKikani

This document is a seminar report on Trojan horse malware presented by a student named Naman Kikani. It contains an introduction to malware and Trojans, chapters on what Trojans are and how they work, common types of Trojan malware, how Trojans are used, and how to protect yourself from Trojans. The report provides information on how Trojans can give attackers remote access and control over an infected computer without the user's knowledge to steal data or carry out other malicious activities. It describes some specific Trojans like backdoor and ransomware Trojans and explains how programs like Back Orifice work using a client-server model to control an infected machine remotely.

Technology
1 of 22
School of Engineering Seminar Report On Trojan horse-malware Academic Year 2019-20 Supervised by Supervisor’s Name Mr.Ravirajsinh Chauhan Sir Mr.Mitul Patel Sir P P Savani School of Science Student’sFull Name NAMAN KIKANI EnrollmentNo. 20SS02IT027 Branch: Bsc.it(B batch)
Trojon horse Malware 1
Trojon horse Malware 2 CERTIFICATE This is to certify that Mr. /Ms. ____________________________________________, Enrollment No. _______________________ from the Department of _____________________________________________, has successfullycompletedthe Seminar on the Trojon horse-Malware during June – Oct, 2019. Date: ________________________ Name and Sign of Supervisor
Trojon horse Malware 3 Table of Contents Sr. No Component Page. No. 1. Chapter 1: INTRODUCTION 5 2. Chapter 2: what is Trojon horse? 7 3. Chapter 3: How to work? 9 4. Chapter 4 : Common Tyapes of Trojon malware 10 5. Chapter 5: Trojan horse built for what? 16 6. Chapter 6 : Protect yourself 19 7 Chapter 7:Conclusion 20 8 Chapter 8 : References 21
Trojon horse Malware 4 List of Figures/Tables Sr. No Fig. Name Page. No. 1. 2.1 Trojon horse 7 2. 2.2 Malwarevirus 8 3. 4.1 Back Orifice RCTH Client 11 4. 4.2 NetbusClient 1.70 12 5. 4.3 A typical netstat display 13 6. 4.4 netstat display on a machine infected with Netbus. 14
Trojon horse Malware 5 CHAPTER 1 INTRODUCTION 1.1What is Malware?? Malware, short for malicious software, is a blanket term for viruses, worms, trojans and other harmful computer programs hackers use to wreak destruction and gain access to sensitive information. As Microsoft puts it, "[malware] is a catch-all term to refer to any software designed to cause damage to a single computer, server, or computer network." In other words, software is identified as malware based on its intended use, rather than a particular technique or technology used to build it. This means that the question of, say, what the difference is between malware and a virus misses the point a bit: a virus is a type of malware, so all viruses are malware (but not every piece of malware is a virus). 1.2Types of malware There are a number of different ways of categorizing malware; the first is by how the malicious software spreads. You've probably heard the words virus, trojan, and worm used interchangeably, but as Symantec explains, they describe three subtly different ways malware can infect target computers:  A worm is a standalone piece of malicious software that reproduces itself and spreads from computer to computer.  A virus is a piece of computer code that inserts itself within the code of another standalone program, then forces that program to take malicious action and spread itself.  A trojan is a program that cannot reproduce itself but masquerades as something the user wants and tricks them into activating it so it can do its damage and spread. Malware can also be installed on a computer "manually" by the attackers themselves, either by gaining physical access to the computer or using privilege escalation to gain remote administrator access. Another way to categorize malware is by what it does once it has successfully infected its victim's computers. There are a wide range of potential attack techniques used by malware:  Spyware is defined by Webroot Cybersecurity as "malware used for the purpose of secretly gathering data on an unsuspecting user." In essence, it spies on your behavior as you use your computer, and on the data you send and receive, usually with the purpose of sending that information to a third party. A keylogger is a specific kind of spyware that records all the keystrokes a user makes—great for stealing passwords.
Trojon horse Malware 6  A rootkit is, as described by TechTarget, "a program or, more often, a collection of software tools that gives a threat actor remote access to and control over a computer or other system." It gets its name because it's a kit of tools that (generally illicitly) gain root access (administrator-level control, in Unix terms) over the target system, and use that power to hide their presence.  Adware is malware that forces your browser to redirect to web advertisements, which often themselves seek to download further, even more malicious software. As The New York Times notes, adware often piggybacks onto tempting "free" programs like games or browser extensions.  Ransomware is a flavor of malware that encrypts your hard drive's files and demands a payment, usually in Bitcoin, in exchange for the decryption key. Several high-profile malware outbreaks of the last few years, such as Petya, are ransomware. Without the decryption key, it's mathematically impossible for victims to regain access to their files. So-called scareware is a sort of shadow version of ransomware; it claims to have taken control of your computer and demands a ransom, but actually is just using tricks like browser redirect loops to make it seem as if it's done more damage than it really has, and unlike ransomware can be relatively easily disabled.  Cryptojacking is another way attackers can force you to supply them with Bitcoin— only it works without you necessarily knowing. The crypto mining malware infects your computer and uses your CPU cycles to mine Bitcoin for your attacker's profit. The mining software may run in the background on your operating system or even as JavaScript in a browser window.  Malvertising is the use of legitimate ads or ad networks to covertly deliver malware to unsuspecting users’ computers. For example, a cybercriminal might pay to place an ad on a legitimate website. When a user clicks on the ad, code in the ad either redirects them to a malicious website or installs malware on their computer. In some cases, the malware embedded in an ad might execute automatically without any action from the user, a technique referred to as a “drive-by download.” Any specific piece of malware has both a means of infection and a behavioral category. So, for instance, WannaCry is a ransomware worm. And a particular piece of malware might have different forms with different attack vectors: for instance, the Emotet banking malware has been spotted in the wild as both a trojan and a worm. A look at the Center for Internet Security's top 10 malware offenders for June of 2018 gives you a good sense of the types of malware out there. By far the most common infection vector is via spam email, which tricks users into activating the malware, Trojan-style. WannaCry and Emotet are the most prevalent malware on the list, but many others, including NanoCore and Gh0st, are what's called Remote Access Trojans or RATs— essentially, rootkits that propagate like Trojans. Cryptocurrency malware like CoinMiner rounds out the list.
Trojon horse Malware 7 CHAPTER 2 What is Trojon Horse? 2.1What is trojon horse? “ The most dangerous Computer malware Trojan Horse Is the computer virus that is created by hackers and attackers and it’s dangerous virus.” 2.1 Trojon horse Trojan horse attacks pose one of the most serious threats to computer security. If you were referred here, youmay have not only been attacked but may also be attacking others unknowingly.According to legend, the Greeks won the Trojan war by hiding in a huge, hollow wooden horse to sneak into the fortified city of Troy.In today'scomputer world, a Trojan horse is defined as a "malicious, security-breaking program that is disguised as something benign". For example, you download whatappears to be a movie or music file, but when you clickon it, youunleash a dangerous program that erases your disk, sends yourcredit card numbers and passwords to a stranger, or lets that stranger hijack your computer to commit illegal denial of service attacks like those that have virtually crippled the DALnet IRC networkfor months on end. The followinggeneral information applies to all operating systems, but by far most of the damage is done to/withWindows users due to its vast popularity and many weaknesses. (Note: Many people use terms like Trojan horse, virus, worm, hacking and cracking all interchangeably, but they really don't mean the same thing. Let's just say that once you are "infected", trojans are just as dangerous as viruses and can spread to hurt others just as easily!) Trojans can be far more malicious than viruses and youshould care - they're programs that let someone else remotely administer your computer withoutyour knowing about it. There are legitimate programs that do this too, systems administrators use them to administer networks, but Trojans are a different matter. If you'reon a network youknow it has an administrator to keep things running smoothly. A Trojan can be planted by anyone, without your permission or knowledge. And unlike a remote administration program, a Trojan can be highly destructive. So let's take a quick lookat whatTrojans do, and more importantly, what you can do to stop them. Trojans can log every keystroke youtype (even when you're offline) and have your e-mail program send the information to the person who planted the Trojan without your knowingit. Trojans can get all your passwords, credit card numbers and other information stored on yourcomputer - or even things that you type into the computer and don't save. They can be used to read, delete or change all your files, turn your screen upside down,abruptly disconnect you fromthe Internet, or direct yourbrowser to only certain web sites and other nuisances. It gets worse - Trojans can be used to spy on you through your chat and instant message programs, web cam or microphone, and even destroy your hardware. They can damage your reputation as well as yourhardware and data. Trojans can be used to get into your address book and send very convincinglooking e-mails saying whateversomeone else likes from you to youremployer, bank manager, clients, girlfriend, whomever, and they can make you seem to say really awfulthings topeople in on-line chats or conferences. You can imagine some of the consequences - a 'Net conferencewith important clients and youwon'tsee
Trojon horse Malware 8 the message coming from you saying "screw you,you'reall a bunch of lamers anyway,"but the persons you'retalking with will.Or someone can plant a Trojan and use yourcomputer to hack into somebody else's computer. And all kinds of other bad things. Possibly the worst things about Trojans are that most people don't even know they exist, and most anti-virus scanners do not pick up or delete them. Trojans are becoming more common, especially as more people have cable and DSL or other "always on" connections,though youcan get them using regular dial-up connections too. And some of the newer Trojans are harder to detect (this is one reason to be careful of running .htm or .html files youreceive by e-mail - there are Trojans out now that use HTML code and will bypass firewalls- a couple of examples are NOOB and godmessage). They are, in short, very easy to plant on your computer withoutyour knowing it until substantial damage has been done. There are all kinds of script kiddies out there using ICQ and IRC, not to mention e-mail. Criminals use the Internet, too, and there may be people out there who just plain don't like youand would do something that vicious to get revenge - the Internet, like the real world,has its share of crackpots,and most of these programs require no technical expertise to use. Be aware enough from reading this to realize that Trojans can be a serious threat to your privacy,reputation, data and computer hardware. There are some things youcan do. Be careful about accepting files overthe Internet or opening e-mail attachments unless you know what they are and who they'refrom. Get a good firewall,like Zonealarm, available free from Zonelabs. Evenif other firewalls have had youbefuddled, this one won't.It's very powerfuland it's also very user- friendly. And head over to the Moosoft site and pick up a copy of The Cleaner. It's a great anti-trojan scanning and cleaning program, and it also has a neat little feature called TCActivethat youcan run at Windows startup. It'llsit in your system tray,use almost no computer resources, and keep any knownTrojans fromactivating on yourmachine. If you do find your machine infected with a Trojan Horse program, don't panic. Disconnectfrom the Internet, run your Trojan scanner, and delete the Trojan. Trojans can't be cleaned, like many viruses can. They can only be deleted, but doing this will in no way harm your machine or your software. 2.2 Malware virus
Trojon horse Malware 9 CHAPTER 3 How to works? 3.1 How to work trojonhorse malware? Trojans are also known to create a backdoor on your computer that gives malicious users access to your system, possibly allowing confidential or personal information to be compromised. Unlike other viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate. • Nothing But a Server Client Program • Uses TCP/IP protocol as well as UDP protocol • It is only be send to the target system by user interaction only. What’s the most used programming Language for writing Trojan virus? C Programming Language. C# Programming Language.
Trojon horse Malware 10 CHAPTER 4 Common Tyapes of Trojon malware 4.1 Commontypes ofTrojan malware Here’s a look at some of the most common types of Trojan malware, including their names and what they do on your computer: 4.1.1 Backdoor Trojan This Trojan can create a “backdoor” on your computer. It lets an attacker access your computer and control it. Your data can be downloaded by a third party and stolen. Or more malware can be uploaded to your device. 4.1.2 Distributed Denial of Service (DDoS) attack Trojan This Trojan performs DDoS attacks. The idea is to take down a network by flooding it with traffic. That traffic comes from your infected computer and others. 4.1.3 Downloader Trojan This Trojan targets your already-infected computer. It downloads and installs new versions of malicious programs. These can include Trojans and adware. 4.1.4 Fake AV Trojan This Trojan behaves like antivirus software, but demands money from you to detect and remove threats, whether they’re real or fake. 4.1.5 Game-thief Trojan The losers here may be online gamers. This Trojan seeks to steal their account information. 4.1.6 Infostealer Trojan As it sounds, this Trojan is after data on your infected computer. 4.1.7Mailfinder Trojan This Trojan seeks to steal the email addresses you’ve accumulated on your device. 4.1.8 Ransom Trojan This Trojan seeks a ransom to undo damage it has done to your computer. This can include blocking your data or impairing your computer’s performance. 4.1.9 Remote Access Trojan This Trojan can give an attacker full control over your computer via a remote network connection. Its uses include stealing your information or spying on you.
Trojon horse Malware 11 4.1.10 Rootkit Trojan A rootkit aims to hide or obscure an object on your infected computer. The idea? To extend the time a malicious program runs on your device. 4.1.11 SMS Trojan This type of Trojan infects your mobile device and can send and intercept text messages. Texts to premium-rate numbers can drive up your phone costs. 4.1.12 Trojan banker This Trojan takes aim at your financial accounts. It’s designed to steal your account information for all the things you do online. That includes banking, credit card, and bill pay data. 4.1.13 Trojan IM This Trojan targets instant messaging. It steals your logins and passwords on IM platforms. Problem Detection and Removal RCTH Program Operation Before outlining detection and removal procedures, let’s discuss the operation of the RCTH programs. Tosolve a problem you must first understand it. More importantly, there is no absolute solution to these programs and definitely no "tell me what keysto press" solution. A good understanding of how the RCTH programs work and how they can hide is the best weapon. There are now hundreds of this type of program. They all consist of two parts...a server that runs on your computer, and a client that runs on the controlling computer (shown below).They are all freely available on the Internet. The server silently opens up a virtual networkport and listens for requests from clients. People running the clients can connect to the server from anywhere on the Internet and controlyour computer almost like they were sitting in front of it. In fact,some things are easier using these programs than they wouldbe using your keyboard. For example, the program automatically decrypts passwords used to protect Microsoftshared directories. They can also scan a range of addresses looking forlistening servers so once you're infected, anyone can find you. 4.1 Back Orifice RCTH Client
Trojon horse Malware 12 4.2 Netbus Client 1.70 The server program can be named anything so youcan't simply look fora list of names. Detection 1. Install and run BOClean. The manual procedures below are forpeople who,for some reason, don'thave access to BOClean. There are four waysto detect RCTH programs: 1. Check the of running processes for a match against a "Trojan database". 2. Check for programs fingerprint of files fora match against a "Trojan database". 3. Check the fingerprint that are automatically started when you boot yourcomputer. 4. Check for open virtual network ports. Each has limitations and advantages. The first two methods are traditional virus checkingmethods. They depend upon a database of code fragments or patterns that uniquely identify each of the suspect programs or behavior analysis that leads a file to be suspect. Of course, the database has to be constantly updated to keep up with new programs. The file checkmethod can be time consuming because it has to checkevery file. However,most virus tools now do this only once when they'reinstalled and then only in the background when a fileis read. The process checkonly examines running programs so it can be quicker. Note that if the writer of the RCTH program obfuscated the fingerprint using compression, encryption,overlays, or some other method, the fingerprint may not be recognizable to the toolas a RCTH program. This possibility and the lag time associated with updating tools to detect new programs' fingerprints necessitates multiple checksusing each of the detection methods. Keep in mind that "fingerprint tools" only workif they know the fingerprint. The fingerprint protection tools can find the publicized or otherwise discovered programs because they know about them. On the other hand, if someone wanted to target an individual or organization, had the ability to write their ownprogram, and kept quiet about it, traditional fingerprint tools like virus checkers wouldnever find it. All the presently identified RCTH programs automatically restart when you boot your computer. To do this they have an entry in the registry, the win.ini file, the system.ini file, the autoexec.bat file, the startup folder or similar places. Of course, lots of other programs automatically start up when you boot so the challenge is identifying the ones that aren't supposed to be there. Since the RCTH programs can be renamed, this is not a small challenge. If the programs were installed with their default names, they are easy to spot. If they'vebeen renamed, we have to verify that the file is actually something we want started. Sometimes there is no way to do this except to remove the entry and see whatbreaks. StartupCop is an easy to use tool that allowsyou to enable and disable the various startup items as you'reinvestigating. All the presently identified RCTH programs open a virtual networkport to communicate. Every TCP/IP based system has a set of 131,070 ports it can use to communicate with other computers. Some ports are dedicated to particular uses. For example port 80 is used by a web server, port 25 by a mail server, and ports 137-139 are used
Trojon horse Malware 13 by Microsoftfile sharing services. Each of the RCTH programs also have default ports on which they listen forconnections by other machines. If we find one of these default ports active,we're almost guaranteed that we'vedetected an infection. On the other hand, these programs allow the interloper to change the default port. In that case, wehave to verify that any open port has been opened by a program that we authorized to run. Twotools to perform this task are Foundstone's FPort(free)and Winternal's TCPViewPro(fee).Finally,some desktop firewalls will tell youwhat programs are opening what ports. Withoutsuch a tool, it becomes a matter of stopping services to see what ports close. Another problem occurswhen the RCTH program doesn't hold the port open continuously.At least one program sits silently until it has some data to send (yourpasswords), opens a port, sends data, and closes the port. As you can see there are waysaround every detection method. That is why the only 100% effectivesolution to this problem is not to get infected in the first place. Of course, that is not toorealistic unless we refuse to run any programs because there is always a chance, howeverslight, one of these RCTH programs might get by a big vendor. Besides, there are many, many useful programs written by shareware and freewareauthors that would be a shame to ignore. However,the need for care has been exponentially increased due to these RCTH programs. Another option is the ages old unix (and other host) system administration trickof fingerprinting yourcritical files and checking them for modifications once in a while using something like Tripwire. Virtual Port Example. We will use the DOS utility netstat to checkforopen ports. If you'reusing Windows NT4 or Windows 98 you can proceed to the checks below.Unfortunately,the original TCP stack that comes with Windows 95 doesn't produce accurate reports. It will tell youyour computer isn't vulnerable when it actually is. To fixthis problem, upgrade your Windows95 TCP/IP stackby downloading and running the MicrosoftWinsock2patch before performing the rest of this procedure. This has been a rather simple and painless upgrade for everyoneI'vetalked to. It may also increase your networkperformance and reliability. The MicrosoftDial-up patch 1.3 also installs winsock2but it is more complicatedto install. If youhave access to Winternals TCPViewPro,use that instead. It has the advantage of telling youwhat program is talking on each port...something netstat doesn't do in the Windowsworld. Recently, Foundstone released a similar tool called FPortthat is free. 1. Open an MSDOS window. 2. Close all other programs.. 4.3 A typical netstat display. 3. Type netstat -an 4. Examine the second column after the colon. In the listing above, the item of interest in the first line is "80" and in the second line is "135". These are the virtual port numbers by which
Trojon horse Malware 14 programs communicate with the outside world. Other computers which want to communicate with yourmachine must use yourIP address plus one of these virtual ports to form the equivalent of a telephone number to find you. In the example above, a personal web server is listening on port 80. 5. If yousee the numbers '12345 'or '31337', youalmost definitely have one of the programs installed (Netbus and Back Orificerespectively).The Netbus port is activebelow. 6. The list above has many additional ports open whichmakes it confusing. Most of these ports were caused by having a web and email browser open. To decrease the number of ports you need to examine its best to run netstat right after a reboot and before any other applications are started. Many Windows 95/98 machines will only have ports 137, 138, and 139 activefor Microsoftfile sharing use. If youdon't use Microsoftfile sharing, turn it off in the network controlpanel so youdon't have those ports open. Youcan also delete the netbios protocolin the same place. Otherwise, you have to ensure that all open ports are supposed to be open which requires a familiarity with network protocolsand services. Generally, you'llfind that these ports are opened by programs that are automatically started in the registry. So the process of validating registry entries is related to the process of validating ports. Sometimes it just boils down to removing registry entries (aftercopying the information forrestoration if needed) and seeing what breaks and whatports no longer open. Its a tedious process. One helpful hint. If you telnet to a port on which Netbus is listening, it will answer "Netbus v1.x"depending upon the version. 4.4netstat display on a machine infected with Netbus.
Trojon horse Malware 15 • Joakim vonBraun's Trojan Database • NetworkIce • DosHelp • Internet Assigned Numbers Authority
Trojon horse Malware 16 CHAPTER 5 Trojan horse built for what? 5.1 Built for stealing: 1- Credit cards and master cards..etc. 2- Email addresses. 3-Work projects. 4-Photos and other files. 5-Passwords and secret codes. 5.2 Tasks of the Trojon • erasing or overwriting data on a computer • corrupting files in a subtle way • spreading other malware, such as viruses. In this case the Trojan horse is called a 'dropper'. • To launch DDoS attacks or send Spam. • logging keystrokes to steal information such as passwords and credit card numbers (known as a key logger) • phish for bank or other account details, which can be used for criminal activities. • Shutting down the windows and rebooting of windows etc. 5.3 ANTI-TROJANS AntiTrojan software specifically designed to help detect Trojans (notnecessarily virus/worms). Most can be run along side yourchosen antivirus program. Howeverno trojan scanner is 100% effectiveas manufactures cannot keep up withthe rapid change of viruses that happens daily. Be sure to update yours regularly! 5.3.1 Anti-Trojan Anti-Trojan 5.5 is a powerful trojan scanner and remover which detects more than 9000 different types of trojan horses. It uses three methods to find them. The first is the portscan which gives you information if there are open ports on your computer. The
Trojon horse Malware 17 second one is the registry scan which searches through the system registry database for trojans. The third and the most important part is the disk scan. It scans your harddisks for dangerous trojan files and removes them safely. Supports: Win95/98/ME/NT4/2000/XP Supports many languages. 5.3.2 PC Door-Guard A full-featured extensive and thorough intrusion scanner that scans any media on your PC for backdoors and trojan horses. Supports: Win95/98/ME/NT/2000 5.3.3 Pestpatrol PestPatrol is a utility, similar to anti-virus products, but instead of scanning for viruses it scans for worms and Trojans, even tools and utilities used by hackers and maybe even trusted employees. Used along with anti-virus software, PestPatrol will keep you safe from malicious objects, commonly referred to as Pests. You routinely scan for viruses, why not make PestPatrol part of your daily routine? Supports: Win95/98/ME/NT/2000/XP SubSevenTrojan. SubSeven was made to fill in the gaps left by NetBus. NetBus was the first 'point and click' Trojan that made it very easy for hackers to abuse an infected system. The makers of SubSeven wanted to take this even further and give the hackers even more control than NetBus ever could. SubSeven can do everything that NetBus can do. This includes things such as • File controls  Upload / Download o Move, Copy, Rename, Delete o Erase hard drives and other disks o Execute programs • Monitoring  Can see your screen as you see it o Log any/all key presses (even hidden passwords) o Open/close/move windows o Move mouse • Network control  Can see all open connections to and from your computer o Can close connections
Trojon horse Malware 18  Can 'bounce' or relay from their system to yours, so wherever they connect it seems as if You are doing it. This is how they prevent getting caught breaking into other computer systems and get You in trouble!  The SubSeven Trojan can also be configured to inform someone when its infected computer connects to the internet, and tells that person all the information about you they need to use the trojan aginst you.  This notification can be done over an IRC network, by ICQ, or by email.
Trojon horse Malware 19 CHAPTER 6 Protect your self…? 6.1 protect your computer from Trojan? 1- Don’t open unknown links. 2- Don’t connect unknown USB and other connecters. 3- Don’t open any offers in sites. 4- use best antivirus software. Avast is the best. 5- use best Trojan Remover Software. 6- Delete unwanted old files.
Trojon horse Malware 20 CHAPTER 7 CONCLUSION • In this seminar we have learned what is Trojan and all the functionality and aspects of the Trojan horse. • Trojans are malicious programs that claims to be something desirable but they are much more dangerous than viruses and may steal yourdata or may damage ,erase your disk. So be careful while downloading any document , movie ,music file etc..from internet. It is evident that there will soon be some very sophisticated ways to hide this type of program. If youvalue your privacy,yourcomputer data, and your reputation, it is imperative to refuse to run unknown executable programs. It is unfortunate that the publishing of these easily used and abused programs has made our computing environment less friendly to sharing and open communication. However,if the programs hadn't been publicized, sneakier people could have used similar tactics without warning. Almost every existing operating system allows the sort of features that make RCTH programs possible. Operators run programs. • Programs open sockets. Programs capture keystrokes. Operating systems provide mechanisms to automatically start programs. The vulnerability that exists is that we (industry wide) use computers that don't have many internal controls. They let us do what we want.Without internal controls, it is up to us to control them. If wedon't controlthem, we'lleither have increasingly serious security breaches or the computer industry will go back to lockeddown mainframe type processing to forceautomatic controls. I suspect this latest threat willhasten the use of "certified applications", increased access controls to both organizational data and the Internet, locked down desktop configurations, the "NetworkComputer/Browser/Application Server architecture, and an increased level of caution associated with our computing environment. Maybe hackers willforce us back to terminals (static browsers), mainframes(application servers), and service bureaus(application service providers).
Trojon horse Malware 21 CHAPTER 8 REFERENCES ReserchpaperHelp: https://www.homeworkping.com/ 1.http://www.windowsecurity.com/Trojan_horse 2.https://us.norton.com/internetsecurity- malware-what-is-a-trojan.aaa 3.https://www.csoonline.com/article/3295877/ what-is-malware-viruses-worms-trojans-and- beyond.html 4.https://www.slideshare.net/search/slideshow? searchfrom=header&q=trojan+horse+report&u d=&ft=&lang=&sort=

Recommended

Virus and worms
Virus and wormsVirus and worms
Virus and wormsVikas Sharma
 
Malware detection-using-machine-learning
Malware detection-using-machine-learningMalware detection-using-machine-learning
Malware detection-using-machine-learning
Security Bootcamp
 
Malicious Software Identification
Malicious Software IdentificationMalicious Software Identification
Malicious Software Identification
sandeep shergill
 
Trojan Horse Presentation
Trojan Horse PresentationTrojan Horse Presentation
Trojan Horse Presentationikmal91
 
Malware and it's types
Malware and it's typesMalware and it's types
Malware and it's types
Aakash Baloch
 
Random number generator
Random number generatorRandom number generator
Random number generatorSyed Atif Naseem
 
Trojans and backdoors
Trojans and backdoorsTrojans and backdoors
Trojans and backdoors
Gaurav Dalvi
 
Malicious software
Malicious softwareMalicious software
Malicious software
Dr.Florence Dayana
 

Recommended

Virus and worms
Virus and wormsVirus and worms
Virus and wormsVikas Sharma
 
Malware detection-using-machine-learning
Malware detection-using-machine-learningMalware detection-using-machine-learning
Malware detection-using-machine-learning
Security Bootcamp
 
Malicious Software Identification
Malicious Software IdentificationMalicious Software Identification
Malicious Software Identification
sandeep shergill
 
Trojan Horse Presentation
Trojan Horse PresentationTrojan Horse Presentation
Trojan Horse Presentationikmal91
 
Malware and it's types
Malware and it's typesMalware and it's types
Malware and it's types
Aakash Baloch
 
Random number generator
Random number generatorRandom number generator
Random number generatorSyed Atif Naseem
 
Trojans and backdoors
Trojans and backdoorsTrojans and backdoors
Trojans and backdoors
Gaurav Dalvi
 
Malicious software
Malicious softwareMalicious software
Malicious software
Dr.Florence Dayana
 
Torjan horse virus
Torjan horse virusTorjan horse virus
Torjan horse virussumitra22
 
Trojan Horse Virus
Trojan Horse VirusTrojan Horse Virus
Trojan Horse Virus
sitinursyafiqah
 
PACKET Sniffer IMPLEMENTATION
PACKET Sniffer IMPLEMENTATIONPACKET Sniffer IMPLEMENTATION
PACKET Sniffer IMPLEMENTATIONGoutham Royal
 
Computer virus
Computer virus Computer virus
Computer virus
Kawsar Ahmed
 
Lecture 3
Lecture 3Lecture 3
Lecture 3
Education
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptx
ANIKETKUMARSHARMA3
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoors
Shrey Vyas
 
Malware classification using Machine Learning
Malware classification using Machine LearningMalware classification using Machine Learning
Malware classification using Machine Learning
Japneet Singh
 
Ppt123
Ppt123Ppt123
Ppt123
Faiz Khan
 
What is a computer virus
What is a computer virusWhat is a computer virus
What is a computer virus
Kriti kohli
 
Packet Sniffer
Packet Sniffer Packet Sniffer
Packet Sniffer
vilss
 
Trojan horse
Trojan horseTrojan horse
Trojan horse
Gaurang Rathod
 
Malicious
MaliciousMalicious
Malicious
Khyati Rajput
 
Malware Classification and Analysis
Malware Classification and AnalysisMalware Classification and Analysis
Malware Classification and Analysis
Prashant Chopra
 
Mano cervello
Mano cervelloMano cervello
Mano cervelloimartini
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
PranjalShah18
 
Detection of cyber-bullying
Detection of cyber-bullying Detection of cyber-bullying
Detection of cyber-bullying
Ziar Khan
 
Antivirus - Virus detection and removal methods
Antivirus - Virus detection and removal methodsAntivirus - Virus detection and removal methods
Antivirus - Virus detection and removal methods
Somanath Kavalase
 
Fyp
FypFyp
Fyp
KayDrive
 
Password craking techniques
Password craking techniques Password craking techniques
Password craking techniques أحلام انصارى
 
Types of Malware (CEH v11)
Types of Malware (CEH v11)Types of Malware (CEH v11)
Types of Malware (CEH v11)
EC-Council
 
MALWARES.pptx
MALWARES.pptxMALWARES.pptx
MALWARES.pptx
jeffautor15
 

More Related Content

What's hot

Torjan horse virus
Torjan horse virusTorjan horse virus
Torjan horse virussumitra22
 
Trojan Horse Virus
Trojan Horse VirusTrojan Horse Virus
Trojan Horse Virus
sitinursyafiqah
 
PACKET Sniffer IMPLEMENTATION
PACKET Sniffer IMPLEMENTATIONPACKET Sniffer IMPLEMENTATION
PACKET Sniffer IMPLEMENTATIONGoutham Royal
 
Computer virus
Computer virus Computer virus
Computer virus
Kawsar Ahmed
 
Lecture 3
Lecture 3Lecture 3
Lecture 3
Education
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptx
ANIKETKUMARSHARMA3
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoors
Shrey Vyas
 
Malware classification using Machine Learning
Malware classification using Machine LearningMalware classification using Machine Learning
Malware classification using Machine Learning
Japneet Singh
 
Ppt123
Ppt123Ppt123
Ppt123
Faiz Khan
 
What is a computer virus
What is a computer virusWhat is a computer virus
What is a computer virus
Kriti kohli
 
Packet Sniffer
Packet Sniffer Packet Sniffer
Packet Sniffer
vilss
 
Trojan horse
Trojan horseTrojan horse
Trojan horse
Gaurang Rathod
 
Malicious
MaliciousMalicious
Malicious
Khyati Rajput
 
Malware Classification and Analysis
Malware Classification and AnalysisMalware Classification and Analysis
Malware Classification and Analysis
Prashant Chopra
 
Mano cervello
Mano cervelloMano cervello
Mano cervelloimartini
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
PranjalShah18
 
Detection of cyber-bullying
Detection of cyber-bullying Detection of cyber-bullying
Detection of cyber-bullying
Ziar Khan
 
Antivirus - Virus detection and removal methods
Antivirus - Virus detection and removal methodsAntivirus - Virus detection and removal methods
Antivirus - Virus detection and removal methods
Somanath Kavalase
 
Fyp
FypFyp
Fyp
KayDrive
 

What's hot (20)

Torjan horse virus
Torjan horse virusTorjan horse virus
Torjan horse virus
 
Trojan Horse Virus
Trojan Horse VirusTrojan Horse Virus
Trojan Horse Virus
 
PACKET Sniffer IMPLEMENTATION
PACKET Sniffer IMPLEMENTATIONPACKET Sniffer IMPLEMENTATION
PACKET Sniffer IMPLEMENTATION
 
Computer virus
Computer virus Computer virus
Computer virus
 
Lecture 3
Lecture 3Lecture 3
Lecture 3
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptx
 
Trojan virus & backdoors
Trojan virus & backdoorsTrojan virus & backdoors
Trojan virus & backdoors
 
Malware classification using Machine Learning
Malware classification using Machine LearningMalware classification using Machine Learning
Malware classification using Machine Learning
 
Ppt123
Ppt123Ppt123
Ppt123
 
What is a computer virus
What is a computer virusWhat is a computer virus
What is a computer virus
 
Packet Sniffer
Packet Sniffer Packet Sniffer
Packet Sniffer
 
Trojan horse
Trojan horseTrojan horse
Trojan horse
 
Malicious
MaliciousMalicious
Malicious
 
Malware Classification and Analysis
Malware Classification and AnalysisMalware Classification and Analysis
Malware Classification and Analysis
 
Mano cervello
Mano cervelloMano cervello
Mano cervello
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Detection of cyber-bullying
Detection of cyber-bullying Detection of cyber-bullying
Detection of cyber-bullying
 
Antivirus - Virus detection and removal methods
Antivirus - Virus detection and removal methodsAntivirus - Virus detection and removal methods
Antivirus - Virus detection and removal methods
 
Fyp
FypFyp
Fyp
 
Password craking techniques
Password craking techniques Password craking techniques
Password craking techniques
 

Similar to trojon horse Seminar report

Types of Malware (CEH v11)
Types of Malware (CEH v11)Types of Malware (CEH v11)
Types of Malware (CEH v11)
EC-Council
 
MALWARES.pptx
MALWARES.pptxMALWARES.pptx
MALWARES.pptx
jeffautor15
 
MALWARE
MALWAREMALWARE
MALWARE
Anupam Das
 
The trojan horse virus
The trojan horse virusThe trojan horse virus
The trojan horse virus
HTS Hosting
 
Cyber Security Seminar Day 2
Cyber Security Seminar Day 2Cyber Security Seminar Day 2
Cyber Security Seminar Day 2
Apurv Singh Gautam
 
Malware
MalwareMalware
Malware
Anoushka Srivastava
 
viruses.pptx
viruses.pptxviruses.pptx
viruses.pptx
AsadbekAbdumannopov
 
Computer crimes
Computer crimesComputer crimes
Computer crimes
Muniba Bukhari
 
Malware Infections
Malware InfectionsMalware Infections
Malware Infections
Jessica Howard
 
Information security
Information securityInformation security
Information security
JAMEEL AHMED KHOSO
 
The malware (r)evolution
The malware (r)evolutionThe malware (r)evolution
The malware (r)evolution
ITrust - Cybersecurity as a Service
 
Security threats and attacks in cyber security
Security threats and attacks in cyber securitySecurity threats and attacks in cyber security
Security threats and attacks in cyber security
Shri ramswaroop college of engineering and management
 
Types of Malware.docx
Types of Malware.docxTypes of Malware.docx
Types of Malware.docx
SarahReese14
 
Ethical hacking trojans, worms and spyware
Ethical hacking trojans, worms and spywareEthical hacking trojans, worms and spyware
Ethical hacking trojans, worms and spyware
missstevenson01
 
Type of Malware and its different analysis and its types !
Type of Malware and its different analysis and its types !Type of Malware and its different analysis and its types !
Type of Malware and its different analysis and its types !
Mohammed Jaseem Tp
 
Cyber Malware Programs And The Internet
Cyber Malware Programs And The InternetCyber Malware Programs And The Internet
Cyber Malware Programs And The Internet
Heidi Maestas
 
Guest Lecture-Computer and Cyber Security.pptx
Guest Lecture-Computer and Cyber Security.pptxGuest Lecture-Computer and Cyber Security.pptx
Guest Lecture-Computer and Cyber Security.pptx
GudipudiDayanandam
 
Dickmaster
DickmasterDickmaster
Dickmaster
DickMaster1
 
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)
Debabrata Singh
 
Cyber-Security-CIT good for 1st year engineering students
Cyber-Security-CIT good for 1st year engineering studentsCyber-Security-CIT good for 1st year engineering students
Cyber-Security-CIT good for 1st year engineering students
DrPraveenKumar37
 

Similar to trojon horse Seminar report (20)

Types of Malware (CEH v11)
Types of Malware (CEH v11)Types of Malware (CEH v11)
Types of Malware (CEH v11)
 
MALWARES.pptx
MALWARES.pptxMALWARES.pptx
MALWARES.pptx
 
MALWARE
MALWAREMALWARE
MALWARE
 
The trojan horse virus
The trojan horse virusThe trojan horse virus
The trojan horse virus
 
Cyber Security Seminar Day 2
Cyber Security Seminar Day 2Cyber Security Seminar Day 2
Cyber Security Seminar Day 2
 
Malware
MalwareMalware
Malware
 
viruses.pptx
viruses.pptxviruses.pptx
viruses.pptx
 
Computer crimes
Computer crimesComputer crimes
Computer crimes
 
Malware Infections
Malware InfectionsMalware Infections
Malware Infections
 
Information security
Information securityInformation security
Information security
 
The malware (r)evolution
The malware (r)evolutionThe malware (r)evolution
The malware (r)evolution
 
Security threats and attacks in cyber security
Security threats and attacks in cyber securitySecurity threats and attacks in cyber security
Security threats and attacks in cyber security
 
Types of Malware.docx
Types of Malware.docxTypes of Malware.docx
Types of Malware.docx
 
Ethical hacking trojans, worms and spyware
Ethical hacking trojans, worms and spywareEthical hacking trojans, worms and spyware
Ethical hacking trojans, worms and spyware
 
Type of Malware and its different analysis and its types !
Type of Malware and its different analysis and its types !Type of Malware and its different analysis and its types !
Type of Malware and its different analysis and its types !
 
Cyber Malware Programs And The Internet
Cyber Malware Programs And The InternetCyber Malware Programs And The Internet
Cyber Malware Programs And The Internet
 
Guest Lecture-Computer and Cyber Security.pptx
Guest Lecture-Computer and Cyber Security.pptxGuest Lecture-Computer and Cyber Security.pptx
Guest Lecture-Computer and Cyber Security.pptx
 
Dickmaster
DickmasterDickmaster
Dickmaster
 
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)
Security Threats to machine Learning( ARTIFICIAL INTELLIGENCE)
 
Cyber-Security-CIT good for 1st year engineering students
Cyber-Security-CIT good for 1st year engineering studentsCyber-Security-CIT good for 1st year engineering students
Cyber-Security-CIT good for 1st year engineering students
 

Recently uploaded

National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
Rohit Gautam
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
Zilliz
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
DianaGray10
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Alex Pruden
 

Recently uploaded (20)

National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
 

trojon horse Seminar report

  • 1. School of Engineering Seminar Report On Trojan horse-malware Academic Year 2019-20 Supervised by Supervisor’s Name Mr.Ravirajsinh Chauhan Sir Mr.Mitul Patel Sir P P Savani School of Science Student’sFull Name NAMAN KIKANI EnrollmentNo. 20SS02IT027 Branch: Bsc.it(B batch)
  • 3. Trojon horse Malware 2 CERTIFICATE This is to certify that Mr. /Ms. ____________________________________________, Enrollment No. _______________________ from the Department of _____________________________________________, has successfullycompletedthe Seminar on the Trojon horse-Malware during June – Oct, 2019. Date: ________________________ Name and Sign of Supervisor
  • 4. Trojon horse Malware 3 Table of Contents Sr. No Component Page. No. 1. Chapter 1: INTRODUCTION 5 2. Chapter 2: what is Trojon horse? 7 3. Chapter 3: How to work? 9 4. Chapter 4 : Common Tyapes of Trojon malware 10 5. Chapter 5: Trojan horse built for what? 16 6. Chapter 6 : Protect yourself 19 7 Chapter 7:Conclusion 20 8 Chapter 8 : References 21
  • 5. Trojon horse Malware 4 List of Figures/Tables Sr. No Fig. Name Page. No. 1. 2.1 Trojon horse 7 2. 2.2 Malwarevirus 8 3. 4.1 Back Orifice RCTH Client 11 4. 4.2 NetbusClient 1.70 12 5. 4.3 A typical netstat display 13 6. 4.4 netstat display on a machine infected with Netbus. 14
  • 6. Trojon horse Malware 5 CHAPTER 1 INTRODUCTION 1.1What is Malware?? Malware, short for malicious software, is a blanket term for viruses, worms, trojans and other harmful computer programs hackers use to wreak destruction and gain access to sensitive information. As Microsoft puts it, "[malware] is a catch-all term to refer to any software designed to cause damage to a single computer, server, or computer network." In other words, software is identified as malware based on its intended use, rather than a particular technique or technology used to build it. This means that the question of, say, what the difference is between malware and a virus misses the point a bit: a virus is a type of malware, so all viruses are malware (but not every piece of malware is a virus). 1.2Types of malware There are a number of different ways of categorizing malware; the first is by how the malicious software spreads. You've probably heard the words virus, trojan, and worm used interchangeably, but as Symantec explains, they describe three subtly different ways malware can infect target computers:  A worm is a standalone piece of malicious software that reproduces itself and spreads from computer to computer.  A virus is a piece of computer code that inserts itself within the code of another standalone program, then forces that program to take malicious action and spread itself.  A trojan is a program that cannot reproduce itself but masquerades as something the user wants and tricks them into activating it so it can do its damage and spread. Malware can also be installed on a computer "manually" by the attackers themselves, either by gaining physical access to the computer or using privilege escalation to gain remote administrator access. Another way to categorize malware is by what it does once it has successfully infected its victim's computers. There are a wide range of potential attack techniques used by malware:  Spyware is defined by Webroot Cybersecurity as "malware used for the purpose of secretly gathering data on an unsuspecting user." In essence, it spies on your behavior as you use your computer, and on the data you send and receive, usually with the purpose of sending that information to a third party. A keylogger is a specific kind of spyware that records all the keystrokes a user makes—great for stealing passwords.
  • 7. Trojon horse Malware 6  A rootkit is, as described by TechTarget, "a program or, more often, a collection of software tools that gives a threat actor remote access to and control over a computer or other system." It gets its name because it's a kit of tools that (generally illicitly) gain root access (administrator-level control, in Unix terms) over the target system, and use that power to hide their presence.  Adware is malware that forces your browser to redirect to web advertisements, which often themselves seek to download further, even more malicious software. As The New York Times notes, adware often piggybacks onto tempting "free" programs like games or browser extensions.  Ransomware is a flavor of malware that encrypts your hard drive's files and demands a payment, usually in Bitcoin, in exchange for the decryption key. Several high-profile malware outbreaks of the last few years, such as Petya, are ransomware. Without the decryption key, it's mathematically impossible for victims to regain access to their files. So-called scareware is a sort of shadow version of ransomware; it claims to have taken control of your computer and demands a ransom, but actually is just using tricks like browser redirect loops to make it seem as if it's done more damage than it really has, and unlike ransomware can be relatively easily disabled.  Cryptojacking is another way attackers can force you to supply them with Bitcoin— only it works without you necessarily knowing. The crypto mining malware infects your computer and uses your CPU cycles to mine Bitcoin for your attacker's profit. The mining software may run in the background on your operating system or even as JavaScript in a browser window.  Malvertising is the use of legitimate ads or ad networks to covertly deliver malware to unsuspecting users’ computers. For example, a cybercriminal might pay to place an ad on a legitimate website. When a user clicks on the ad, code in the ad either redirects them to a malicious website or installs malware on their computer. In some cases, the malware embedded in an ad might execute automatically without any action from the user, a technique referred to as a “drive-by download.” Any specific piece of malware has both a means of infection and a behavioral category. So, for instance, WannaCry is a ransomware worm. And a particular piece of malware might have different forms with different attack vectors: for instance, the Emotet banking malware has been spotted in the wild as both a trojan and a worm. A look at the Center for Internet Security's top 10 malware offenders for June of 2018 gives you a good sense of the types of malware out there. By far the most common infection vector is via spam email, which tricks users into activating the malware, Trojan-style. WannaCry and Emotet are the most prevalent malware on the list, but many others, including NanoCore and Gh0st, are what's called Remote Access Trojans or RATs— essentially, rootkits that propagate like Trojans. Cryptocurrency malware like CoinMiner rounds out the list.
  • 8. Trojon horse Malware 7 CHAPTER 2 What is Trojon Horse? 2.1What is trojon horse? “ The most dangerous Computer malware Trojan Horse Is the computer virus that is created by hackers and attackers and it’s dangerous virus.” 2.1 Trojon horse Trojan horse attacks pose one of the most serious threats to computer security. If you were referred here, youmay have not only been attacked but may also be attacking others unknowingly.According to legend, the Greeks won the Trojan war by hiding in a huge, hollow wooden horse to sneak into the fortified city of Troy.In today'scomputer world, a Trojan horse is defined as a "malicious, security-breaking program that is disguised as something benign". For example, you download whatappears to be a movie or music file, but when you clickon it, youunleash a dangerous program that erases your disk, sends yourcredit card numbers and passwords to a stranger, or lets that stranger hijack your computer to commit illegal denial of service attacks like those that have virtually crippled the DALnet IRC networkfor months on end. The followinggeneral information applies to all operating systems, but by far most of the damage is done to/withWindows users due to its vast popularity and many weaknesses. (Note: Many people use terms like Trojan horse, virus, worm, hacking and cracking all interchangeably, but they really don't mean the same thing. Let's just say that once you are "infected", trojans are just as dangerous as viruses and can spread to hurt others just as easily!) Trojans can be far more malicious than viruses and youshould care - they're programs that let someone else remotely administer your computer withoutyour knowing about it. There are legitimate programs that do this too, systems administrators use them to administer networks, but Trojans are a different matter. If you'reon a network youknow it has an administrator to keep things running smoothly. A Trojan can be planted by anyone, without your permission or knowledge. And unlike a remote administration program, a Trojan can be highly destructive. So let's take a quick lookat whatTrojans do, and more importantly, what you can do to stop them. Trojans can log every keystroke youtype (even when you're offline) and have your e-mail program send the information to the person who planted the Trojan without your knowingit. Trojans can get all your passwords, credit card numbers and other information stored on yourcomputer - or even things that you type into the computer and don't save. They can be used to read, delete or change all your files, turn your screen upside down,abruptly disconnect you fromthe Internet, or direct yourbrowser to only certain web sites and other nuisances. It gets worse - Trojans can be used to spy on you through your chat and instant message programs, web cam or microphone, and even destroy your hardware. They can damage your reputation as well as yourhardware and data. Trojans can be used to get into your address book and send very convincinglooking e-mails saying whateversomeone else likes from you to youremployer, bank manager, clients, girlfriend, whomever, and they can make you seem to say really awfulthings topeople in on-line chats or conferences. You can imagine some of the consequences - a 'Net conferencewith important clients and youwon'tsee
  • 9. Trojon horse Malware 8 the message coming from you saying "screw you,you'reall a bunch of lamers anyway,"but the persons you'retalking with will.Or someone can plant a Trojan and use yourcomputer to hack into somebody else's computer. And all kinds of other bad things. Possibly the worst things about Trojans are that most people don't even know they exist, and most anti-virus scanners do not pick up or delete them. Trojans are becoming more common, especially as more people have cable and DSL or other "always on" connections,though youcan get them using regular dial-up connections too. And some of the newer Trojans are harder to detect (this is one reason to be careful of running .htm or .html files youreceive by e-mail - there are Trojans out now that use HTML code and will bypass firewalls- a couple of examples are NOOB and godmessage). They are, in short, very easy to plant on your computer withoutyour knowing it until substantial damage has been done. There are all kinds of script kiddies out there using ICQ and IRC, not to mention e-mail. Criminals use the Internet, too, and there may be people out there who just plain don't like youand would do something that vicious to get revenge - the Internet, like the real world,has its share of crackpots,and most of these programs require no technical expertise to use. Be aware enough from reading this to realize that Trojans can be a serious threat to your privacy,reputation, data and computer hardware. There are some things youcan do. Be careful about accepting files overthe Internet or opening e-mail attachments unless you know what they are and who they'refrom. Get a good firewall,like Zonealarm, available free from Zonelabs. Evenif other firewalls have had youbefuddled, this one won't.It's very powerfuland it's also very user- friendly. And head over to the Moosoft site and pick up a copy of The Cleaner. It's a great anti-trojan scanning and cleaning program, and it also has a neat little feature called TCActivethat youcan run at Windows startup. It'llsit in your system tray,use almost no computer resources, and keep any knownTrojans fromactivating on yourmachine. If you do find your machine infected with a Trojan Horse program, don't panic. Disconnectfrom the Internet, run your Trojan scanner, and delete the Trojan. Trojans can't be cleaned, like many viruses can. They can only be deleted, but doing this will in no way harm your machine or your software. 2.2 Malware virus
  • 10. Trojon horse Malware 9 CHAPTER 3 How to works? 3.1 How to work trojonhorse malware? Trojans are also known to create a backdoor on your computer that gives malicious users access to your system, possibly allowing confidential or personal information to be compromised. Unlike other viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate. • Nothing But a Server Client Program • Uses TCP/IP protocol as well as UDP protocol • It is only be send to the target system by user interaction only. What’s the most used programming Language for writing Trojan virus? C Programming Language. C# Programming Language.
  • 11. Trojon horse Malware 10 CHAPTER 4 Common Tyapes of Trojon malware 4.1 Commontypes ofTrojan malware Here’s a look at some of the most common types of Trojan malware, including their names and what they do on your computer: 4.1.1 Backdoor Trojan This Trojan can create a “backdoor” on your computer. It lets an attacker access your computer and control it. Your data can be downloaded by a third party and stolen. Or more malware can be uploaded to your device. 4.1.2 Distributed Denial of Service (DDoS) attack Trojan This Trojan performs DDoS attacks. The idea is to take down a network by flooding it with traffic. That traffic comes from your infected computer and others. 4.1.3 Downloader Trojan This Trojan targets your already-infected computer. It downloads and installs new versions of malicious programs. These can include Trojans and adware. 4.1.4 Fake AV Trojan This Trojan behaves like antivirus software, but demands money from you to detect and remove threats, whether they’re real or fake. 4.1.5 Game-thief Trojan The losers here may be online gamers. This Trojan seeks to steal their account information. 4.1.6 Infostealer Trojan As it sounds, this Trojan is after data on your infected computer. 4.1.7Mailfinder Trojan This Trojan seeks to steal the email addresses you’ve accumulated on your device. 4.1.8 Ransom Trojan This Trojan seeks a ransom to undo damage it has done to your computer. This can include blocking your data or impairing your computer’s performance. 4.1.9 Remote Access Trojan This Trojan can give an attacker full control over your computer via a remote network connection. Its uses include stealing your information or spying on you.
  • 12. Trojon horse Malware 11 4.1.10 Rootkit Trojan A rootkit aims to hide or obscure an object on your infected computer. The idea? To extend the time a malicious program runs on your device. 4.1.11 SMS Trojan This type of Trojan infects your mobile device and can send and intercept text messages. Texts to premium-rate numbers can drive up your phone costs. 4.1.12 Trojan banker This Trojan takes aim at your financial accounts. It’s designed to steal your account information for all the things you do online. That includes banking, credit card, and bill pay data. 4.1.13 Trojan IM This Trojan targets instant messaging. It steals your logins and passwords on IM platforms. Problem Detection and Removal RCTH Program Operation Before outlining detection and removal procedures, let’s discuss the operation of the RCTH programs. Tosolve a problem you must first understand it. More importantly, there is no absolute solution to these programs and definitely no "tell me what keysto press" solution. A good understanding of how the RCTH programs work and how they can hide is the best weapon. There are now hundreds of this type of program. They all consist of two parts...a server that runs on your computer, and a client that runs on the controlling computer (shown below).They are all freely available on the Internet. The server silently opens up a virtual networkport and listens for requests from clients. People running the clients can connect to the server from anywhere on the Internet and controlyour computer almost like they were sitting in front of it. In fact,some things are easier using these programs than they wouldbe using your keyboard. For example, the program automatically decrypts passwords used to protect Microsoftshared directories. They can also scan a range of addresses looking forlistening servers so once you're infected, anyone can find you. 4.1 Back Orifice RCTH Client
  • 13. Trojon horse Malware 12 4.2 Netbus Client 1.70 The server program can be named anything so youcan't simply look fora list of names. Detection 1. Install and run BOClean. The manual procedures below are forpeople who,for some reason, don'thave access to BOClean. There are four waysto detect RCTH programs: 1. Check the of running processes for a match against a "Trojan database". 2. Check for programs fingerprint of files fora match against a "Trojan database". 3. Check the fingerprint that are automatically started when you boot yourcomputer. 4. Check for open virtual network ports. Each has limitations and advantages. The first two methods are traditional virus checkingmethods. They depend upon a database of code fragments or patterns that uniquely identify each of the suspect programs or behavior analysis that leads a file to be suspect. Of course, the database has to be constantly updated to keep up with new programs. The file checkmethod can be time consuming because it has to checkevery file. However,most virus tools now do this only once when they'reinstalled and then only in the background when a fileis read. The process checkonly examines running programs so it can be quicker. Note that if the writer of the RCTH program obfuscated the fingerprint using compression, encryption,overlays, or some other method, the fingerprint may not be recognizable to the toolas a RCTH program. This possibility and the lag time associated with updating tools to detect new programs' fingerprints necessitates multiple checksusing each of the detection methods. Keep in mind that "fingerprint tools" only workif they know the fingerprint. The fingerprint protection tools can find the publicized or otherwise discovered programs because they know about them. On the other hand, if someone wanted to target an individual or organization, had the ability to write their ownprogram, and kept quiet about it, traditional fingerprint tools like virus checkers wouldnever find it. All the presently identified RCTH programs automatically restart when you boot your computer. To do this they have an entry in the registry, the win.ini file, the system.ini file, the autoexec.bat file, the startup folder or similar places. Of course, lots of other programs automatically start up when you boot so the challenge is identifying the ones that aren't supposed to be there. Since the RCTH programs can be renamed, this is not a small challenge. If the programs were installed with their default names, they are easy to spot. If they'vebeen renamed, we have to verify that the file is actually something we want started. Sometimes there is no way to do this except to remove the entry and see whatbreaks. StartupCop is an easy to use tool that allowsyou to enable and disable the various startup items as you'reinvestigating. All the presently identified RCTH programs open a virtual networkport to communicate. Every TCP/IP based system has a set of 131,070 ports it can use to communicate with other computers. Some ports are dedicated to particular uses. For example port 80 is used by a web server, port 25 by a mail server, and ports 137-139 are used
  • 14. Trojon horse Malware 13 by Microsoftfile sharing services. Each of the RCTH programs also have default ports on which they listen forconnections by other machines. If we find one of these default ports active,we're almost guaranteed that we'vedetected an infection. On the other hand, these programs allow the interloper to change the default port. In that case, wehave to verify that any open port has been opened by a program that we authorized to run. Twotools to perform this task are Foundstone's FPort(free)and Winternal's TCPViewPro(fee).Finally,some desktop firewalls will tell youwhat programs are opening what ports. Withoutsuch a tool, it becomes a matter of stopping services to see what ports close. Another problem occurswhen the RCTH program doesn't hold the port open continuously.At least one program sits silently until it has some data to send (yourpasswords), opens a port, sends data, and closes the port. As you can see there are waysaround every detection method. That is why the only 100% effectivesolution to this problem is not to get infected in the first place. Of course, that is not toorealistic unless we refuse to run any programs because there is always a chance, howeverslight, one of these RCTH programs might get by a big vendor. Besides, there are many, many useful programs written by shareware and freewareauthors that would be a shame to ignore. However,the need for care has been exponentially increased due to these RCTH programs. Another option is the ages old unix (and other host) system administration trickof fingerprinting yourcritical files and checking them for modifications once in a while using something like Tripwire. Virtual Port Example. We will use the DOS utility netstat to checkforopen ports. If you'reusing Windows NT4 or Windows 98 you can proceed to the checks below.Unfortunately,the original TCP stack that comes with Windows 95 doesn't produce accurate reports. It will tell youyour computer isn't vulnerable when it actually is. To fixthis problem, upgrade your Windows95 TCP/IP stackby downloading and running the MicrosoftWinsock2patch before performing the rest of this procedure. This has been a rather simple and painless upgrade for everyoneI'vetalked to. It may also increase your networkperformance and reliability. The MicrosoftDial-up patch 1.3 also installs winsock2but it is more complicatedto install. If youhave access to Winternals TCPViewPro,use that instead. It has the advantage of telling youwhat program is talking on each port...something netstat doesn't do in the Windowsworld. Recently, Foundstone released a similar tool called FPortthat is free. 1. Open an MSDOS window. 2. Close all other programs.. 4.3 A typical netstat display. 3. Type netstat -an 4. Examine the second column after the colon. In the listing above, the item of interest in the first line is "80" and in the second line is "135". These are the virtual port numbers by which
  • 15. Trojon horse Malware 14 programs communicate with the outside world. Other computers which want to communicate with yourmachine must use yourIP address plus one of these virtual ports to form the equivalent of a telephone number to find you. In the example above, a personal web server is listening on port 80. 5. If yousee the numbers '12345 'or '31337', youalmost definitely have one of the programs installed (Netbus and Back Orificerespectively).The Netbus port is activebelow. 6. The list above has many additional ports open whichmakes it confusing. Most of these ports were caused by having a web and email browser open. To decrease the number of ports you need to examine its best to run netstat right after a reboot and before any other applications are started. Many Windows 95/98 machines will only have ports 137, 138, and 139 activefor Microsoftfile sharing use. If youdon't use Microsoftfile sharing, turn it off in the network controlpanel so youdon't have those ports open. Youcan also delete the netbios protocolin the same place. Otherwise, you have to ensure that all open ports are supposed to be open which requires a familiarity with network protocolsand services. Generally, you'llfind that these ports are opened by programs that are automatically started in the registry. So the process of validating registry entries is related to the process of validating ports. Sometimes it just boils down to removing registry entries (aftercopying the information forrestoration if needed) and seeing what breaks and whatports no longer open. Its a tedious process. One helpful hint. If you telnet to a port on which Netbus is listening, it will answer "Netbus v1.x"depending upon the version. 4.4netstat display on a machine infected with Netbus.
  • 16. Trojon horse Malware 15 • Joakim vonBraun's Trojan Database • NetworkIce • DosHelp • Internet Assigned Numbers Authority
  • 17. Trojon horse Malware 16 CHAPTER 5 Trojan horse built for what? 5.1 Built for stealing: 1- Credit cards and master cards..etc. 2- Email addresses. 3-Work projects. 4-Photos and other files. 5-Passwords and secret codes. 5.2 Tasks of the Trojon • erasing or overwriting data on a computer • corrupting files in a subtle way • spreading other malware, such as viruses. In this case the Trojan horse is called a 'dropper'. • To launch DDoS attacks or send Spam. • logging keystrokes to steal information such as passwords and credit card numbers (known as a key logger) • phish for bank or other account details, which can be used for criminal activities. • Shutting down the windows and rebooting of windows etc. 5.3 ANTI-TROJANS AntiTrojan software specifically designed to help detect Trojans (notnecessarily virus/worms). Most can be run along side yourchosen antivirus program. Howeverno trojan scanner is 100% effectiveas manufactures cannot keep up withthe rapid change of viruses that happens daily. Be sure to update yours regularly! 5.3.1 Anti-Trojan Anti-Trojan 5.5 is a powerful trojan scanner and remover which detects more than 9000 different types of trojan horses. It uses three methods to find them. The first is the portscan which gives you information if there are open ports on your computer. The
  • 18. Trojon horse Malware 17 second one is the registry scan which searches through the system registry database for trojans. The third and the most important part is the disk scan. It scans your harddisks for dangerous trojan files and removes them safely. Supports: Win95/98/ME/NT4/2000/XP Supports many languages. 5.3.2 PC Door-Guard A full-featured extensive and thorough intrusion scanner that scans any media on your PC for backdoors and trojan horses. Supports: Win95/98/ME/NT/2000 5.3.3 Pestpatrol PestPatrol is a utility, similar to anti-virus products, but instead of scanning for viruses it scans for worms and Trojans, even tools and utilities used by hackers and maybe even trusted employees. Used along with anti-virus software, PestPatrol will keep you safe from malicious objects, commonly referred to as Pests. You routinely scan for viruses, why not make PestPatrol part of your daily routine? Supports: Win95/98/ME/NT/2000/XP SubSevenTrojan. SubSeven was made to fill in the gaps left by NetBus. NetBus was the first 'point and click' Trojan that made it very easy for hackers to abuse an infected system. The makers of SubSeven wanted to take this even further and give the hackers even more control than NetBus ever could. SubSeven can do everything that NetBus can do. This includes things such as • File controls  Upload / Download o Move, Copy, Rename, Delete o Erase hard drives and other disks o Execute programs • Monitoring  Can see your screen as you see it o Log any/all key presses (even hidden passwords) o Open/close/move windows o Move mouse • Network control  Can see all open connections to and from your computer o Can close connections
  • 19. Trojon horse Malware 18  Can 'bounce' or relay from their system to yours, so wherever they connect it seems as if You are doing it. This is how they prevent getting caught breaking into other computer systems and get You in trouble!  The SubSeven Trojan can also be configured to inform someone when its infected computer connects to the internet, and tells that person all the information about you they need to use the trojan aginst you.  This notification can be done over an IRC network, by ICQ, or by email.
  • 20. Trojon horse Malware 19 CHAPTER 6 Protect your self…? 6.1 protect your computer from Trojan? 1- Don’t open unknown links. 2- Don’t connect unknown USB and other connecters. 3- Don’t open any offers in sites. 4- use best antivirus software. Avast is the best. 5- use best Trojan Remover Software. 6- Delete unwanted old files.
  • 21. Trojon horse Malware 20 CHAPTER 7 CONCLUSION • In this seminar we have learned what is Trojan and all the functionality and aspects of the Trojan horse. • Trojans are malicious programs that claims to be something desirable but they are much more dangerous than viruses and may steal yourdata or may damage ,erase your disk. So be careful while downloading any document , movie ,music file etc..from internet. It is evident that there will soon be some very sophisticated ways to hide this type of program. If youvalue your privacy,yourcomputer data, and your reputation, it is imperative to refuse to run unknown executable programs. It is unfortunate that the publishing of these easily used and abused programs has made our computing environment less friendly to sharing and open communication. However,if the programs hadn't been publicized, sneakier people could have used similar tactics without warning. Almost every existing operating system allows the sort of features that make RCTH programs possible. Operators run programs. • Programs open sockets. Programs capture keystrokes. Operating systems provide mechanisms to automatically start programs. The vulnerability that exists is that we (industry wide) use computers that don't have many internal controls. They let us do what we want.Without internal controls, it is up to us to control them. If wedon't controlthem, we'lleither have increasingly serious security breaches or the computer industry will go back to lockeddown mainframe type processing to forceautomatic controls. I suspect this latest threat willhasten the use of "certified applications", increased access controls to both organizational data and the Internet, locked down desktop configurations, the "NetworkComputer/Browser/Application Server architecture, and an increased level of caution associated with our computing environment. Maybe hackers willforce us back to terminals (static browsers), mainframes(application servers), and service bureaus(application service providers).
  • 22. Trojon horse Malware 21 CHAPTER 8 REFERENCES ReserchpaperHelp: https://www.homeworkping.com/ 1.http://www.windowsecurity.com/Trojan_horse 2.https://us.norton.com/internetsecurity- malware-what-is-a-trojan.aaa 3.https://www.csoonline.com/article/3295877/ what-is-malware-viruses-worms-trojans-and- beyond.html 4.https://www.slideshare.net/search/slideshow? searchfrom=header&q=trojan+horse+report&u d=&ft=&lang=&sort=