Trojan those. What are trojans and how to protect yourself from them

Good afternoon friends. I recently wrote an article "". In this article, we will take a closer look at one of these viruses, namely the Trojan virus.

The computer age is developing very rapidly, various technologies are developing that make life easier for a person. We are increasingly making payments not in cash, but with a plastic card or with an electronic wallet. Of course, such wallets and cards have their own pincodes and passwords.

And now imagine a case, you go to a supermarket, shop there for a decent amount, go to the checkout to pay, insert your plastic card, and there are no funds on it. What's the matter? And the trojan virus is to blame!

So what are Trojan viruses, what are they? In short, I can say that a Trojan virus is a malicious program that prefers to disguise itself as any of the existing programs. You download such a program, and the computer becomes infected. Quite often, Trojan viruses consist of only a few lines.

How did the Trojan virus get its name?

I think you know that the Trojan virus is named after the famous horse from Homer's famous poem "Troy". Where the Greeks, in order to take this magnificent city, showed cunning, and created a gigantic horse from wood. This horse housed a detachment of Greeks led by Odysseus.

In the morning, the Trojans got up, saw a huge horse, decided that the goddess had given it to them, and with great difficulty dragged it into their city. Thus, signing the verdict to the city. At night, the Athenians got out of the horse, killed the guards and opened the gates. Thus, the fate of the city was sealed.

How Trojan viruses are introduced into a computer

The situation is similar with the Trojan virus. They get on the PC only when you enter them yourself. That is, they cannot carry out a DOSS attack on your computer or website, where the antivirus will have to actively resist. As I already mentioned, they pretend to be various programs, maybe even an antivirus. And what is most interesting, such programs can even behave like the originals, and perform their direct functions until they show their viral essence at a certain time.

You download a similar antivirus, from this antivirus a landing of various pests is landed, and the computer will fall into the power of a trojan.

How safe do you think surfing the Internet is for your personal information? After all, the more a person transfers his daily activities, whether it is communication, work, study or entertainment to the virtual space, the more personal information you have to trust the Internet. And the personal financial or mental state depends on it. In this article, I will touch upon such a dangerous factor on the Internet associated with identity theft as Trojans or, simply speaking, Trojans.

The purpose of these little network monsters is to quietly penetrate the user's system and monitor his actions or scan computer files for data on passwords to various services, as well as steal information about credit cards and electronic wallets. There are also such Trojans that give their owners full control over the infected machine, which allows them to act almost imperceptibly on the network on behalf of the user himself. For example, you can carry out various financial operations to withdraw and transfer money from accounts owned by the user. Let's take a closer look at what Trojans are and how you can protect yourself from them.

Two main types of Trojans

This type of trojans presents themselves as ordinary client-server applications. The server, control part of the malicious program is injected onto the victim's computer. Such a module, usually small in size, opens a network port on the user's system for free access to a hacker. Thus, a certain passage appears, through which, subsequently, the attacker, without unnecessary difficulties, will get into the user's system. But the hacker still needs to learn about the discovery of this loophole. To do this, he usually launches a scanner program that will ring a certain number of network addresses and report on those where entry into the system will be possible as a result of a successful Trojan infection (that is, ports opened by the Trojan in the system will be found). It is also possible that, if successfully introduced, the Trojans themselves inform the host about the infected computer and its address on the Internet. However, in this case, the risk of detecting a Trojan also increases.

In any case, it is enough for an attacker to run the second part of the program, called the client, which will connect to the server program on the victim's computer and transfer control of the system directly into the hands of the hacker. Here, depending on the functionality of the Trojan program, in the user's system it will be possible to do everything that he himself can afford.

An equally dangerous type of Trojan spyware is called mailers. They differ from backdoors in greater independence and secrecy. Mailers do not open loopholes in the system, they themselves collect information about the data in which their owner is interested, for example, about various passwords. These types of Trojans can silently and incrementally scan your system looking for the information they need, or they can simply follow all the user's actions, such as keystrokes on the keyboard at certain times.

At the end of the data collection, all information will be sent to a resource on the network owned by the hacker. Usually, the good old e-mail serves as such a resource, hence the name of this type of Trojans - mailers, from the word mail or mail, which means mail.

How do trojans infiltrate a user's computer

One of the most effective techniques today is to inject malicious code into rare or expensive software products and present them to the user as a free download gift. Most often, hackers like to hide their viruses in those information resources, free access to which is usually limited for one reason or another. This also applies to websites with catalogs of free programs, which are usually very expensive on the shelves. No need to try to look for free access to those products that are officially distributed only for commercial purposes. By providing free downloads of such products, scammers lure many gullible lovers of free cheese into their networks.

I must say that you can catch a Trojan on the net even when you are completely idle on the Internet. Just the fact that at this moment your system has an active Internet connection is enough. The malicious code itself can find its way to the unlucky user's system through the so-called holes that it can find in it. In this case, holes can be considered errors in the operating system and software products running in it, thanks to which a hacker can independently launch a Torjan or any other malicious program to infect the system. But this is already a question of what rules you will be guided by when building information and technical protection of your data.

How to protect yourself from Trojans

I hasten to inform you that not everything is as gloomy as it might seem at first glance. By following the basic security rules when connecting to the network and surfing the Internet, you can greatly reduce the risk of infection on your system. There is no reason for attackers to purposefully hunt specifically for your secret data, they have enough of those users who, by their disregard for information security, fall into their traps. Here is a list of information security recommendations that should guide anyone who interacts with the Internet or other networks and wants to protect their data and their system from Trojans and other malware.

1. Install and periodically update your antivirus.

Now almost all antiviruses support daily updates in automatic mode, while others are also able to update their software modules when new versions are released. After installation, be sure to check the settings for automatic updates. Nothing should interfere with the program when downloading updated virus databases from the network. Once a week, it is advisable to conduct a full scan of the entire system for viruses. Good commercial antiviruses are very successful at dealing with any Trojans.

2. Keep your firewall always on.

Of course, the standard Windows firewall is better than nothing at all, but ideally I recommend installing a third-party firewall with the function of notifying you about attempts by a particular program to send data over the Internet.

3. Update your operating system.

Outdated operating system modules are tidbits for all types of viruses, including Trojans. Operating system developers are constantly improving their protection and updating their modules to provide better protection against network infection. It will be much safer if your operating system is set to update automatically. If for some reason you are unable to use a commercially licensed version of the operating system and have to work under an illegal copy of it, you endanger yourself, due to the fact that such a system cannot be updated qualitatively. In this case, I recommend that you learn the basics of working in any free Linux-like system and switch to it.

4. Update your software with new versions.

This is especially true for programs that, one way or another, interact with the Internet. First of all, it downloads browsers, email programs, down-layers and engines for playing Flash videos. In most cases, all these programs are configured to automatically notify the user about the appearance of new versions, and some can make such updates on their own in stealth mode. But keep in mind that the offers of software updates that you can see on various sites do not need to be accepted at all. The fact is that such update messages can be easily faked on a hacked web resource. A user inexperienced in such matters may simply not notice the forgery and launch the virus attached to it along with the update. However, it would be completely stupid to refuse updates, so if you are not sure about the source offering the new version, it is better to go to the official website of the desired program and download the update from there.

5. Only use software from trusted sources.

These are the official websites of developers or large, well-established software portals. Before launching a new program, be sure to scan it with an antivirus. I have already stated my opinion about hacked programs above.

6. Never go to questionable websites.

This is especially true of sites whose links promise tempting offers like “Free adult entertainment”, “free commercial programs”, “you've never seen anything like this” and the like. If you want to surf the Internet aimlessly, use links from large Internet directories or you can use my trusted one.

7. Addresses of sites where your account with valuable information is stored is better enter manually.

In view of the widespread use of phishing methods of stealing information, the user runs the risk of clicking on a link to go to an exact copy of a fake site and transfer his password to attackers. With a well-executed phishing attack, the user will not even know about it. Train your memory and use the manual method of entering the most important addresses in the address bar of your browser.

8. Don't use the same passwords for different services.

Ideally, I recommend periodically changing passwords on Internet resources that are especially important to you. When registering for a new service that requires you to specify an email address, never use a password similar to the password from the specified email account, if it is at least something dear to you. If there are a lot of passwords, you can use specialized password storage programs or write them down in a separate paper notebook.

9. Do not work under an administrative account in the operating system.

Remember that once a Trojan enters your system, it can only do what is allowed by the rules of the current account. If the administrator account is active at this moment, the virus code will be able to intercept all resources available in the system in order to work most fruitfully and hide from antiviruses. Naturally, the administrative account must have a strong password.

That's actually all fairly simple rules, following which you are unlikely to encounter such a phenomenon on the Internet as trojans. For those users who suspect the presence of viruses in their system, including Trojans, I suggest that you read the article,

Today on the World Wide Web you can find so many underwater reefs in the form of viruses that you can’t count them. Naturally, all threats are classified according to the method of penetration into the system, the harm done and the methods of removal. Unfortunately, one of the most dangerous is the Trojan virus (or Trojan). What is this threat, we will try to consider. In the end, we will also figure out how to safely remove this muck from a computer or mobile device.

"Trojan" - what is it?

Trojan viruses are a self-copying type with their own executable codes or embedded in other applications that pose a fairly serious threat to any computer or mobile system.

For the most part, Windows and Android systems are most affected. Until recently, it was believed that such viruses have no effect on UNIX-like operating systems. However, just a few weeks ago, Apple's mobile gadgets were also attacked by a virus. It is believed that the Trojan is the threat. What is this virus, we will now see.

analogy with history

Comparison with historical events is not accidental. And before we figure it out, let's turn to the immortal work of Homer's "Iliad", which describes the capture of recalcitrant Troy. As you know, it was impossible to enter the city in the usual way or take it by storm, therefore it was decided to give the inhabitants a huge horse as a sign of reconciliation.

As it turned out, there were soldiers inside it, who opened the city gates, after which Troy fell. The Trojan program behaves in the same way. The saddest thing is that such viruses do not spread spontaneously, like some other threats, but purposefully.

How the threat enters the system

The most common way that is used to penetrate a computer or mobile system is to disguise itself as some kind of user-friendly or even standard program. In some cases, a virus may embed its own codes into existing applications (most often these are system services or user programs).

Finally, malicious codes can infiltrate computers and networks in the form of graphics or even HTML documents, either as email attachments or copied from removable media.

With all this, if the code is embedded in a standard application, it can still partially perform its functions, while the virus itself is activated when the corresponding service is started. Worse, when the service is in autoload and starts with the system.

Consequences of exposure

With regard to the impact of the virus, it may partially cause system failures or interruption of Internet access. But this is not his main goal. The main task of the Trojan is to steal confidential data for the purpose of their use by third parties.

Here you will find pin codes for bank cards, and logins with passwords for accessing certain Internet resources, and state registration data (numbers and personal identification numbers, etc.), in general, everything that is not subject to disclosure, according to the opinion of the owner of the computer or mobile device (of course, provided that such data is stored there).

Alas, when such information is stolen, it is impossible to predict how it will be used in the future. On the other hand, you should not be surprised if one day they call you from some bank and say that you have a loan debt, or if all the money disappears from your bank card. And that's just the flowers.

on Windows

Now let's move on to the most important thing: how to do it is not as easy as some naive users believe. Of course, in some cases, you can find and neutralize the body of the virus, but since, as mentioned above, it is able to create its own copies, and not just one or two, finding and removing them can be a real headache. At the same time, neither the firewall nor the standard anti-virus protection, if the virus has already been passed through and infiltrated into the system, will not help.

In this case, it is recommended to remove the Trojan with the help of portable anti-virus utilities, and in the event of a seizure of RAM, with special programs that are loaded before starting the OS from an optical media (disk) or USB device.

Among portable applications, it is worth noting products like Dr. Web Cure It and Kaspersky Virus Removal Tool. Of the disk programs, Kaspersky Rescue Disc is the most functional. It goes without saying that their use is not a dogma. Today, such software can be found anywhere.

How to remove a trojan from Android

As for Android systems, things are not so simple. Portable applications for them are not created. In principle, as an option, you can try to connect the device to a computer and scan the internal and external memory with a computer utility. But if you look at the other side of the coin, where is the guarantee that the virus will not penetrate the computer when connected?

In such a situation, the problem of how to remove a Trojan from Android is solved by installing the appropriate software, for example, from the Google Market. Of course, there are so many things here that you just get lost in guessing what to choose.

But most experts and specialists in the field of data protection are inclined to think that the 360 ​​Security application is the best, which can not only detect threats of almost all known types, but also provide comprehensive protection for a mobile device in the future. It goes without saying that it will constantly hang in RAM, creating an additional load, but, you see, security is still more important.

What else is worth paying attention to

So we figured out the topic "Trojan - what is this type of virus?". Separately, I would like to draw the attention of users of all systems, without exception, to a few more points. First of all, before opening email attachments, always scan them with an antivirus. When installing programs, carefully read the suggestions for installing additional components such as add-ons or panels for the browser (the virus can be disguised there as well). Do not visit suspicious sites if you see an antivirus system warning. Do not use the simplest free antiviruses (it is better to install the same Eset Smart Security package and activate with free keys every 30 days). Finally, store passwords, pin codes, bank card numbers, and generally everything in encrypted form exclusively on removable media. Only in this case can one be at least partially sure that they will not be stolen or, even worse, used for malicious purposes.

If you work on your computer regularly, then you may be aware of the Trojan horse virus itself and its effect on your computer. This is a virus that attaches itself to certain files and programs that can be downloaded from the Internet. You think that you are installing useful software, but in fact this virus does just the opposite, thereby creating many problems for your computer. The main feature of this virus is that as soon as it gets on your computer, it starts destroying files secretly.

Trojan horse features

The main difference from a computer virus is that a Trojan horse is not specifically designed to spread. This virus is able to steal information from the user and harm the system files of the computer. To combat this insidious Trojan, you can install the appropriate antivirus software for your system. However, Anti-Virus is not always effective against a Trojan horse, so in this case there is only one way out of this problem - you need to remove the Trojan manually.

Steps to manually remove a Trojan that you should follow

There are a few easy steps you can follow to remove Trojan manually. They include:

• Identify Trojan: Once you have found an infected file, you just need to delete it. Typically, your system will give you DLL errors that are associated with a Trojan attack. You can copy the text of the error and find out about the infected exe file on the Internet.
• Use the system restore function: If you forget this step, it will be easier to restore files that were deleted by mistake.
• Restart your computer: After restarting, press the F8 key and choose Safe Mode to start your computer.
• Start, then Add or Remove Programs: You will find this in the control panel, and then remove the programs affected by the Trojan horse.
• Removing infected programs: To remove all program files, you must remove them from the Windows System folder.

After you have done the following steps, you should reboot your system normally.

Other ways to remove the virus manually

• Show hidden folders from a folder
• Then reboot your system in safe mode
• Then you need to stop the processes associated with the Trojan
• However, in order to complete these steps, you must edit your system registry.

IMPORTANT POINTS: To move infected files from the registry, you must find the file in the right folder. Next, when you find the folder, you must remove the DLL and exe files related to Trojan, and then, finally, delete the value itself. You should also check autoload
and find which programs are loaded automatically when the system boots. This method is suitable for those who have some knowledge about registry editing.

Otherwise, you will have to use modern

At night, they got out of the Horse and opened the gates to the main forces of the anti-Trojan army. Most Trojans work in a similar way - they disguise themselves as harmless or useful programs in order for the user to run them on their computer. It is believed that this term was first used in the context of computer security in his report "Computer Security Technology Planning Study" by Daniel Edwards, an employee of the NSA.

Trojans are the simplest type of malware, the complexity of which depends solely on the complexity of the true task and the means of disguise. The most primitive "trojans" (for example, erasing the contents of the disk at startup) can have a source code of several lines.

Trojan examples: Back Orifice , Pinch , TDL-4 , Trojan.Winlock .

Spreading

Trojans are distributed by humans, both by being directly downloaded into computer systems by malicious insiders, and by inducing users to download and/or run them on their systems.

To achieve the latter, trojans are placed by attackers on open or indexed resources (file servers and file sharing systems), storage media, are sent using messaging services (for example, e-mail), enter the computer through security gaps, or are downloaded by the user himself from addresses received in one of the following ways.

Sometimes the use of Trojans is only part of a planned multi-stage attack on certain computers, networks or resources (including others).

Disguise

A Trojan horse can imitate the name and icon of an existing, non-existent, or simply attractive program, component, or data file (such as a picture), either to run by the user or to mask its presence on the system.

A Trojan program can to some extent imitate or even fully perform the task it is disguised as (in the latter case, the malicious code is embedded by an attacker into an existing program).

Removal Methods

In general, Trojans are detected and removed by antivirus and antispyware software in the same way as other malware.

Trojans are worse detected by antivirus contextual methods (based on searching for known programs), because their distribution is better controlled, and copies of programs get to the antivirus industry specialists with a longer delay than spontaneously distributed malware. However, heuristic (search for algorithms) and proactive (tracking) methods are just as effective for them.

see also

Notes

Links

• Trojan Definition Kaspersky Lab

Wikimedia Foundation. 2010 .

See what "Trojan" is in other dictionaries:

This term has other meanings, see Zeus (meanings). ZeuS (or ZBot) is a Trojan that appeared in 2007 and is designed to steal passwords from payment systems and then steal money. Damage ... ... Wikipedia

- (in the jargon of anti-virus services "malware", English malware, malicious software "malicious software") any software designed to gain unauthorized access to computing ... ... Wikipedia

- (antivirus) any program for detecting computer viruses, as well as unwanted (considered malicious) programs in general, and for restoring files infected (modified) by such programs, as well as for prevention ... ... Wikipedia Wikipedia

Computer slang is a type of slang used both by a professional group of IT professionals and other computer users. History The emergence of terms Rapid growth since the second half of the 20th century of computer technology, and, in ... ... Wikipedia

Computer slang is a type of slang used both by a professional group of IT professionals and other computer users. History The emergence of terms Rapid growth since the second half of the 20th century of computer technology, and, in ... ... Wikipedia