Trojan Horses
Behind the Name
The malware term, "Trojan Horse" harkens back to an ancient story of Odysseus and the Greeks. During the Trojan War, during an unsuccessful siege of Troy, Odysseus ordered that a large wooden horse be built. The horse was left behind outside the walls of Troy, and the Greek army sailed away. The Trojans interpreted the horse as a peace offering. However, the horse was filled with Greek soldiers, including Odysseus himself. As the Trojans slept, the ships returned to Troy and the Greeks in the horse were able to open the gates from the inside.
The Malware "Trojan Horse"
The trojan horse from ancient times is very similar to that, which appears on people's computers. That is because a computer trojan horse is a program that appears to be good, but conceals malicious code. Trojan horses are usually spread in the distribution of normal software. For example, in 2002, a hacker broke into the distribution sites for two packages, sendmail and OpenSSH. He replaced the old files with his own and thus, hid malware within an otherwise legitimate distribution.
These circumstances are rare, however. Further, even the cautious user could receive a trojan horse in this manner. The much more common method for spreading trojan horses is via e-mail. The attacker would send a malicious e-mail attachment which, when opened, would infect the victim's system. These are the far more common types of trojan horses, which are avoidable with careful online behavior.
Threats and Effects
A trojan horse gives an attacker control over the victim's machine. This enables the attacker to run commands on the victim's machine, remotely tap into the victim's computer, or utilize the computer in a much larger attack (e.g. Distributed Denial of Service). Trojans may also be used to acquire data. Attackers might target data such as usernames, passwords, and even credit card numbers. Webopedia.com offers a comprehensive summary of the different purposes and types of trojan horses:
- Remote Access Trojans
- Data Sending Trojans
- Destructive Trojans
- Proxy Trojans
- FTP Trojans
- Security Software Disabler Trojans
- Denial-of-Service Attack (DOS) Trojans
While some trojans are not detected by antivirus programs, due to their limited distribution, many others will be detected by antivirus programs. Check out how antivirus software can detect and remove malware. But remember that particularly with trojan horses, your best defense is your own personal online conduct. Don't download files if you don't know what they are!
Resources
"Trojan Programs." Viruslist. Accessed April 15, 2007. <http://www.viruslist.com/en/virusesdescribed?chapter=152540521>
Webopedia. <http://www.webopedia.com/TERM/T/Trojan_horse.html>
Webopedia. <http://www.webopedia.com/TERM/R/Remote_Access_Trojan.html>
Webopedia. <http://www.webopedia.com/TERM/D/Data_Sending_Trojan.html>
Webopedia. <http://www.webopedia.com/TERM/D/Destructive_Trojan.html>
Webopedia. <http://www.webopedia.com/TERM/P/Proxy_Trojan.html>
Webopedia. <http://www.webopedia.com/TERM/F/FTP_Trojan.html>
Webopedia. <http://www.webopedia.com/TERM/S/security_software_disabler_Trojan.html>
Webopedia. <http://www.webopedia.com/TERM/D/DoS_attack.html>