what is Trojan horse and his types.A Trojan horse or Trojan, is a non-self-replicating type of malware which gains privileged access to the operating system while appearing to perform a desirable function but instead drops a malicious payload, often including a backdoor allowing unauthorized access to the target's computer. These back doors tend to be invisible to average users, but may cause the computer to run slow. Trojans do not attempt to inject themselves into other files like a computer virus.
Trojan horses may steal information, or harm their host computer systems.Trojans may use drive-by downloads or install via online games or internet-driven applications in order to reach target computers. The term is derived from the Trojan Horse story in Greek mythology because Trojan horses employ a form of “social engineering,” presenting themselves as harmless, useful gifts, in order to persuade victims to install them on their computers.
A Trojan may give a hacker remote access to a targeted computer system. Operations that could be performed by a hacker on a targeted computer system may include:
Crashing the computer
Blue screen of death
Electronic money theft
Disabling all internet traffic on the host
Watching the user's screen
Viewing the user's webcam
Controlling the computer system remotely
Trojan horses in this way may require interaction with a hacker to fulfill their purpose, though the hacker does not have to be the individual responsible for distributing the Trojan horse. It is possible for individual hackers to scan computers on a network using a port scanner in the hope of finding one with a malicious Trojan horse installed, which the hacker can then use to control the target computer.
A recent innovation in Trojan horse code takes advantage of a security flaw in older versions of Internet Explorer and Google Chrome to use the host computer as an anonymizer proxy to effectively hide internet usage.A hacker is able to view internet sites while the tracking cookies, internet history, and any IP logging are maintained on the host computer. The host's computer may or may not show the internet history of the sites viewed using the computer as a proxy. The first generation of anonymizer Trojan horses tended to leave their tracks in the page view histories of the host computer. Newer generations of the Trojan horse tend to "cover" their tracks more efficiently. Several versions of Sub7 have been widely circulated in the US and Europe and are the most widely distributed examples of this type of Trojan horse.
Common Trojan horses
Netbus (by Carl-Fredrik Neikter)
Subseven or Sub7(by Mobman)
Back Orifice (Sir Dystic)
The Blackhole exploit kit
Flashback Trojan (Trojan BackDoor.Flashback)
Types of Trojan Horse Viruses
1. The Remote Administration Trojan Horse Virus
This type of Trojan horse virus gives hacker behind the malware the possibility to gain control over the infected system. Often the remote administration Trojan horse virus functions without being identified. It can help the hacker to perform different functions including altering the registry, uploading or downloading of files, interrupting different types of communications between the infected computer and other machines.
2. The File Serving Trojan Horse Virus
Trojan horse viruses from this category are able to create a file server on the infected machine. Usually this server is configured as an FTP server and with its help the intruder will be able to control network connections, upload and download various files. These Trojan horse viruses are rather small in size, sometimes not more than 10Kb, which makes it difficult to detect them. They are often attached to emails or hidden in other files that users may download from the Internet. Regularly these Trojan viruses spread with the help of funny forwarded messages that a user receives from friends. Trojan horse viruses may also be hidden in small downloadable games.
3. Distributed Denial of Service Attack Trojan Horse Virus
A lot of computers can be tricked intro installing the Distributed Denial of Service Trojan so that the hacker can gain control over one, several or all computers through a client that is connected with a master server. Using the primary computer within one huge zombie network of machines, hackers are able to sent attacks at particular targets, including companies and websites. They simply flood the target server with traffic, thus making it impossible for simple users to access certain websites or systems. Often these attacks are used to stop the activity of famous brands that could handle different financial demands.
4. Keylogging Trojan Horse Virus
These Trojan horse viruses make use of spyware with the goal of recording every step of user's activity on the computer. They are called keylogging because they transmit to the hacker via email the information about logged and recorded keystrokes. Hackers use this type of malware for their financial benefit (through card fraud or identity theft). Some individuals or companies can offer a great reward for valuable information.
5. The Password Stealing Trojan Horse Virus
The name speaks for itself - Trojans from this category are used to steal passwords. The Trojan transmits information about passwords to the hacker through email. Just like keylogging Trojans, this malware is used mainly for hacker's financial benefit (a lot of people use passwords to access their bank accounts or credit cards).
6. The System Killing Trojan Horse Virus
These Trojans are meant to destroy everything in the system starting with drive Z and ending with drive A. One of the recent Trojan horse viruses of this type is called Trojan.Killfiles.904. The reasons for creating such Trojans are unknown but the results could be catastrophic.