Thursday, August 14, 2014

A Guide to Trojan/Key Logger Attacks

A Trojan is a tool, which when installed on a system, can be misused for malicious purposes by the attacker. It is a program, which the attacker installs on the target system with the help of trickery or by inserting the malicious Trojan code into a ‘trusted’ normal tool or by having physical access to the target system. Trojans are malicious programs, which are capable of doing a lot of harm to the victim, if the attacker is skilled enough. Trojans have many harmful features attached to them, some of which are:


1.       Certain Trojans act as RAT’s or Remote Administration Tools and allow the attacker control and access over everything on the target system, from the CD Rom disc open and close function to access to the configuration files, from access to private data to practically everything else. Thus, the victim not only loses all control over his system, but also loses his privacy. Such a Trojan thus, provides the attacker access to the target system’s hard drive, to which he can upload and download absolutely everything.


2.       Certain Trojans also have inbuilt Key logger capabilities and are used to get a log of all characters typed and all movements made on the target system. Key-logger Trojans are programs, which record all keystrokes made by the user on that particular system in a predefined log file. Such Trojans also record the name of the window, in which the data was typed. They are programmed such that they email this log file, containing all the characters typed along with the window names, to a predefined email address using an external mail server at regular fixed interval of time, without the knowledge of the victim. Thus, attackers use such Trojans, to compromise company secrets, secret documents and private emails.


3.       Certain Trojans also have Password Stealing Capabilities and are commonly used to steal sensitive passwords. Password Stealing Trojans secretly email out the predefined password files and all the cached passwords, to a predefined email address, using an external mail server at fixed intervals of time, without the knowledge of the victim. Thus, the attacker is able to keep a track of all passwords of the target system, even when the victim changes his or her password.


4.       Certain Trojans are designed such that they run malicious commands and delete some or all of the sensitive information on the target system. Such Destructive Trojans are as dangerous as viruses and are intended to do nothing but create havoc on the target system.