The Trojan horse actually derives its name from the story of the Greeks and the city of Troy where it so happened that the Greeks one time tricked the residents of Troy into bringing a large wooden horse into the city walls and once inside, a group of men came out of the belly of the horse and opened the gates for the rest of the Greek army to enter and then destroy the city of Troy. With that background, a Trojan horse is, therefore, one of the most dangerous malware, as it can remain in one’s system for a long period, months or even years undetected while disguised as legitimate software.
In today’s world, a Trojan horse means using a trick that gets someone to download and install malware on a system. Trojans have affected businesses around the globe and can cause a great deal of damage as they can destroy data, send financial information, and monitor computer activity. A payload is delivered at a predefined time by the hacker and once connected to a network, the attacker can take control of the system. Trojans can also be used to turn your computer into a zombie, allowing the hacker to use your computer and Internet connection to launch cyberattacks around the world.
An attacker usually tricks a victim into downloading something seemingly harmless but containing a malicious program which gets into a victim’s computer undetected and allows the attacker to access a system. To shed more light on this, we shall take a look at a certain company in which Mr. Snowball, a procurement officer, receives a phishing email and is subsequently tricked into downloading a “new offer” update on his computer.
The hacker who has successfully phished Snowball created the new offer trojan with the intention that, once the victim executes it, it calls back and offers a reverse shell on the target system.
Snowball happens to run the trojan and inasmuch as nothing is visually noticed, a reverse TCP shell is created on his Windows system back to the attacker using a meterpreter session in Kali Linux. On obtaining a session, the hacker is bound to carry out a number of harmful activities ranging from password cracking, data theft, or even crashing the computer.
How may you know you have a Trojan?
- A webpage might appear mysteriously.
- Pop-ups cover the screen.
- Your PC is noticeably slower than before.
- An unusual toolbar appears on your computer or browser.
- Slow browsing.
- Change of computer system settings without your knowledge.
Defense tips against Trojans
The best way of defending against Trojans is to avoid infection, and you can therefore take these measures:
- Use caution when opening emails with attachments. Before opening or risking getting into a Trojan, contact the sender directly and ask if they sent you a file.
- Before using removable devices, run a malware scan. It is thus recommended to install antivirus software or a Trojan remover which should be kept up to date. You should similarly heed to antimalware alerts against risky websites.
- Keep software and operating systems updated. Hackers exploit known security holes in browsers and operating systems that can help the Trojan do its work, and even if the vendor patches the holes, it won’t do you any good unless you maintain the latest version of your software.
- Set up a firewall to enable a secure Internet connection. Software and hardware firewalls control malicious Internet traffic, and will often stop Trojans from downloading to your computer.
- When downloading software, make sure that you trust the source and contents of the file. You can also unhide hidden file extensions.
- On a download page that lists the hash value of a file, use the hash value to ensure that the file was not altered.
- Have User Access Control to prompt the user for a password when a certain program requires administrator-level permission.
Over time, it has been noticed that people are the weakest link in enforcing security and in that respect, Summit Consulting Ltd brings you a Cyber Security Awareness Training course at your premises to bring forth awareness on the various forms of cybercrime and attack schemes that could be executed on your network, alongside the defensive measures.
Join Summit Consulting Ltd in partnership with IFIS on our annual cyber-security awareness and risk management conference, which is scheduled to take place from the 16th – 18th October 2019. You need to get sensitized about all forms of fraudulent practices that can render your company insecure, followed by recommended remedies against those practices.