h1

Trojan vs. Virus – Do you know the difference?

May 25, 2010

Most of us have heard of the term “virus” when referring to network security. We know that there are many types and if not properly protected, can put a financial institution and customer information in great danger. However, there is a virus that can be confused by title with typical viruses that does not act like a virus. It is the Trojan Horse Virus, commonly referred to as simply a Trojan. Trojans are clever in form and can radically differ in appearance and function. They are dangerous and often lead to complete exposure of sensitive information or in worst case scenario, destruction.

The Difference

The difference between a Trojan and a virus is that a Trojan does not spread itself like a virus does. Trojans are typically disguised as “must have” software that is available for download on the internet. When the unsuspecting consumer clicks on the offer, the Trojan infects the computer.

A Trojan is typically separated into two parts – a server and a client. It’s the client that is often disguised as software and positioned in peer-to-peer file sharing networks or unauthorized download websites. Once client Trojan executes on your computer, the attacker, i.e. the person running the server has a high level of control over your computer which can lead to severe damage depending on the attacker’s purpose.

The Trojan can be spread in various ways. The most common method is through e-mail attachments. It may also infect other machines by sending copies of itself to the people in the address book of a user whose computer is already infected. It can also be delivered through spamming techniques as well as chat software such as Yahoo and Skype.

Types of Trojans

A Trojan can have any one or a combination of the functionalities described below.


Remote Access Trojans

Remote Access Trojans are the most frequently available Trojans. These give an attacker absolute control over the victim’s computers. The attacker can go through the files and access any personal information about the user that may be stored in the files, such as credit card numbers, passwords, and vital financial documents.

Password Sending Trojans

The intention of a Password Sending Trojan is to copy all the cached passwords and look for other passwords as you key them into your computer, and send them to particular email addresses. These actions are performed without the awareness of the users. Passwords for restricted websites, messaging services, FTP services and email services come under direct threat with this kind of Trojan.

Key Loggers

Key Loggers type of Trojans logs victims’ keystrokes and then send the log files to the attacker. It then searches for passwords or other sensitive data in the log files. Most of the Key Loggers come with two functions, such as online and offline recording. Of course, they can be configured to send the log file to a specific email address on a daily basis.

Destructive Trojans

The only purpose of Destructive Trojans is to destroy and delete files from the victims’ computers. They can automatically delete all the core system files of the computer. The destructive Trojan could be controlled by the attacker or could be programmed to strike like a logic bomb, starting on a particular day or at specific time.

Denial of Service (DoS) Attack Trojans

The core design intention behind Denial of Service (DoS) Attack Trojan is to produce a lot of internet traffic on the victim’s computer or server, to the point that the Internet connection becomes too congested to let anyone visit a website or download something. An additional variation of DoS Trojan is the Mail-Bomb Trojan, whose key plan is to infect as many computers as possible, concurrently attacking numerous email addresses with haphazard subjects and contents that cannot be filtered.

Proxy/Wingate Trojans

Proxy/Wingate Trojans convert the victim’s computer into a Proxy/Wingate server. That way, the infected computer is accessible to the entire globe to be used for anonymous access to a variety of unsafe Internet services. The attacker can register domains or access pornographic websites with stolen credit cards or do related illegal activities without being traced.

Prevention

To prevent infection, make sure antivirus and firewall programs are up-to-date and working properly. Anti-virus software needs “definition” updates and software updates. Another best practice is to never open an attachment or file that has been sent by an unknown sender and never download potentially un-trusted files from the Internet. Last, be sure you’ve run Windows Update to makesure your system is fully updated.

Security Solutions


If you have questions about the article, security topics, or our services contact us by visiting http://www.trustcc.com and filling out the contact information section at the bottom of the home page.

-TrustCC

Source: http://www.topbits.com

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: