Trojans are a subclass of Malware that work by binding a malicious application to a trusted application. Often, this leads to a backdoor into the victim's system, which can be used to steal information or remotely disable certain services or system features.
In class, we tested the use of Trojan malware by using the HTTP RAT (Remote Access Trojan) tool. The tool itself is simple - the application generates a new application via a straightforward user interface. One can configure the new application to also log data to your email address, allowing the hacker to gain better access into the victim's network. Once the new .exe is generated under a false name, it can be executed to run silently in the background, allowing access to the machine remotely by navigating to the machine's IP address in the browser. There, one can change, delete, or execute a multitude of programs, and can access system files with ease.
However, this attack can be prevented by maintaining access to the ports frequently hijacked by malicious programs. As such, Trojans should be relatively easy to avoid with anti-viral software and common sense.
No comments:
Post a Comment