Learn everything about Trojans, Viruses and Worms
Some of the skills that hackers have are programming and computer networking skills. They often use these skills to gain access to systems. The objective of targeting an organization would be to steal sensitive data, disrupt business operations or physically damage computer controlled equipment. Trojans, viruses and worms can be used to achieve the above stated objectives.
In this article, we will introduce you to some of the ways that hackers can use Trojans, viruses and worms to compromise a computer system. We will also look at the counter measures that can be used to protect against such activities.
Topics covered in this tutorial
A Trojan horse is a program that allows the attack to control the user’s computer from a remote location. The program is usually disguised as something that is useful to the user. Once the user has installed the program, it has the ability to install malicious payloads, create backdoors, install other unwanted applications that can be used to compromise the user’s computer etc.
The list below shows some of the activities that the attacker can perform using a Trojan horse.
- Use the user’s computer as part of the Botnet when performing distributed denial of service attacks.
- Damage the user’s computer (crashing, blue screen of death etc.)
- Stealing sensitive datasuch as stored passwords, credit card information etc.
- Modifying fileson the user’s computer
- Electronic money theftby performing unauthorized money transfer transactions
- Log all the keysthat a user presses on the keyboard and sending the data to the attacker. This method is used to harvest user ids, passwords and other sensitive data.
- Viewing the users’screenshot
- Downloading browsing history data
A worm is a malicious computer program that replicates itself usually over a computer network. An attacker may use a worm to accomplish the following tasks;
- Install backdoors on the victim’s computers. The created backdoor may be used to create zombie computers that are used to send spam emails, perform distributed denial of service attacks etc. the backdoors can also be exploited by other malware.
- Worms may also slowdown the network by consuming the bandwidth as they replicate.
- Install harmful payload code carried within the worm.
- A virus is a computer program that attaches itself to legitimate programs and files without the user’s consent. Viruses can consume computer resources such as memory and CPU time. The attacked programs and files are said to be “infected”. A computer virus may be used to;
- Access private data such as user id and passwords
- Display annoying messages to the user
- Corrupt data in your computer
- Log the user’s keystrokes
Computer viruses have been known to employ social engineering techniques. These techniques involve deceiving the users to open the files which appear to be normal files such as word or excel documents. Once the file is opened, the virus code is executed and does what it’s intended to do.
- In order to protect against such attacks, an organization can use the following methods.
- A policy that prohibits users to download unnecessary files from the internet such as spam email attachments, games, programs that claim to speed up downloads etc.
- Anti-virus software must be installed on all user computers. The anti-virus software should be updated frequently and scans must be performed at specified time intervals.
- Scan external storage devices on an isolated machine especially those that originate from outside the organization.
- Regular backups of critical data must be made and stored on preferably read only media such as CDs and DVDs.
- Worms exploit vulnerabilities in the operating systems. Downloading operating system updates can help reduce the infection and replication of worms.
- Worms can also be avoided by scanning all email attachments before downloading them.