Introduction
The Remote Administration Trojans, also known as RATs are the most popular type of Trojans today. This type of Trojan allows the creator or who ever is using it to gain access to victims are there and perform many functions on their computer. These RATs are very easy to use, coming in a package of two files a server file and a client file. If you can get a chance to run the server file, resulting in obtaining his/her IP address, you will gain full control over their computer. These Trojans can also be bind into other programs which seem to be justifiable.
Remote Administration Trojans in a general sense open a port on your computer and themselves to it. What they are really doing is making the server file listen to incoming connections and data come through these ports. Once some one runs their clime program and enters the victims IP address, the Trojan starts receiving commands from the attacker and runs them on the victim's computer.
The most common non-viral malware which acts as a virus and infects information is said to be a Trojan horse. The Trojan horse bears the name of some standard program.
A Trojan horse could be either:
1. An unauthorized instruction contained with in a legitimate program. These instructions perform functions unknown to the user.
2. A legitimate program that has been altered by the placement of unauthorized instructions within it.
3. Any program that appears to perform a desirable and function but that (because of unauthorized instructions with in it) performs functions unknown to the user.
These all instructions are unwanted to the user.
Under a restricted environment, (a restricted UNIX shell or a restricted Windows computer) malicious Trojans can't do much, since they are restricted in their actions. But on an ordinary PC, Trojans can be lethal and quite destructive.
Most windows Trojans hide from the Alt+Ctrl+Del menu. (We haven't seen any program that had the ability to hide itself from the processes list yet, but you can know-one day some one might discover a way to do so.) This is bad because there are people who use the task list to see which process are running .There are programs that will tell us exactly what process are running on your computer.
Also some Trojans might simply open an FTP server on your computer (usually NOT PORT 21, the default FTP port, in order to be less noticeable). The FTP server is, of course passworded, or has a password which the attacker has determined, and allows the attacker to download, upload and execute files quickly and easily.
Posted by
Unknown
Custom Search
0 comments:
Post a Comment