180 likes | 332 Views
Trojan Horse Program. Presented by : Lori Agrawal. Agenda. What is Trojan Horse program? Who are the targets? How it gets spread? Impact of Trojan Horse Attack Control of hackers over files Ways to avoid this attack. Continue:. Detection of attack
E N D
Trojan Horse Program Presented by : Lori Agrawal
Agenda • What is Trojan Horse program? • Who are the targets? • How it gets spread? • Impact of Trojan Horse Attack • Control of hackers over files • Ways to avoid this attack
Continue: • Detection of attack • How to remove Trojan from system • Example: SubSeven • Capabilities of SubSeven Program • Parts of SubSeven • A real Trojan Horse Threat • Conclusion
What is Trojan Horse Program? • Trojan Horse is one of the today’s most serious threat to computer security. • A malicious security-breaking program disguised as something benign. • A executable program • Once infected, it is controlled totally by a hacker.
Who are the most targets? • The home computers • Reasons • Private Content • Availability • Defendless status
How it gets spread? • Email attachments • Sending files in chat rooms • Infected computer can attack other computer
Impact of Trojan Horse Attack • Complete access to victim’s system • Delete and alter files • Access to Administrator privileges • Other computer get infected • An infected computer can be targeted by any user.
Control of hackers over files • Alter user’s private documents such as bank statement, credit card statement, password file, mortgage payments files. • Access files remotely as they own it • Access of chat history
Ways to avoid this attack • Don’t download from unknown source • Need to be aware of hidden extension • Don’t use automatically get file feature • Don’t type a command or go to web site told by a stranger • Remove unnecessary services and file shares
Detection of attack • Hard to detect whether a computer is infected or not • Not listed under process list of ALT+Ctrl+Delete key • To detect, one can scan his computer for open port
How to remove Trojan from system • By getting clean re-installation • Anti-Trojan Software
Example: SubSeven • Trojan Horse program that attacks computer running on Window 9.x platform. • More popular than other types as it provides more options.
What SubSeven can do? • It can restarts Windows of Victim’s computer. • It can record sound files from microphone used on victim’s machine. • It can record video images from a video camera attached to the victim’s computer. • It can change desktop color, wallpaper and turn on and off the victim’s monitor. • It can open and close CD-ROM drive. • It can capture screen shots of user’s currently activity. • A new version of SubSeven also allow hackers to know whether a victim is presently online, a manager feature that can abort a program running on victim’s machine.
Part of SubSeven: • SubSeven Server: Must run on victim’s computer. • Client Program: Used by hacker on his machine to connect to server(Victim’s computer). • Server Editor: An interface to Hacker to choose option how to get information from victim’s computer.
A real Trojan Horse Threat • Targets were customer of Paypal’s online service • Spread using sending emails containing subject line “PAYPAL.COM NEW YEAR OFFER” • Emails contained information about payment discount • Create a fake Paypal web site and ask for credit card info.
Conclusion • Serious network security problem • Once infected, computer is totally controlled by hacker. • Hard to detect whether a computer is infected or not. • Hard to recover.