Good Saturday morning everybody! It is a beautiful summer day here in Chi Town, nice and warm. My kind of weather. In yesterday’s blog post, I had written about a banking malware that came with it three attack vectors, one of them being a Trojan Horse. As I was thinking about this morning, although I have loosely explained what a Trojan Horse, I have not really gotten into the technical details of it.
There is more to it obviously, so today’s blog will address that further. So, here we go:
Although Trojan Horses have been around for a long time (in fact, they are deemed to be one of the oldest forms of Malware), the approaches taken to infect your computer or wireless device by the Cyber attacker has become much more sophisticated.
For instance, the techniques of Social Engineering are now used to deploy a Trojan Horse on your computer in different forms. But the common denominator is that the Cyber attacker is attempting to invoke a state of fear in your mind, or trying to make you feel good. A good example of this is the good ‘ole fashion E-Mail attachment.
The Cyber attacker will send you an E-Mail from a stolen identity in your contact list. This will make it look to you that it is coming from somebody you know and trust. Therefore, you open up the attachment, and voila, the Trojan Horse is activated and spreads itself on your computer.
However, keep in mind that this is far different from a Phishing attack. With this, you are directed to a phony website in an attempt to submit your username and password. With the Trojan Horse, nine out of ten times you just click on a link in order to activate it.
Another tool that the Cyber attacker has in order to trick you to download a Trojan Horse is known as the “Drive By Download.”
With this, you are tricked to go to a phony website, which contains the Trojan Horse .exe file in the source code of the website. So even by visiting a website your computer can be infected. Scary!!!
For those that are involved in video production or editing, another common way to get a Trojan Horse is through the use of a “Video Codec”. To those whom are novice to video making, it stands for Coder/Decoder.
It compresses video for storage and decompresses it for playback and editing. In this regard, the end user could be tricked to download or even update a malicious software file, which contains the actual Trojan Horse.
In technical terms, there are three types of Trojan Horses, which can be broken into the following:
- The Backdoor Trojan:
This is considered to be the stealthiest kind. With it, a Cyber attacker can gain remote access to your computer or wireless device, via a trapdoor unbeknownst to you, after the Trojan Horse has installed itself.
- The Downloader Trojan:
These are the most common types of Trojan Horses, as they can be downloaded very easily. This is the type which is illustrated in our previous examples.
- The Infostealing Trojans:
This is deemed to be the most dangerous type of Trojan Horse. After it has deployed itself, it will covertly steal your financial or banking information, to be used in later Identity Theft attacks.
Hope you enjoyed reading this, in tomorrow’s post, we will examine in closer detail more about malware. It is not just a piece of malicious code, and just like the Trojan Horse, there is a lot that goes on with it as well.