Trojan Horse

The Enemy (The Intruder'due south Genesis)

Pramod Pandya , in Calculator and Information Security Handbook (3rd Edition), 2013

Backdoors and Trojan Horses

Trojan horses are code disguised as a benign program, merely acquit in an unexpected manner, usually a malicious manner. Trojan horses are commonly injected into a strange host while that host is browsing the Net or downloading complimentary utilities from the Net. The host is normally quite unaware that a malicious program has been injected. This malicious programme could hijack future HTTP sessions, monitor the activities on that host, and and so relay that information back to the assailant'southward host and much more. Some noteworthy Trojans are ZeuS, ZeroAccess, TDSS Downloader, Alureon, Gbot, Butterfly bot, and BO2K.

Backdoors and Trojan horses have several things in mutual. They both come with 2 pieces of software, the customer and the server. The server is the piece that the "remote administrator" will use to infect the victim'southward computer. The customer is the piece that the assailant will utilize to monitor the victim'southward computer. Both programs allow for consummate admission to the victim'southward files. The hacker can copy, movement, rename, delete, and even change any file or folder in the victim's estimator.

Read full chapter

URL:

https://www.sciencedirect.com/science/article/pii/B9780128038437000284

Maintaining Admission

James Broad , Andrew Bindner , in Hacking with Kali, 2014

Trojan Horse

A Trojan horse, commonly referred to simply as a "Trojan," is a malicious program that is installed onto a host to perform a desired, or overt, function, but instead conceals and executes hidden, or covert, programs within its lawmaking to create backdoors, run scripts, steal information, and in some cases socially exploit untrained people into divulging personal data such as credit card numbers. The actual divergence between backdoors and trojan horses have been skewed since the beginning trojan equus caballus was possibly embedded in a game intended for the UNIVAC 1108 computer system in 1975, known as the Pervading Animate being. The word Trojan is often synonymous with backdoor due to the inherent nature of Trojans today. Furthermore, Trojans are often confused with viruses. What makes Trojans stand autonomously from beingness classified as viruses is that the Trojan is often a stand-alone program and does non inject themselves into another program.

Read total chapter

URL:

https://www.sciencedirect.com/scientific discipline/article/pii/B9780124077492000100

Introduction to Security

Tariq Bin Azad , in Securing Citrix Presentation Server in the Enterprise, 2008

Viruses, Worms, and Trojan Horses

Viruses, trojans, and worms are quite perchance the most disruptive of all of the security threats that we'll be discussing in this section. These three types of threats, working alone or in combination, can alter or delete data files and executable programs on your network shares, overflowing electronic mail servers and network connections with malicious traffic, and fifty-fifty create a "back door" into your systems that can let a remote attacker to have over control of a computer entirely. While yous'll oftentimes hear these three terms used interchangeably, each i is slightly unlike. A virus is a piece of code that will alter an existing file, and so use that alteration to recreate itself many times over. A worm simply makes copies of itself over and over again for the purpose of exhausting available system resource. A worm can target both hard drive space and processor cycles.

Trojan horses take their name from a Greek myth, in which attackers from Sparta infiltrated the Greek city of Troy past hiding inside a horse statue masquerading as a gift. When the Trojans brought the souvenir inside the city walls, they discovered as well late that it was filled with Spartan soldiers who emerged from within the horse and took over the city. In similar mode, a computer-based trojan volition disguise itself every bit a friendly file, usually an eastward-mail zipper. This file, when executed, can damage figurer data or install a "back door" into the operating system that will allow a remote aggressor to have over the system entirely.

Note

For more information almost computer viruses and other like threats, bank check out www.symantec.com, www.mcafee.com, www.trendmicro.com, or www.-us-cert.gov for the latest virus threats and trends around the globe.

Read full chapter

URL:

https://www.sciencedirect.com/scientific discipline/article/pii/B9781597492812000019

Client-side attacks and homo weaknesses

Jeremy Faircloth , in Penetration Tester's Open Source Toolkit (Third Edition), 2011

4.ii.2.two.two Trojan horses

Trojan horses, or Trojans, are chunks of malware that pretend to be valid applications or documents. In our instance email where a file attachment was included, we could have attached a Trojan that contained malware which compromised the target'due south system. In that particular case, we could accept a Trojan that appears to be some sort of survey answer drove programme which installs with a normal installer but in reality installs malware that grants us access to their arrangement. This technique is not used equally frequently as it used to be mainly because many users are finally listening to the security recommendation of "don't run anything sent to you via email." All the same, many still haven't gotten the indicate; therefore, it's a valid attack especially with a well-crafted phishing email.

Also keep in mind that Trojans are non express to executables! There are nevertheless vulnerabilities being discovered and exploited in hundreds of mutual applications which can be used to your advantage. 1 mutual ploy is to utilise a PDF or Dr. file to execute arbitrary code on the target system. In this case, it's just a document being opened and therefore "safer" in the target's eyes. The reality is that the potential for exploitation is only slightly lower with a certificate than with an executable.

Read full affiliate

URL:

https://www.sciencedirect.com/science/article/pii/B9781597496278100042

Messaging Security

Tim Speed , Juanita Ellis , in Internet Security, 2003

8.one.3 Trojan horse

A Trojan equus caballus is a program that appears legitimate but contains secondary hidden functions that can (and many times do) crusade impairment. Due east-mail service with the aim of stealing passwords from a victim'due south computer then e-mailing the stolen information to a targeted recipient frequently distributes 1 of the about common types of Trojan equus caballus.

In that location are many vendors with information and tools to combat viruses. Following are a few: http://world wide web.symantec.com; http://www.mcafee.com; and http://www.drsolomon.com. For more than information about viruses check out http://www.bocklabs.wisc.edu/∼janda/virl_faq.html#B01.

Read full chapter

URL:

https://www.sciencedirect.com/scientific discipline/article/pii/B9781555582982500105

Client-side attacks and social engineering

Jeremy Faircloth , in Penetration Tester'southward Open Source Toolkit (4th Edition), 2017

Trojan horses

Trojan horses or Trojans are chunks of malware that pretend to be valid applications or documents. In our example email where a file attachment was included, we could adhere a Trojan that independent malware which compromised the target's arrangement. In that detail case, we could take a Trojan that appears to be some sort of survey respond collection programme which installs with a normal installer but in reality installs malware that grants us access to their system. This technique is not used as frequently every bit information technology used to exist mainly because many users are finally listening to the security recommendation of "don't run anything sent to yous via email." Even so, many still oasis't gotten the signal therefore it's a valid attack especially with a well-crafted phishing email.

Also keep in mind that Trojans are not limited to executables! In that location are notwithstanding vulnerabilities existence discovered and exploited in hundreds of common application which can be used to your advantage. One mutual ploy is to utilise a PDF or DOC file to execute capricious lawmaking on the target system. In this case, information technology's just a certificate being opened and therefore "safer" in the target's optics. The reality is that the potential for exploitation is only slightly lower with a document than with an executable.

Read full chapter

URL:

https://www.sciencedirect.com/science/article/pii/B9780128021491000087

Understanding the Threats: E-mail Viruses, Trojans, Mail Bombers, Worms, and Illicit Servers

In Electronic mail Virus Protection Handbook, 2000

Trojans

A Trojan equus caballus, or Trojan, is nothing more than an application that purports to practice i thing, but in fact does another. Trojans are named after the mythic Trojan equus caballus in Homer'south Iliad. In the legend, the Greeks created a wooden horse, then gave information technology to the citizens of Troy as a peace offering. Even so, before the horse was presented, Greek soldiers hid within it. The horse was brought within the city gates, and when the city was comatose, the Greek soldiers emerged and were able to conquer Troy. Similarly, a Trojan looks like a beneficial or useful program, but contains a payload. For example, a Trojan can:

Launch an application that defeats standard authentication procedures.

Delete files.

Format the difficult bulldoze.

Launch legitimate applications with the intent of defeating security.

Many Trojans have a payload. A common payload is to delete a file, many files, or even an unabridged partition. Maybe the nearly common payload is an illicit server.

Read full chapter

URL:

https://world wide web.sciencedirect.com/science/article/pii/B9781928994237500057

Viruses, Trojan Horses, and Worms

In Hack Proofing Your Network (Second Edition), 2002

Trojan Horses

Trojan horses (or simply patently "Trojans") are lawmaking disguised as benign programs that then conduct in an unexpected, ordinarily malicious, style. The name comes from that fateful episode in the novel The Iliad, when the Trojans, during the battle of Troy, immune a gift of a tall wooden horse into the city gates. In the middle of the nighttime, Greek soldiers who were concealed in the belly of the wooden horse slipped out, unlocked the gates, and allowed the entire Greek army to enter and take the city.

The limitation of Trojans is that the user needs to be convinced to accept/run them, simply as the Trojans had to showtime have the Greek gift of the wooden horse, in lodge for them to take their way. So they are typically mislabeled, or disguised as something else, to fool the user into running them. The ruse could be every bit elementary as a fake name (causing you to think it was another, legitimate plan), or as complex as implementing a full program to brand information technology appear benign. 1 such plan is the Pokemon Trojan, which will display animated pictures of bouncing Pikachu on your screen while information technology e-mails itself to everyone in your address book and prepares to delete every file in your Windows directory. Figure 15.1 shows what the user sees when executing pokemon.exe, which has been classified as the W32.Pokemon. Worm. What they don't meet is the application e-mailing itself out and deleting files from the system.

Figure fifteen.1. The W32.Pokemon. Worm

And so the defence force is simple: Don't run programs you don't know. This simple advice has now been passed downwards for many (Internet) generations. Most people tend to follow information technology, but it seems nosotros all intermission down for something. In one case upon a time, that damn dancing baby was floating effectually the Internet, and I'm willing to bet a significant pct of the population ran that application as soon as they received information technology. Imagine if, while the babe was bopping away, it was also deleting your files, sending copies of its ain electronic mail to everyone in your address book, or changing all your passwords. Maybe you lot wouldn't think that baby very cute afterward all.

Entire companies have sprung up around the thought of producing modest, executable "electronic greeting cards" intended to be e-mailed to friends and associates. These types of programs further dilute people's power to distinguish the safe from the dangerous. If someone is used to receiving toys in her east-mail from her friend "Bob," she volition think zippo of it when Bob (or a Trojan pretending to be Bob by going through his accost book) sends something evil her style.

Read full chapter

URL:

https://www.sciencedirect.com/science/article/pii/B9781928994701500185

What Are We Trying to Prevent?

Eric Knipp , ... Edgar Danielyan Technical Editor , in Managing Cisco Network Security (2d Edition), 2002

Trojan Horses

The term Trojan horse is a reference to a stratagem used in the siege of Troy, as told in the Iliad. The attacking Greeks found the urban center's walls impenetrable. They built a wooden horse and presented information technology to the citizens of Troy as a peace offering, concealing a strength of one hundred Greek warriors within. Even though one of the Trojan High Priests, Laocoön, warned against "Greeks begetting gifts," and the King's own girl, Cassandra, warned of disaster, the equus caballus was brought into the metropolis. Afterwards that nighttime, the warriors curtained inside crept out and opened the gates of the city, letting the Greeks in to sack and loot Troy.

In data technology, a Trojan horse is a computer program that appears to have a useful office, but in truth has a hidden and potentially malicious role that evades security mechanisms, sometimes past exploiting legitimate authorizations of the organisation entity that invoked the program in the first place. It departments frequently warn their users against accepting files and e-mails from the Net—yet warnings even from senior executives fail to be heeded. Trojan horses proceed to be the most expensive vector for malicious lawmaking.

Read full chapter

URL:

https://www.sciencedirect.com/science/article/pii/B9781931836562500064

MCSE 70-293: Planning Server Roles and Server Security

Martin Grasdal , ... Dr. Thomas West. Shinder Technical Editor , in MCSE (Exam 70-293) Written report Guide, 2003

Antivirus Software

Viruses, Trojan horses, and other malicious programs are a threat to any organization, especially if the organization is continued to the Internet. If these programs infect a network, data and systems can be damaged or destroyed. Worse, infection might cause disquisitional data (such equally passwords or files) to be transmitted to other sources. To prevent these malicious programs from causing problems, antivirus software should be installed on servers and workstations throughout the network.

When antivirus software is installed, it will scan for viruses and clean them using information stored in signature files. Signature files are used to place viruses and let the software know how to remove them. Because new viruses appear every calendar month, signature files need to be updated regularly past downloading them from the vendor's Web site.

Read full affiliate

URL:

https://world wide web.sciencedirect.com/science/commodity/pii/B9781931836937500063