Hacker Attacks and Trojan Horses
A rise recently in computer-based attacks is likely to continue. The
vulnerabilities that are being exploited are complex and the hackers that are
perpetrating attacks are becoming ever more sophisticated.
This first in a series of tips will explore the more common of these attacks,
the Trojan Horse programs. A Trojan Horses program will not replicate
itself but they are commonly malicious and often destructive.
Trojans
The Trojan Horse comes from an ancient story in Homer's Iliad. In it,
the Greeks leave a giant wooden horse to their foes, the Trojans, seemingly as a
peace offering. After the Trojans brought the offering inside their city
walls and fell into sleep, Greek soldiers exited from the horse's hollow
belly. The few invaders opened the city gates allowing the army that
quietly had returned under cover of night to capture Troy.
Generally, a sophisticated computer attack begins with a simple deception
that is similar. A common approach is to plant a program (Trojan Horse)
onto a single computer. Programs like Back Orifice and Netbus are Trojans
designed to allow hackers to access your machine via the Internet.
Back Orifice or Netbus like programs may take control of system reboot, lock
the system up, send passwords via the Internet, view and edit your Windows
registry, use Windows commands to list directories, find files, delete files,
move files, rename files, log keyboard activities and operations, enable or
disable other programs, or add or remove network sharing, mapping of shared
devices, listings of connections, etc.
There are many Trojan programs that are distributed at Web sites with claims
for example that the software will rid your computer of viruses. Instead
the Trojan later will load viruses onto your computer. Others may be
distributed as games.
In order for anyone to use a Trojan on your machine, you'd have to install
it, just as in the story of the Trojan war. Unsuspecting because of the
program advertisements, you'd be lured to install a Trojan thinking that its a
game that will be fun or a utility that will improve computing in some
way.
Zombies
Next your infected computer system would begin a destructive sequence of
commands, or perhaps it would report vulnerability information back to attacker
software. In some cases, a Trojan is used as a first step in the process
to create a “zombie” computer. Once your computer is under a hacker's
software control, it is known as a zombie. In many cases, as with Back
Orifice and Netbus, the Trojan allows a hacker to take the access to the next
level, to direct and coordinate the actions of your system.
Zombie computers allow hackers to send instructions from a master
program. In this way, a zombie can be used by a hacker with or without
additional software controls to attack other computers, to destroy files, to
gain access to a network, to spy on others,, or for other objectives. The
hacker's objective is known only to the hacker.
Trojans these days are sophisticated hacking tools that allow even amateur
hackers to launch attacks. Essentially, the Trojan program is placed onto
a vulnerable computer one day as the user is browsing the Web unawares and the
rest will depends upon the hackers reasons and sophistication. In any case
the outcome is not desirable and you'll want to protect your computer from
Trojan Horse programs.
Basic Protection from Trojans
Purchase a name brand, tried and true antivirus program that can detect and
remove viruses like Back Orifice and Netbus. Secondly, always keep your
anti-virus software up-to-date. McAfee and Norton antivirus software for
example allow automated downloads of pattern and definition files. That's
a helpful feature. Next time we'll explore a bit more about protection and
keeping your system free of infections.
Additional topics
Viruses
A virus is software that piggybacks on other programs. For example, a
virus might attach itself to a program such as Excel. Each time the Excel
spreadsheet program runs, the virus runs, too, and it generally will reproduce
itself by attaching to other programs or wreak malicious havoc on the host
computer.
E-mail viruses
An e-mail virus is transmitted in e-mail messages, and usually replicates
itself by automatically mailing itself to dozens of people that are in the
victim's e-mail contacts (address book).
Worms
A worm is software that uses computer networks and security vulnerabilities to
replicate itself. A copy of the worm scans the network for another machine
that has a specific security vulnerability. The worm copies itself to the
new machine using the vulnerability. It then starts replicating from there, as
well.
Network and Internet security software
Software that will close system vulnerabilities and may even prevent other
hacker probes and attacks.
All information herein is offered as-is and without warranty
of any kind. Neither myself, nor contributors are responsible for any loss,
injury, or damage, direct or consequential, resulting from your choosing to use
any information presented here. |