Saturday, December 26, 2009

one on one with TROJAN

---TROJAN---

Malware attack is today's most...unwanted threat. One of most threat is TROJAN VIRUS.
Wikipedia page on Trojan
http://en.wikipedia.org/wiki/Trojan_horse_(computing).

Trojans are definitely one of the tools that “hackers” use.
There are hundreds of Trojans. To list them all would make
this manual extremely long. For definition purposes we’ll focus
on a couple.

Trojan allows a hacker Remote access into another computer that dangerous.
most famous Trojans
1- NET BUS
2- BACK ORIFICE
3- SUB SEVEN or (SUB7)
4- Pro RAT
5- BEAST
etc....

Sub Seven
The Sub Seven Trojan has many features and capabilities. It
is in my opinion by far the most advance Trojan I have seen.
Take a look at some of the features of Sub Seven.
• address book
• WWP Pager Retriever
• UIN2IP
• remote IP scanner
• host lookup
• get Windows CD-KEY
• update victim from URL
• ICQ takeover
• FTP root folder
• retrieve dial-up passwords along with phone numbers
and usernames
• port redirect
• IRC bot. for a list of commands
• File Manager bookmarks
• make folder, delete folder [empty or full]
• process manager
• text 2 speech
• Restart server
• Aol Instant Messenger Spy
• Yahoo Messenger Spy
• Microsoft Messenger Spy
• Retrieve list of ICQ uins and passwords
• Retrieve list of AIM users and passwords
• App Redirect
• Edit file
• Perform clicks on victim's desktop
• Set/Change Screen Saver settings [Scrolling Marquee]
• Restart Windows [see below]
• Ping server
• Compress/Decompress files before and after transfers
• The Matrix
• Ultra Fast IP scanner
• IP Tool [Resolve Host names/Ping IP addresses]



• Get victim's home info [not possible on all servers]:
- Address
- Bussiness name
- City
- Company
- Country
- Customer type
- E-Mail
- Real name
- State
- City code
- Country code
- Local Phone
- Zip code
And more…
mechanism of TROJAN VIRUS

Every Trojan utility have two part CLIENT and SERVER .
SERVER.exe is deploy to the victim side & CLIENT is use for the hacker that can control the server.exe .
with Trojan a hacker can
  • Destroy data
  • Theft data
  • Alter data
  • Theft Passwords
  • Criminal activities can occur
and more and more crime can do by Trojans.
in simple way Trojan is a utility that can use like a RAT(remote access tool) tools and can control another Computer with Administrator power without permission of the administrator.

Case 1

A Lady Reporter was working on an article about online relationships. during the course of her research she made a lot of online friends. one of these 'friends' managed to infect her computer with a Trojan virus.
Lady stayed in a small bedroom apartment and her computer was located in one corner of her bedroom. unknown to her, the Trojan would activate her web camera and microphone even when the internet was switched off. a year later she realized that hundreds of her pictures were posted on pornographic sites around the world.

Defence against trojan -
1. Use a good Antivirus program (Norton, Kaspersky,AVG) with letest updates.
2. Must Use a firewall (zone alarm , comodo security).
3. Operating system must updated.

Links on trojan
http://cybercrime.planetindia.net/trojans.htm
http://www.windowsecurity.com/trojanscan/
Posted by at

3 comments:

Subscribe to: Post Comments (Atom)