[Security] Year of the Trojan horse : 2002

[Reply] [View by Thread] [Help]
[Back To Article Discussion Forum]

View and vote on the article here: Year of the Trojan horse : 2002

Year of the Trojan horse : 2002

Category

Security

Summary

Feb. 12, marks the beginning of the Chinese New Year -- the Year of the Black Horse. If 2001 was the Year of the Worm, then based on a hunch and some early reports, Robert Vamosi, Associate Editor of ZDNet Reviews predicts that 2002 will be the Year of th

Body

What's the difference between a Trojan horse, a worm, and a virus? A virus is malicious code specific to an application like Microsoft Word or Excel. A worm is malicious code that moves from computer to computer, often carrying a virus. A worm can also carry a Trojan horse, which, like its Greek namesake, is a program that looks like one thing but does something else.

The Classic Example of a Trojan horse is the e-mail attachment that plays "Happy Birthday" on your desktop while secretly broadcasting your password log-in over the Internet. Lately we've seen some very sophisticated Trojan horses that grab your password and run--without your knowledge.

Two reasons he thinks Trojan horses will take off in 2002: boredom and ease. Script kiddies are bored with hacking government sites. Besides, it's too hard. Why hack a Unix or Solaris system hiding behind a firewall or Intrusion Detection Systems (IDS), when there are thousands of home users running Windows without protection?

Plus, it's easy to find a port to target. The Simovits Consulting site offers a detailed list of ports currently being exploited by known Trojans. New Trojans that are able to log all your keystrokes or lay the groundwork for a distributed denial-of-service attack are just a click away--I found Trojan-creation programs available on several script kiddie sites.

Worms are still the most popular way for Trojans to spread. Users of Windows NT, 2000, and XP recently discovered that the MyParty worm carried the Msstask Trojan, which allowed their PCs to be controlled remotely via the Internet.

The recent BadTrans.B worm also carried a Trojan. The original BadTrans dropped a Trojan named Keylog, which attempts to send details about your operating system and personal passwords back to the Trojan author.

The revised version, BadTrans.B, released in late November, took advantage of a well-known Internet Explorer vulnerability that automatically opens e-mail attachments, so it spread quickly to thousands of computers worldwide. Unfortunately, it also carried a revised Trojan named PWS.Hooker, which records every key you type, and the application you typed it in. It stores this information in encrypted form before sending it to a variety of addresses. According to the Register, the FBI contacted one recipient of the PWS.Hooker Trojan e-mails, the ISP MonkeyBrains, and said it would very much like to see the contents of those log files.

Robert expects the FBI will also take part in the Year of the Trojan. For surveillance purposes, the FBI is studying its own worm/Trojan combination. Last December, he wrote how the U.S. Department of Justice might use the Patriot Act to justify a government-authored Trojan horse called Magic Lantern. In a December Senate hearing, Attorney General John Ashcroft declined to comment on the existence of Magic Lantern.

Worms aren't the only way Trojan horses spread. Last month, the popular file-sharing programs Grokster and LimeWire were thought to carry a Trojan called W32.DIDer, which copies user ID names and Internet addresses from the computers it infects. The companies that make Grokster and LimeWire quickly changed their software to eliminate the spread of the Trojan. Yet the incident shows that you can't be too careful online these days.

That's why he recommends using a firewall, any firewall. Norton and McAfee bundle firewall products with their basic Internet security products. There's also Zone Alarm,BlackICE, Tiny, and many others. Any of these products should warn you if data tries to leave your computer without your knowledge (for example, when you're not surfing the Web). They'll get you ready for the Year of the Horse.

This article was imported from zZine. (original author: ismail)

There are no replies to this post yet.

Guest:
Subject:
Message:	On 2007-04-29 10:01:46, System wrote >View and vote on the article here: [url=/library/article?id=1393]Year of the Trojan horse : 2002[/url]<br/><br/><hr width="90%"/><center><h3>Year of the Trojan horse : 2002</h3></center><table width="100%"><tr><td valign="top">[b]Category[/b]</td><td width="100%"><center><table border="1" cellpadding="3" cellspacing="0" style="border-collapse: collapse" bordercolor="#000000" width="95%" bgcolor="#364C7D"><tr><td width="100%">Security</td></tr></table></center></td></tr><tr><td valign="top">[b]Summary[/b]</td><td width="100%"><center><table border="1" cellpadding="3" cellspacing="0" style="border-collapse: collapse" bordercolor="#000000" width="95%" bgcolor="#364C7D"><tr><td width="100%">Feb. 12, marks the beginning of the Chinese New Year -- the Year of the Black Horse. If 2001 was the Year of the Worm, then based on a hunch and some early reports, Robert Vamosi, Associate Editor of ZDNet Reviews predicts that 2002 will be the Year of th</td></tr></table></center></td></tr><tr><td valign="top">[b]Body[/b]</td><td width="100%"><center><table border="1" cellpadding="3" cellspacing="0" style="border-collapse: collapse" bordercolor="#000000" width="95%" bgcolor="#364C7D"><tr><td width="100%">What's the difference between a Trojan horse, a worm, and a virus? A virus is malicious code specific to an application like Microsoft Word or Excel. A worm is malicious code that moves from computer to computer, often carrying a virus. A worm can also carry a Trojan horse, which, like its Greek namesake, is a program that looks like one thing but does something else. > > > > > > > > > >The Classic Example of a Trojan horse is the e-mail attachment that plays "Happy Birthday" on your desktop while secretly broadcasting your password log-in over the Internet. Lately we've seen some very sophisticated Trojan horses that grab your password and run--without your knowledge. > > > > > > > > > > > > > > >Two reasons he thinks Trojan horses will take off in 2002: boredom and ease. Script kiddies are bored with hacking government sites. Besides, it's too hard. Why hack a Unix or Solaris system hiding behind a firewall or Intrusion Detection Systems (IDS), when there are thousands of home users running Windows without protection? > > > > > > > > > >Plus, it's easy to find a port to target. The Simovits Consulting site offers a detailed list of ports currently being exploited by known Trojans. New Trojans that are able to log all your keystrokes or lay the groundwork for a distributed denial-of-service attack are just a click away--I found Trojan-creation programs available on several script kiddie sites. > > > > > > > > > >Worms are still the most popular way for Trojans to spread. Users of Windows NT, 2000, and XP recently discovered that the MyParty worm carried the Msstask Trojan, which allowed their PCs to be controlled remotely via the Internet. > > > > > > > > > >The recent BadTrans.B worm also carried a Trojan. The original BadTrans dropped a Trojan named Keylog, which attempts to send details about your operating system and personal passwords back to the Trojan author. > > > > > > > > > >The revised version, BadTrans.B, released in late November, took advantage of a well-known Internet Explorer vulnerability that automatically opens e-mail attachments, so it spread quickly to thousands of computers worldwide. Unfortunately, it also carried a revised Trojan named PWS.Hooker, which records every key you type, and the application you typed it in. It stores this information in encrypted form before sending it to a variety of addresses. According to the Register, the FBI contacted one recipient of the PWS.Hooker Trojan e-mails, the ISP MonkeyBrains, and said it would very much like to see the contents of those log files. > > > > > > > > > >Robert expects the FBI will also take part in the Year of the Trojan. For surveillance purposes, the FBI is studying its own worm/Trojan combination. Last December, he wrote how the U.S. Department of Justice might use the Patriot Act to justify a government-authored Trojan horse called Magic Lantern. In a December Senate hearing, Attorney General John Ashcroft declined to comment on the existence of Magic Lantern. > > > > > > > > > >Worms aren't the only way Trojan horses spread. Last month, the popular file-sharing programs Grokster and LimeWire were thought to carry a Trojan called W32.DIDer, which copies user ID names and Internet addresses from the computers it infects. The companies that make Grokster and LimeWire quickly changed their software to eliminate the spread of the Trojan. Yet the incident shows that you can't be too careful online these days. > > > > > > > > > >That's why he recommends using a firewall, any firewall. Norton and McAfee bundle firewall products with their basic Internet security products. There's also Zone Alarm,BlackICE, Tiny, and many others. Any of these products should warn you if data tries to leave your computer without your knowledge (for example, when you're not surfing the Web). They'll get you ready for the Year of the Horse. </td></tr></table></center></td></tr></table><br/><br/>This article was imported from [url=http://www.zzine.org]zZine[/url]. <small>(original author: ismail)</small>
Signature:
Optional Image Link:
http://

CyberArmy::Forum v0.6
Generated In 0.00496 seconds