Saturday, November 26, 2005

Today’s Trojan Horses

Trojan horses are nothing new. In fact, many of the famous “viruses” you hear about actually might be Trojan horses. Although people often refer to all malware as viruses, there are distinct differences between a true virus and Trojan horse. A virus typically attaches to data files and copies itself when you launch the designated program; whereas a Trojan horse disguises itself as a useful program, and multiplying generally isn’t part of its mission. For example, you might activate a virus by opening an infected Microsoft Word file, but you will only activate a Trojan horse by launching an actual Trojan horse masquerading as a cool application.
Many of today’s Trojan horses are an exception because they arrive bundled with another type of malware, the combination of which many experts refer to as blended threats. For instance, if a Trojan horse and a virus work as a team, when a user opens a virus-infected file, the now-activated virus could launch the Trojan horse automatically. For more information about viruses, see “Self-Replicating Code Viruses”.
A sophisticated Trojan horse also might team up with a worm, which could copy and send the Trojan horse from one system to the next, from user to user, using a network or the Internet.
For more information about worms, see “Worms Are True Parasites”.
In each of these examples, the Trojan horse is part of a blended threat, which generates much discussion and concern nowadays. For more information about blended threats, see “Blended, Not Stirred,”
Because today’s Trojan horses are likely to arrive as part of a blended threat, they tend to be more dangerous than those that lurked five or 10 years ago. Users may not need to unwittingly launch a Trojan horse in order for it or its bundled malware to infect the system. If coupled with a virus, code may instruct the Trojan horse to launch automatically after the user opens the virus-infected file. If coupled with a worm, the Trojan horse may even multiply and travel from computer to computer, threatening other users, as well.


Post a Comment

<< Home