Un troiano (Troiano) è un agente dannoso la cui principale differenza rispetto a un virus classico è il metodo di distribuzione: it usually enters the system under the guise of a normal, legitimate program, which is the reason for the tradition to call it a “Trojan horse”. After penetration, it is capable of many things: it can collect information about the device and its owner, steal data stored on the computer, block access to user information, disable the operating system, etc.
Classification of Trojans
One of the classification options is the division into the following types:
- RATTO (Accesso remoto / Administration Tool)
- Ransomware
- Cryptographers
- Loaders
- Protection system deactivators
- Bunkers
- DDoS Trojans
RATTO is a trojan designed for espionage. Once installed in the system, it provides an attacker with a wide range of options: capturing video from the victim’s screen, accessing the file system, recording video from a webcam and sound from a microphone, stealing browser identification files (biscotti), installing other programs, etc. Examples include DarkComet or AndroRAT.
Ransomware is a type of malicious object that blocks access to the system or data, threatens the user by deleting files from the computer or spreading the victim’s personal data on the Internet, and requires a ransom to be paid to avoid such negative consequences. An example of this behavior is the WinLock family.
Ransomware is an advanced form of ransomware that uses cryptography as a means of blocking access. If in the case of the usual “winlocker” it was possible to simply remove the malicious program and thereby regain access to information, then the destruction of the encryptor itself does nothing here – the encrypted files remain inaccessible. Perciò, it is very important to use best ransomware protection to protect your data. Tuttavia, in some cases, antivirus software can recover data. An example of ransomware is CryZip.
Downloaders are a type of malicious agent that are designed to download other programs or files from the Internet. An example is Nemucode.
Security killers are Trojans that remove or stop antiviruses, firewalls, and other security tools.
Bankers are a type of “Trojan horse” that specializes in stealing bank data (account number, PIN code, CVV, eccetera.).
DDoS Trojans (bots) are malicious programs that are used by hackers to form a botnet to carry out denial of service attacks.
All Trojans are loaded into the system under the guise of legitimate software. They can be deliberately uploaded by attackers to cloud storage or file-sharing resources. Anche, Trojans can enter the system through their installation by an insider through physical contact with a computer. Inoltre, they are often distributed through spam emails.
Virus dell'estensione Chrome SwiftSeek
I nostri ricercatori si sono imbattuti recentemente in SwiftSeek, un'estensione del browser trovata in un programma di installazione promosso da una pagina Web ingannevole durante un controllo di routine di siti sospetti. Browser hijackers like SwiftSeek change…
Virus vocale (.La voce di File) Ransomware
Il virus Hlas è un nuovo membro della famiglia di ransomware STOP/Djvu che prende di mira i PC Windows. Provoca interruzioni significative crittografando i file e aggiungendo un file “.Voce” extension to their…
Target of Trojans
Most often, the target of such a malicious agent is an ordinary PC and its user, but incidents in a corporate environment are also possible. There is a possibility of spamming to infect multiple computers to form a botnet. Some Trojans are embedded into legitimate software and do not interfere with its operation; così, the victim does not even notice their activities in the system. In addition to personal computers, an attacker can infect mobile devices in order to spy on the victim or steal their confidential information.
Threat Source
The source of the threat can be file hosting and torrent trackers, on which an attacker has downloaded a malicious program disguised as legitimate software, fake websites, spam mailings, etc. An important rule for protection is not to follow dubious links or run suspicious programs. Most Trojan horses are successfully detected by antivirus and antispyware software. Law enforcement may install Trojans on a suspect’s computer or other devices in order to gather information and evidence. The intelligence of many countries uses such means for espionage. In general, Trojans are very common due to the fact that there are a huge number of different tools for creating them. Per esempio, there are utilities that allow you to add a malicious agent to existing legitimate software.
Risk analysis
Both home and corporate users are at risk. Troiani (trojan) may pose a serious threat to the victim (RATTO, bankers), or they may not interact with it in any way (DDoS Trojans). Many of them are difficult to detect, as they are embedded in the code of a legal program and do not interfere with its functioning. A characteristic feature of a Trojan is autoloading: as a rule, it needs to be automatically launched at system startup or when a user logs in. Another symptom is a slow computer. The Trojan loads the processor (especially for DDoS Trojans), which can slow down the PC and increase the CPU temperature. If antivirus software does not help, then the only reliable way out is to reinstall the OS or contact specialists.
Dispositivo di rimozione Trojan Loaris is your anti-malware solution. It can reset browser settings, quarantine suspicious files, and so on. A wide range of useful features to help you is available in Loaris Trojan Remover.