What is a Trojan Horse in Computer Networks and how to protect yourself from it?

A Trojan Horse is a computer program that is attached to a genuine program / gets disguised as a genuine program to install a back-door to the user computer (enabling the attacker to take control of it) when the user runs this program. They can be found in updates, free softwares and even pirated MP3/Videos that you download from the Internet. In this article, let us look a little deeper into a Trojan Horse, how it works and what steps one can take to prevent them.

What is a Trojan Horse?

The name comes from an ancient Greek war story. The Greeks were facing a particular enemy who were proving increasingly difficult to defeat in an open war. So, they made peace with them and offered a large wooden horse as a token of their peace initiative. But inside this large wooden horse, the Greek army men were hiding and they come out of the horse at the appropirate moment to break open the enemy fortification from inside. This enabled the Greeks to get inside their enemy territory and capture them, when they were least expecting it.

Someone liked this story very much and named this computer security threat as Trojan Horse because it does pretty much the same thing. The program disguises itself as a genuine program or attaches itself to a genuine program, tricks the users to download and install it in their computers/ servers and then takes control of the system through the back-door opened by the Trojan Horse.

So, a Trojan Horse is a program that looks useful on the surface but hides some malicious functionality. Further, it tries to blend in with the normal processes of a system and disguises itself as a genuine program, to prevent the user from un-installing it.

If a Trojan Horse is installed in a system, an attacker can go up to the level of executing arbitrary commands on the system / remote controlling the system.

How do Trojan Horse programs get into user systems?

Trojan Horse programs are mostly pushed into unsuspecting user systems by infecting web distribution programs like software updates, software installation services, OS updates, games and free applications that are frequently downloaded by a large number of users. The attacker infects the web servers where they are hosted so that all the users downloading them would be infected in-turn. This is one reason why you should be wary of downloading and installing free software programs like games and applications.

Trojans can even be combined with genuine programs or placed into genuine programs (sometimes it takes just a few lines of code). Another way of pushing them to users is to develop a free software (with a Trojan horse) and promise that it provides a lot of applications / offers a lot of excitement and luring the users to download it from the Internet.

If a website offers a free download of pirated movies / pirated music or pirated applications (or license keys), there is a good chance that they make the users to click on a link that first downloads a Trojan Horse into the users systems before offering any downloads.

How to prevent Trojan Horse programs from infecting systems?

  • Trojan horse programs/applications can be detected and eliminated by using good Anti-Virus softwares.
  • By having proper update policy (through the right channels) in companies and not allowing users to download / update software programs by themselves.
  • Administrators could download multiple copies of the same software/application from various mirrors and check each of them using a common hashing algorithm to make sure that all of them are similar and none of them have any extra code embedded into them.
  • By checking the digital certificates available with certain software distribution sites, for the authenticity of their code.
  • By preventing the users from accessing unwanted sites like pornography, pirated movies/ music, games, hacking sites, etc using a good content filtering system.
  • By frequently patching the web-browsers/ OS with latest security updates.

excITingIP.com

You could stay up to date on the various computer networking / enterprise IT technologies by subscribing to this blog with your email address in the sidebar box that says, ‘Get email updates when new articles are published’