Trojan Horse 10-02-2012, 11:13 AM
#1
Most of you will probably say "I know what a Trojan is, I know how to setup Darkcomet and forward my ports, and I can control my victims..." However, did you know that there are Trojans that can make your victims proxies? Do you know what a VNC Trojan is?
What a Trojan horse (computing) is:
A type of malware that masquerades as a legitimate file or helpful program, quite possibly with the purpose of granting a hacker unauthorized access to a computer. After a victim is infected with a Trojan horse, an attacker can gain full access to their machine.
The difference between Trojans and viruses:
Trojans do not attempt to inject themselves into other files like a computer virus. Trojan horses may steal information, or harm their host computer systems.
The purpose of Trojan horse - a Trojan can :
More about Trojans - It is possible for hackers to scan computers on a network using a scanner in the hope of finding one with a malicious Trojan horse installed, which the hacker can then use to control the target computer.
How Trojans Work
![[Image: scaled.php?server=141&filename=trojl.jpg&res=landing]](http://desmond.imageshack.us/Himg141/scaled.php?server=141&filename=trojl.jpg&res=landing)
Command Shell Trojans
Command shell Trojans give the attacker remote control via a command shell.
Netcat
![[Image: netcat11142951965578.JPG]](http://www.windowsecurity.com/img/upl/netcat11142951965578.JPG)
E-mail Trojans
E-mail Trojans give the attacker remote control of a victim's machine by sending e-mail.
RemoteByMail
![[Image: RemoteByMail.png]](http://cdn.ilovefreesoftware.com/wp-content/uploads/2009/10/RemoteByMail.png)
Botnet Trojans
Botnet Trojans are a network of infected computers(bots). They can be use for email spamming, DDoS attacks, Fast flux, and stealing financial information. Bots can also be used for Bitcoin mining without admin authorization.
Netbot attacker
![[Image: c0047066_477c278563688.jpg]](http://pds7.egloos.com/pds/200801/03/66/c0047066_477c278563688.jpg)
Spyeye
![[Image: 20101014_spyeye2.gif]](http://blog.trendmicro.com/trendlabs-security-intelligence/files/2010/10/20101014_spyeye2.gif)
Proxy Trojans
Proxy Trojans allow attackers to use the victim's machine as a proxy and set up a hidden proxy server on the victim's machine.
W3bPrOxy Tr0j4n Cr34t0r
![[Image: images?q=tbn:ANd9GcTboILYXVXUiDq4pj03Ncn...UGhaNHrY1F]](http://t0.gstatic.com/images?q=tbn:ANd9GcTboILYXVXUiDq4pj03Ncna3-O9gGmEFbjMcDNRvCKqmcqO16UGhaNHrY1F)
VNC Trojans
VNC Trojans allow attackers to use the victim's computer as a VNC server. These Trojans won't be detected from anti-viruses after they are run, because VNC Server is a legitimate program.
WinVNC
![[Image: scaled.php?server=708&filename=troj2.jpg&res=landing]](http://desmond.imageshack.us/Himg708/scaled.php?server=708&filename=troj2.jpg&res=landing)
HTTP Trojans
HTTP Trojans bypass firewalls and they use port 80. You don't need to forward ports because they use web-based interfaces.
Vertexnet loader
![[Image: sdqs.PNG]](http://3.bp.blogspot.com/-58ErTjXIw0s/TdJRyAqqvkI/AAAAAAAABRE/x0obvShWDt4/s1600/sdqs.PNG)
Remote Access Trojans
Everybody knows what Remote Access Trojan (RAT) are. These Trojans allow attacker to use the victim's machine with administrator privileges.
Cybergate
![[Image: cybergate.png]](http://www.f-secure.com/weblog/archives/cybergate.png)
There are many other types of Trojans that I haven't written about. I didn't write how to use each Trojan, so I recommend using Google to find tutorials. My post is only a general overview. If you have any questions, let me know.
Please comment, let me what you think about the tutorial, and what you think I should add/change so my next tutorial can be better.
What a Trojan horse (computing) is:
A type of malware that masquerades as a legitimate file or helpful program, quite possibly with the purpose of granting a hacker unauthorized access to a computer. After a victim is infected with a Trojan horse, an attacker can gain full access to their machine.
The difference between Trojans and viruses:
Trojans do not attempt to inject themselves into other files like a computer virus. Trojan horses may steal information, or harm their host computer systems.
The purpose of Trojan horse - a Trojan can :
- Be used as part of a botnet (spam, DDoSing, etc...)
- Log keystrokes
- Crash the computer
- Allow the uploading or downloading of files to/from the victim's computer
- Allow modification or deletion of files
- Be used for electronic money theft
- Be used for data theft (retrieving passwords, credit card information, etc...)
- Install other malware
- Start a VNC server on the victim's machine
- Capture webcam & microphone activity
- Destroy the OS as well as local & network drivers
- Use victim's computer as a proxy
- And much more...
More about Trojans - It is possible for hackers to scan computers on a network using a scanner in the hope of finding one with a malicious Trojan horse installed, which the hacker can then use to control the target computer.
Quote:Trojan-type malware is on the rise, accounting for 83-percent of the global malware detected in the world.- Bitdefender 2009
Quote:Distribution of Trojans on to compromised computers occurs in a variety of ways. From email attachments and links to instant messages, drive-by downloads and being dropped by other malicious software. Once installed on the compromised computer, the Trojan begins to perform the predetermined actions that it was designed for.- Symantec 2012
Quote:The affects of a Trojan virus can vary; some Trojans are simply a nuisance and do mischief like changing your desktop icons or changing other visual features. Other Trojans are designed to destroy computer files, folders and programs.- Kaspersky Labs
Quote:Five million new pieces of malware found in Q3 2011- Pandalabs
How Trojans Work
Command Shell Trojans
Command shell Trojans give the attacker remote control via a command shell.
Netcat
E-mail Trojans
E-mail Trojans give the attacker remote control of a victim's machine by sending e-mail.
RemoteByMail
Botnet Trojans
Botnet Trojans are a network of infected computers(bots). They can be use for email spamming, DDoS attacks, Fast flux, and stealing financial information. Bots can also be used for Bitcoin mining without admin authorization.
Netbot attacker
Spyeye
Proxy Trojans
Proxy Trojans allow attackers to use the victim's machine as a proxy and set up a hidden proxy server on the victim's machine.
W3bPrOxy Tr0j4n Cr34t0r
VNC Trojans
VNC Trojans allow attackers to use the victim's computer as a VNC server. These Trojans won't be detected from anti-viruses after they are run, because VNC Server is a legitimate program.
WinVNC
HTTP Trojans
HTTP Trojans bypass firewalls and they use port 80. You don't need to forward ports because they use web-based interfaces.
Vertexnet loader
Remote Access Trojans
Everybody knows what Remote Access Trojan (RAT) are. These Trojans allow attacker to use the victim's machine with administrator privileges.
Cybergate
There are many other types of Trojans that I haven't written about. I didn't write how to use each Trojan, so I recommend using Google to find tutorials. My post is only a general overview. If you have any questions, let me know.
Please comment, let me what you think about the tutorial, and what you think I should add/change so my next tutorial can be better.
(This post was last modified: 10-02-2012, 09:52 PM by Dismas.)
![[+]](https://sinister.ly/images/modern/collapse_collapsed.png)
![[Image: attachment-0001.png]](http://mail.python.org/pipermail/pythonmac-sig/attachments/20060321/9f67b59a/attachment-0001.png)
![[Image: fSEZXPs.png]](https://i.imgur.com/fSEZXPs.png)
![[Image: L7n9m.png]](http://i.imgur.com/L7n9m.png)
![[Image: bAMEI93.jpg]](http://i.imgur.com/bAMEI93.jpg)