Learn all about Trojans, Viruses and Worms

8) Trojans, viruses and worms

 Some of the skills that hackers possess are programming and computer networking skills. They often use these skills to gain access to systems. The goal of an organization is to steal sensitive data, disrupt business operations, or physically damage computer-controlled equipment. Trojans, viruses and worms can be used to achieve the above goals .

In this article, we will introduce you to some of the ways hackers use trojans, viruses and worms to compromise a computer system. We will also look at countermeasures that can be used to protect against such activities.

Topics covered in this tutorial

• What is a Trojan?
• What is a worm?
• What is a virus?
• Trojans, viruses and worms

What is a Trojan Horse?

A Trojan horse is a program that allows an attack to control a user's computer from a remote location . The program is usually disguised as something useful to the user. After the user has installed the program, he can install malicious payloads, create backdoors, install other unwanted applications that can be used to compromise the user's computer, etc.
The list below shows some of the actions that an attacker can take using a Trojan horse.
◇ Use the user's computer as part of a botnet in distributed denial of service attacks.
◇ Damage to the user's computer (crash, blue screen of death, etc.)
Stealing sensitive data such as stored passwords, credit card information, etc.
Modifying files on the user's computer
Theft of electronic money when making unauthorized money transfer operations
Register all the keys that the user presses on the keyboard and sends data to the attacker. This method is used to collect user IDs, passwords and other sensitive data.
◇ Viewing a screenshot of a user
◇ Loading browsing history data

What is a worm?

A worm is a malicious computer program that usually replicates on a computer network . An attacker can use the worm to perform the following tasks;
Install backdoors on victim computers . The created backdoor can be used to create zombie computers, which are used to send spam emails, perform distributed denial-of-service attacks, etc. Backdoors can also be exploited by other malware.
◇ Worms can also slow down the network by wasting replication bandwidth .
◇ Install the malicious payload code carried inside the worm.

What is a virus?

◇ A virus is a computer program that attaches itself to legitimate programs and files without the user's consent . Viruses can consume computer resources such as memory and processor time. The attacked programs and files are considered to be "infected". A computer virus can be used for;
◇ Access to personal data such as user ID and passwords
◇ Display annoying messages to the user
◇ Corrupted data on your computer
◇ User keystroke log

Computer viruses are known to use 

social engineering techniques

. These techniques involve tricking users into opening files that look like regular files, such as Word or Excel documents. As soon as the file is opened, the viral code is executed and does what it is intended to do.

Measures against Trojans, Viruses and Worms                     

◇ An organization can use the following methods to defend against such attacks.
◇ A policy that prohibits users from downloading unnecessary files from the Internet, such as spam attachments, games, programs that claim to speed up downloads, etc.
◇ Antivirus software must be installed on all users' computers. Antivirus software should be updated frequently and scans should be performed at regular intervals.
◇ Scan external storage devices on an isolated machine, especially those originating from outside the organization.
◇ Regular backups of critical data should be performed and stored on preferably read-only media such as CDs and DVDs.
◇ Worms exploit vulnerabilities in operating systems. Downloading operating system updates can help reduce worm infection and replication.
◇ Worms can also be avoided by scanning all email attachments before downloading them.

Table of Trojans, Viruses and Worms

DefinitionA malicious program used to control a victim's computer from a remote location.Self-replicating program that attaches to other programs and filesIllegal programs that usually copy themselves over the network
goalSteal confidential data, spy on the victim's computer, etc.Malfunction of the computer, damage to user data, etc.Install backdoors on the victim's computer, slow down the user's network, etc.
CountermeasuresUse of antivirus software, updates for operating systems, security policies when using the Internet and external media, etc.

Previous Post Next Post