Trojans

Like the horse, a Trojan program is a delivery vehicle; a program that does something undocumented and often malicious.

These malicious programs are named after the Trojan horse, which delivered soldiers into the city of Troy.

Trojan Horse

Like the horse, a Trojan program is a delivery vehicle; a program that does something undocumented which the programmer intended, but that the user would not approve of if s/he knew about it. The Trojan program appears to be a useful program of some type, but when a certain event occurs, it does something nasty and often destructive to the system.

Most of the “classic” Trojan programs were delivered to users on disks which advertised themselves as something useful. As an example, a disk that was supposed to contain Aids information was once distributed. Unfortunately, when a program on the disk was run the user’s hard disk was encrypted and rendered useless. Many newer Trojan programs make their way to you as E-mail attachments with the text in the E-mail program enticing you to run the attachment.

There have been many Trojan programs and new ones crop up every day. It’s important to know and trust the source of any program you receive because most anti-virus programs can’t detect new Trojans. These programs, while potentially destructive, still use common DOS/Windows commands and any attempt to trigger an alert on these commands would result in massive false alarms.

Most anti-virus programs today include Trojans as soon as they are circulating as Trojans make up much of the malware in 2005/2006; but it may still be too late for you as it takes some time to update their databases. Trojans are, however, simple to avoid if you don’t succumb to the lures of the E-mails that send them to you.

Just to give you some examples of what sort of thing to watch out for, here are some Trojan examples, some historical and some recent. Brief descriptions are given here with more detail is available in the link.

  • ANSI BombWeb Popup. (rare today). This sort of Trojan used the ANSI.SYS driver in DOS to remap various display and keyboard functions.
  • Windows Help MacrosWeb Popup. (rare but demonstrated). The Windows HLP help file format allowed macros to be attached to help files. The macros could contain malicious code.
  • Social Engineering Messages. A wide variety of Trojans use social engineering to attempt to get you to run the malware associated with the message.
  • Double File ExtensionsWeb Popup. Windows generally comes with the display of common file extensions turned off by default. Files of the form README.TXT.EXE would show up as README.TXT but if you clicked on the file it would run as a program.
  • Screen Savers. Windows screen savers are basically executable code and malicious software in one can run in the background during the display.
  • Road AppleWeb Popup. A Trojan may be given a name the curious would naturally be interested in and then left where the curious can find it.
  • Physical MediaWeb Popup. A Trojan could be widely distributed using physical media sent to many around the world. The subject would have to be compelling (an AIDS Trojan distributed via CD is one example that has happened).
  • And, many more. See WikipediaWeb Link for more examples.

Some researchers consider a virus a particular case of a Trojan horse; others believe that if a virus does not do any deliberate damage it cannot be classed as a Trojan. In common use, most people (including Computer Knowledge) use Trojan to refer to a non-replicating malicious program.

Summary

  • A Trojan is a delivery vehicle.
  • The Trojan can carry a malicious payload or drop other malicious software onto your system.
  • Trojans often are delivered using social engineering methods.
Up Arrow Software Threats Up Arrow
Prior Page Next Page
Logic Bombs Worms

Comments from Original Post:

marcus
Said this on 2009-08-08 At 07:36 am
my wife loves to open emails with attachments. just because it comes from someone she knows i tell her they could be dangerous
#2
DaBoss
Said this on 2009-08-08 At 11:35 am
In reply to #1
Not all attachments are bad but opening them without some indication of what’s in them can be dangerous. Have her try to set up some key word(s) with her friends who send attachments. If the message contains the key word(s) then it’s more likely to have been sent by a human and not a bot. No key word(s)? Use great caution. And, of course, keep the anti-malware software on the computer up to date.