Definition / Description
A ‘Trojan’ is a type of
malware. A Trojan may be in the form of a program or file, and its mode of
delivery is designed by deceiving a user by posing as an application. A Trojan’s
entire identity rests on praying on a user by baiting them into clicking an
application and consequently opening the Trojan.
An important characteristic
of a Trojan is that the application it they are often designed after may be a masterfully
convincing representation of a safe and recognizable application that the user
Methods of infection
Unlike worms or
viruses, the Trojan is does not self-replicate. A Trojan infects a by copying
itself onto a compromised system.
This is done several
ways as Trojans rely on manual distribution under the guise of what the user
expected. These distribution methods include but are not limited to peer-to-peer
networks, website/blog postings, spim, drive by downloads, chat room links, and
most notoriously spam.
Drive by downloads are
particularly dangerous. This is a type of Trojan which some may debate that
occurs when a user simply opens a trusted website that has been the victim of
exploitation and ergo the Trojan infects the user simply by opening the webpage.
Trojans may appear in a
something you download from web or even from your school, work, or a trusted
friend. A Trojan when may appear to be an attachment or a download in the in
the forms of (but not limited to) an .exe, .jpg file, or a .doc file.
When a Trojan is installed
onto a computer, it then executes the malicious code. It should be noted that some
Trojans even have been written to appear as if they are doing whatever it is
the user opened them to do, however, the Trojan is in fact triggering malicious
The purposes behind
which the authors program Trojans vary. The vast range of a Trojan attacks
include but are not limited to: DDOS / DOS, stealing files and data, disarming back
doors and security features, and distributing a payload malware.
It should be noted that
the potential for identity theft is particularly high if a Trojan steals your
files and data.
The following is a general list for user to apply in
any environment to mitigate the risk of a Trojan infection.
Turn off file sharing
Turn off or remove applications
services or programs.
Do not open or execute
files from unknown sources.
Check and update antivirus
Use a firewall.
Update patch levels.
Turn off Bluetooth.
a password policy.
Removal A Trojan
Removing a Trojan from your
system once identified may be done in a few ways. Below I will identify a few. One
way users may remove some Trojans from their system is by using a removal tool.
If a user happens to have
an infected OS system file they would need to replace the file using the
original OS installation CD.
Often a Trojan will
perform tasks which then make modifications to the system registry which then may
take a tool on the overall health of the system. It may be necessary to edit
the registry and delete sub keys and entries created by the functions of the Trojan
and return any altered keys to their preexisting values.