As almost every Internet user knows the Trojan horse is a computer malware that is concealed in the programs or applications supposed to perform useful functions but in fact these install a malicious code or a script into your PC. Trojans can save their files on the user's computers and enable their creators to watch user's screen and control the computer. Trojans can take screen shots of everything on your screen and search the machine for credit-card numbers, Social Security numbers, resumes - anything that could be used in identity theft. Today's Trojans can even download software updates from their criminal masters.
As this malware is hidden into the should-be-harmless software any user may easily and unwittingly download it. Thus we decided to list here 10 most common "methods" for you to get infected with a Trojan horse.
1. Instant messengers
Instant messengers are those means of communication with our friends, colleagues and relatives that we use every day and we practically do not imagine our routine without them. Knowing this cyber criminals try to spread their malicious applications through instant messengers like AOL AIM, ICQ, Yahoo Messenger and Google Talk.
In this case the malware is spread through the links sent to contacts of the messenger. According to the researchers from Symantec malicious URL in a message can appear not just as a random pop up, it may appear to people who are already talking to each other. A fake message with the link to malicious sites can come to you from the source you know, from the person on your contact list, but actually it may turn out that this very person didn't send you anything to click on.
When your ICQ is on you may receive a message like this: "Hi, it's me. I'm writing to you from another address. Come to me tonight, I will be alone. By the way, here are my new photos" and below you will see a link to a malicious site.
2. Porn sites
Porn sites are usually controlled by unknown sources whose activity online is illegal and is hard to trace. As long as a human being is that we always want to know something forbidden an unwary person can be easily tricked into visiting the site full of malicious links. Usually Trojans are offered to an Internet user in the guise of a player download or a codec update. They say that if you want to watch a certain piece of porn video you need to install the latest version of a player or a video codec. Then if you fall for the bait and click the malicious link you are surely to install a malware Trojan onto your PC.
3. Pharmacy sites
Illicit pharmacy destinations offering drugs to help you lose your weight, increase sexual potency and build muscles are abundant today on the web. Such sites may also be connected to porn portals which try to force you to install malicious codecs or updates. Any link or button on the site where you want to buy much desired drug may turn a dismal experience for you after you learn that your computer was infected and orchestrators behind this attack stole your personal information.
4. Fake anti-virus software
Sometimes when you surf on the Internet and occasionally press to the links which direct you to some unknown sites with numerous pop up advertisements you may be offered to install the latest anti-virus application that will help you scan your system and get rid of malware detected on your PC. Not all these fake anti-virus applications are offered for free. It may turn out that on the site where you came you may be notified that there is a very malicious virus detected on your PC and you should immediately download their latest anti-virus software which is the only thinkable tool to remove this virus. In order to use this anti-virus software you need to pay at times as much as $50 which is, by the way, much more expensive than legal protection applications. Thus, they achieve two goals if you were successfully deceived - they have your money now and they install their malware on your PC which will let them earn more of your money later when they successfully steal your sensitive data through their Trojan.
5. USB storage devices
In December last year it was reported that Commonwealth Security and Risk Management staff was reviewing multiple reports of newly purchased Universal Serial Bus (USB) storage devices containing malicious software. USB storage devices are being contaminated with malicious software prior to delivery to the customer (i.e.. Somewhere during the time period of manufacturing through distribution). The types of USB storage devices containing malicious software include USB flash/thumb drives, USB portable hard drives, USB digital photo frames, USB flash based MP3 players, and USB memory cards. The malicious software installed on the USB storage device could be virus or Trojan applications that may allow a malicious individual to steal information from the computer or expose the computer to additional malicious software.
6. Financial sites
While hackers today successfully compromise whole payment or banking websites they may also use some bypass ways that does not require hijacking the sites themselves. For instance, last year there was an intrusion of the payment site's Registrar account at Network Solutions. The intruder changed where the website would resolve to and instead of customers logging into the real location they were handing their credentials to a server in the Ukraine which attempted to deploy malware on the visitor's computer.
7. Email
Unsolicited commercial email or spam is in most cases a source of malicious applications developed to steal your personal financial information or ruin your system. It was recently detected that some Trojans were created to steal your login information you use when playing MMOG games. Usually such method looks this way. You have an email sent from unknown sources which offers you to try their Viagra or read their job proposal they attached in the Word file. As soon as you click to the link the message proposed to you for more details or open an attached document your PC gets infected with malware.
However, recent data shows that cyber crooks now use more sophisticated tools to attack their victims. During the past few years hackers have been using targeted attacks. In a targeted malware attack, the attacker profiles his victim and sends an e-mail using the recipient's name, title, and perhaps references to his job function. The message's content is typically something that the recipient would expect to receive via e-mail.
8. Pirated PC applications
We cannot deny the fact that many of us like using the software for which we need not pay. But the fact is that most of the useful applications we need are not free ware products and we should pay for any of them if we want to get a licensed copy. As soon as there is a demand for cracked copies there is an offer. The latest offer of pirated PC software was about Windows 7.
In early May many media sites reported that users who downloaded pirated copies of Windows 7 Release Candidate (RC) on file-sharing sites said that these OSs contained malware. Some of the pirated builds included a Trojan horse, numerous users said in message forums and in comments on BitTorrent sites such as Mininova.org.
"Just a warning for anyone downloading the new RC builds of windows 7. Quiet [sic] a lot of the downloads have a trojan inbedded [sic] in the setup EXE," said someone identified as Frank Fontaine on a Neowin.net discussion thread. "The Setup EXE is actually a container, it appears to be a self-extracting EXE. There are 2 files inside, Setup.exe and codec.exe."
Fontaine's antivirus software identified the "codec.exe" file as a generic Trojan.
9. Fake search engine results
As we already reported in our journal today there is a growing trend of injecting bogus results to the search engine response to your query. Among the true links to the legitimate sites that contain the information you are looking for there may be numerous addresses that will direct you to the malicious sites where the cyber crooks will try to install their pernicious malware applications.
10. Unpatched PC software
Hackers often attack websites putting malicious links to a great number of servers. Such attackers are most likely using compromised accounts on the Web sites or launching what's known as a SQL injection attack, where hackers trick the Web site's software into inadvertently running malicious commands. The criminals add a line of JavaScript code onto the hacked sites that redirects victims to the special servers. Such a server can launch a variety of attacks, targeting known flaws in Firefox, Internet Explorer, Adobe's Flash Player and ActiveX.
A year ago Symantec's Patrick Jungles, talking about newly revealed vulnerabilities in ActiveX that were exploited by cyber crooks, reported that visitors to compromised Web sites are redirected by a rogue IFRAME to a malicious site serving the package. The attack pack tests the victim's PC for each ActiveX control, detects whether a vulnerable version of a control is installed, then launches an attack when it finds one.
If the exploit framework succeeds in compromising a PC, the hackers drop a Trojan on the machine that turns it into a spam-spewing zombie; the Trojan includes a rootkit component to mask the malware from anti-virus scanners.
Conclusion
Well, certainly there are situations when it is not our fault that the malicious code penetrated to our PC system. Sometimes it is almost impossible to evade infection as it is the case when a legitimate website was hijacked and it is the legal destination who infects your PC with the malware. But in most cases it is our curiosity, carelessness and desire to have some freebie that makes us victims of perpetrators who successfully play on our human weaknesses rather than on the flaws in our PCs.
Subscribe to Ecommerce Journal RSS feed
Share this story
What are these?