29 Jun 2011

Malware: Trojan Horse

malware No Comments

Software to Fix Problems IconAh, the venerable Trojan Horse.  This form of malware has gained such notoriety that it’s what most people think of when they think of malware.  It’s link to the Trojan Horse from Greek mythology certainly plays a part, but this form of malware is very common, and can be very dangerous.  Let’s investigate what exactly a trojan horse is, how they are transmitted, and what you can do should you be infected.

What is a Trojan Horse?

Perhaps not very shockingly, a trojan horse works just like the one from the myths.  A piece of malware masquerades as a safe application or file, but once it is executed, it infects your system.  A trojan horse can piggyback on a legitimate piece of software, an image, an mp3, a video, a PDF, you get the idea.  A trojan horse can attach itself to almost any kind of file, and once you open that file (sometimes your input isn’t even needed to execute a file), it is installed on your system.  In the early days, they were relatively tame compared to their modern counterparts.  Early trojan horses would change your desktop picture, screw around with your volume controls, change mouse and keyboard settings, etc.  Modern trojan horses typically install a backdoor into your system that allows an outsider access to your system.  The attacker can then copy or erase files, intercept your internet traffic – perhaps stealing your passwords, basically do anything that you can do, they can do.  Typically however, they are used to turn your computer into a zombie on a botnet.  The attacker then uses your computer along with thousands of others just like it, to send spam, issue denial of service attacks on websites (DDOS), or worse.

Malware is no longer the realm of one form of malware however.  I am afraid that those days are behind us.  Modern malware is typically part of a blended threat that combines portions of viruses, worms, trojan horses, and rootkits.  This amalgamation can be truly devastating.  These blended attacks will do things such as install a backdoor into your system, turn off your spyware, clean out the event log, become part of a botnet, self-propagate, and can even use scareware to trick a user into thinking that they have a virus on their machine, even when they don’t in order to get $69.99 and your credit card number(s).

Crap.  You Have One.  Now What?

Scary huh?  Don’t fret!  With some due diligence, you can defeat the infamous trojan horse!  The number one thing to do is to read my Secure Computing Habits page, and follow the advice.  I cannot stress this enough.  Your behavior will do more to prevent malware than any security system ever could.  Should you get bitten however, the only way to be 100% sure that it is gone from your system is to re-install your operating system.  Do I have your attention yet?  I thought so…you don’t want to do that.  You should, but you won’t.  It’s ok, I understand.  What you can do then is download Microsoft’s Safety Scanner.  If you run this, I am 99% confident that whatever malware you have on your machine will be detected and removed.  That 1% is something that you need to determine for yourself.

Want to learn more about trojan horses, viruses, worms, and rootkits in depth?  Check out Geek University!

As always, hug your favorite Geek!