Skip to main content

Learn everything about Trojans, Viruses, and Worms

Worm, Virus & Trojan Horse: Ethical Hacking Tutorial

Some of the skills that hackers have are programming and computer networking skills. They often use these skills to gain access to systems. The objective of targeting an organization would be to steal sensitive data, disrupt business operations or physically damage computer controlled equipment. Trojans, viruses, and worms can be used to achieve the above-stated objectives.
In this article, we will introduce you to some of the ways that hackers can use Trojans, viruses, and worms to compromise a computer system. We will also look at the countermeasures that can be used to protect against such activities.

What is a Trojan horse?

A Trojan horse is a program that allows the attack to control the user’s computer from a remote location. The program is usually disguised as something that is useful to the user. Once the user has installed the program, it has the ability to install malicious payloads, create backdoors, install other unwanted applications that can be used to compromise the user’s computer, etc.
The list below shows some of the activities that the attacker can perform using a Trojan horse.
  • Use the user’s computer as part of the Botnet when performing distributed denial of service attacks.
  • Damage the user’s computer (crashing, blue screen of death, etc.)
  • Stealing sensitive data such as stored passwords, credit card information, etc.
  • Modifying files on the user’s computer
  • Electronic money theft by performing unauthorized money transfer transactions
  • Log all the keys that a user presses on the keyboard and sending the data to the attacker. This method is used to harvest user ids, passwords, and other sensitive data.
  • Viewing the users’ screenshot
  • Downloading browsing history data

What is a worm?



A worm is a malicious computer program that replicates itself usually over a computer network. An attacker may use a worm to accomplish the following tasks;
  • Install backdoors on the victim’s computers.  The created backdoor may be used to create zombie computers that are used to send spam emails, perform distributed denial of service attacks, etc. the backdoors can also be exploited by other malware.
  • Worms may also slowdown the network by consuming the bandwidth as they replicate.
  • Install harmful payload code carried within the worm.

What is a Virus?

           Learn everything about Trojans, Viruses and Worms
  • A virus is a computer program that attaches itself to legitimate programs and files without the user’s consent. Viruses can consume computer resources such as memory and CPU time. The attacked programs and files are said to be “infected”. A computer virus may be used to;
  • Access private data such as user id and passwords
  • Display annoying messages to the user
  • Corrupt data in your computer
  • Log the user’s keystrokes
Computer viruses have been known to employ social engineering techniques. These techniques involve deceiving the users to open the files which appear to be normal files such as Word or Excel documents. Once the file is opened, the virus code is executed and does what it’s intended to do.

Trojans, Viruses, and Worms counter measures

                                         Learn everything about Trojans, Viruses and Worms
  • To protect against such attacks, an organization can use the following methods.
  • A policy that prohibits users from downloading unnecessary files from the Internet such as spam email attachments, games, programs that claim to speed up downloads, etc.
  • Anti-virus software must be installed on all user computers. The anti-virus software should be updated frequently, and scans must be performed at specified time intervals.
  • Scan external storage devices on an isolated machine especially those that originate from outside the organization.
  • Regular backups of critical data must be made and stored on preferably read-only media such as CDs and DVDs.
  • Worms exploit vulnerabilities in the operating systems. Downloading operating system updates can help reduce the infection and replication of worms.
  • Worms can also be avoided by scanning, all email attachments before downloading them.

Trojan, Virus, and Worm Differential Table

TrojanVirusWorm
DefinitionMalicious program used to control a victim’s computer from a remote location.Self replicating program that attaches itself to other programs and filesIllegitimate programs that replicate themselves usually over the network
PurposeSteal sensitive data, spy on the victim’s computer, etc.Disrupt normal computer usage, corrupt user data, etc.Install backdoors on victim’s computer, slow down the user’s network, etc.
Counter MeasuresUse of anti-virus software, update patches for operating systems, security policy on usage of the internet and external storage media, etc.
Location: Guna, Madhya Pradesh, India

Comments

Post a Comment

Popular posts from this blog

Top 20 Tools for Ethical hacking in 2020

What are Hacking Tools? Hacking Tools are computer programs and scripts that help you find and exploit weaknesses in computer systems, web applications, servers and networks. There is a variety of such tools available on the market. Some of them are open source while others are commercial solution. In this list we highlight the top 20 tools for Ethical Hacking of web applications, servers and networks 1)  Netsparker Netsparker  is an easy to use web application security scanner that can automatically find SQL Injection, XSS and other vulnerabilities in your web applications and web services. It is available as on-premises and SAAS solution. Features Dead accurate vulnerability detection with the unique Proof-Based Scanning Technology. Minimal configuration required. Scanner automatically detects URL rewrite rules, custom 404 error pages. REST API for seamless integration with the SDLC, bug tracking systems etc. Fully scalable solution. Scan 1,000 web application...
Post a Comment
Read more

CompTIA Certification Guide: Career Paths & Study Material

CompTIA Certification Guide: Career Paths & Study Material What is CompTIA Certification? CompTIA certifications  course are considered one of the most trusted credentials in the IT industry as it accurately reflects employee success. CompTIA engages international focus groups and IT leaders from around the world that define various certification programs and helps you to create CompTIA certification exams. How to start a career with CompTIA certifications? If you are looking to start an IT career with a renowned certification, which has global recognition and ready-for acceptance by the employers, then CompTIA certification is the best way to start. This certification helps you to build critical thinking and problem-solving abilities, which is imperative in the modern enterprise network. The certification programs come in easy-to-learn ways to suit your time and convenience. You could take up a self-study or instruction-based learning. It is also meant for stu...
Post a Comment
Read more

Kali Linux Tutorial: What is, Install, Utilize Metasploit and Nmap

Kali Linux Tutorial: What is, Install, Utilize Metasploit and Nmap What is Kali Linux? Kali Linux is a Security Distribution of Linux specifically designed for digital forensics and penetration testing. It was developed by Mati Aharoni and Devon Kearns of Offensive Security through the rewrite of BackTrack. BackTrack was their previous information security Operating System. The first iteration of Kali Linux was Kali 1.0.0 was introduced in March 2013. Offensive Security currently funds and supports Kalin Linux. If you were to visit Kali's website today ( www.kali.org ), you would see a large banner stating, "Our Most Advanced Penetration Testing Distribution, Ever." A very bold statement that ironically has yet to be disproven. Kali Linux has over 600 preinstalled penetration-testing applications to discover. Each program with its unique flexibility and use case. Kali Linux does excellent job separating these useful utilities into the following categories: In...
Post a Comment
Read more