|
Trojan horseFrom Wikipedia, the free encyclopedia.
In the computer world, a Trojan horse
is a malicious computer program which pretends to have some innocent purpose but,
when run, has an entirely different effect - one which the programmer (or the
packager, distributor, or advertiser) intended and the user didn't expect. The
term is derived from the classical myth of the Trojan Horse.
A Trojan
horse differs from a virus in that it is a stand-alone program; the Trojan does
not attach to another program. It differs from a worm in that it does not move
from one computer to another on its own. A person must transfer it intentionally,
such as by email or by posting it to a download area.
A simple example
of a Trojan horse is a program named "SEXY.EXE" that is posted with a promise
of "hot pix"; but, when run, it erases all the files it can find and displays
the message "arf, arf, I got you!".
On the Microsoft Windows platform,
an attacker might attach a Trojan with an innocent-looking filename to an email
message which entices the recipient into opening the file. The Trojan itself is
typically a Windows executable program file, usually with a filename extension
such as .exe, .scr, .bat, or .pif to let Windows know that it can be executed.
Since Windows is configured by default to hide filename extensions from a user,
the Trojan horse's extension might be "masked" by giving it a name such as 'Readme.txt.exe'
so that the user only sees 'Readme.txt' and thinks it is a harmless text file.
When the recipient double-clicks on the attachment, the Trojan might really do
what the user expects it to do (like, opening a text file), so as to keep him
unaware of its true intentions; meanwhile, however, it secretly modifies or deletes
files, changes the configuration of his computer, or even uses his computer as
a base from which to attack his or other networks. For example, trojans are often
used to set up networks of zombie computers from which DDoS attacks can be launched,
or which can be used to send spam.
Spyware is another form of Trojan horse which is becoming
much more common. Spyware is software which pretends to have some innocent purpose,
but when a user downloads it and runs it, it changes the home page in his web
browser and sets itself up so that it can track a user as he browses the web.
Similarly, trojans may be used to phish for bank account details.
To
protect yourself from Trojan horses, do not open attachments that you didn't expect
to receive, especially if you don't recognize the sender's address. Even if you
expected the attachment, scan it with updated antivirus software before opening
it. Do not download files from file-sharing services such as Kazaa or Gnutella,
because file-sharing services are known to be used to help Trojans spread.
Some Trojans do not infect other programs and are usually easily deleted, but
others are much more dangerous. The MyDoom epidemic in early 2004 was spread by
using Trojan-horse attachments in email with a terse message saying that the attachment
could not be delivered, making users curious to open it and see what it was. (MyDoom
is technically a worm, since it spreads itself to other computers by sending infected
email attachments, but it depends on users double-clicking on the attachments
to actually infect their computers.)
An early Trojan horse was the 1975
ANIMAL program, a game to identify an animal but which also spread itself to other
users on UNIVAC Exec 8 computers.
| |
|
|
|
BluePink 
