Thursday, May 28, 2020

Trojan

Trojan was named after the fabled Trojan Horse of Troy.  If you remember, it was a deception, designed to get inside the walls of Troy, filled with soldiers.  A computer Trojan has the same behavior.  It is often disguised as legitimate software, which is why you should NEVER download software over the internet except from the vendor.  

Another way Trojans are propagated are email attachments.  What is even more insidious, if your friend doesn't practice good security, their account may have been hacked and the attachment will look like it comes from them.  BEWARE of all email attachments.  Confirm, verify and verify again that this is something you are expecting and from where it comes from.  There are trusted online tools you can use to confirm, such as VirusTotal.

 

Trojans are classified into the many ways they can mess up your day.  Here is a list from Kaspersky:

  • Backdoor  
    A backdoor Trojan gives malicious users remote control over the infected computer. They enable the author to do anything they wish on the infected computer – including sending, receiving, launching and deleting files, displaying data and rebooting the computer. Backdoor Trojans are often used to unite a group of victim computers to form a botnet or zombie network that can be used for criminal purposes.

  • Exploit  
    Exploits are programs that contain data or code that takes advantage of a vulnerability within application software that’s running on your computer.

  • Rootkit  
    Rootkits are designed to conceal certain objects or activities in your system. Often their main purpose is to prevent malicious programs being detected – in order to extend the period in which programs can run on an infected computer.

  • Trojan-Banker  
    Trojan-Banker programs are designed to steal your account data for online banking systems, e-payment systems and credit or debit cards.

  • Trojan-DDoS  
    These programs conduct DoS (Denial of Service) attacks against a targeted web address. By sending multiple requests – from your computer and several other infected computers – the attack can overwhelm the target address… leading to a denial of service.

  • Trojan-Downloader   
    Trojan-Downloaders can download and install new versions of malicious programs onto your computer – including Trojans and adware.

  • Trojan-Dropper   
    These programs are used by hackers in order to install Trojans and / or viruses – or to prevent the detection of malicious programs. Not all antivirus programs are capable of scanning all of the components inside this type of Trojan.

  • Trojan-FakeAV   
    Trojan-FakeAV programs simulate the activity of antivirus software. They are designed to extort money from you – in return for the detection and removal of threats… even though the threats that they report are actually non-existent.

  • Trojan-GameThief  
    This type of program steals user account information from online gamers.

  • Trojan-IM  
    Trojan-IM programs steal your logins and passwords for instant messaging programs – such as ICQ, MSN Messenger, AOL Instant Messenger, Yahoo Pager, Skype and many more.

  • Trojan-Ransom  
    This type of Trojan can modify data on your computer – so that your computer doesn’t run correctly or you can no longer use specific data. The criminal will only restore your computer’s performance or unblock your data, after you have paid them the ransom money that they demand.

  • Trojan-SMS  
    These programs can cost you money – by sending text messages from your mobile device to premium rate phone numbers.

  • Trojan-Spy   
    Trojan-Spy programs can spy on how you’re using your computer – for example, by tracking the data you enter via your keyboard, taking screen shots or getting a list of running applications.

  • Trojan-Mailfinder  
    These programs can harvest email addresses from your computer.

So what can you do if you suspect you have a computer Trojan?  Start out the same as you did for a computer virus - install and/or update your antivirus and run a full scan.  I also recommend you download Malwarebytes and run an additional thorough scan with that program.   They have a free, 14 day trial for the premium version.  Contact BSCANS if you have additional concerns or questions.