什麼是木馬病毒?

特洛伊木馬 (木馬) 是一種惡意代理,其與經典病毒的主要區別在於其分發方式: it usually enters the system under the guise of a normal, legitimate program, which is the reason for the tradition to call it a “Trojan horse. After penetration, it is capable of many things: it can collect information about the device and its owner, steal data stored on the computer, block access to user information, disable the operating system, ETC.

Classification of Trojans

One of the classification options is the division into the following types:

  1. 鼠 (遠端存取 / Administration Tool)
  2. 勒索軟體
  3. Cryptographers
  4. Loaders
  5. Protection system deactivators
  6. Bunkers
  7. DDoS Trojans

is a trojan designed for espionage. Once installed in the system, it provides an attacker with a wide range of options: capturing video from the victim’s screen, accessing the file system, recording video from a webcam and sound from a microphone, stealing browser identification files (餅乾), installing other programs, ETC. Examples include DarkComet or AndroRAT.

勒索軟體 is a type of malicious object that blocks access to the system or data, threatens the user by deleting files from the computer or spreading the victim’s personal data on the Internet, and requires a ransom to be paid to avoid such negative consequences. An example of this behavior is the WinLock family.

Ransomware is an advanced form of ransomware that uses cryptography as a means of blocking access. If in the case of the usual “winlocker” it was possible to simply remove the malicious program and thereby regain access to information, then the destruction of the encryptor itself does nothing herethe encrypted files remain inaccessible. 所以, it is very important to use best ransomware protection to protect your data. 然而, in some cases, antivirus software can recover data. An example of ransomware is CryZip.

Downloaders are a type of malicious agent that are designed to download other programs or files from the Internet. An example is Nemucode.

Security killers are Trojans that remove or stop antiviruses, firewalls, and other security tools.

Bankers are a type ofTrojan horsethat specializes in stealing bank data (account number, PIN code, CVV, ETC。).

DDoS Trojans (bots) are malicious programs that are used by hackers to form a botnet to carry out denial of service attacks.

All Trojans are loaded into the system under the guise of legitimate software. They can be deliberately uploaded by attackers to cloud storage or file-sharing resources. 也, Trojans can enter the system through their installation by an insider through physical contact with a computer. 另外, they are often distributed through spam emails.

SwiftSeek Chrome 擴充病毒

SwiftSeek 擴充病毒

我們的研究人員最近遇到了 SwiftSeek, 在對可疑網站進行例行檢查期間,在由誤導性網頁推廣的安裝程序中發現瀏覽器擴充功能. SwiftSeek 等瀏覽器劫持者發生變化…

語音病毒 (.文件的聲音) 勒索軟體

語音勒索軟體

Hlas 病毒是 STOP/Djvu 勒索軟體家族的新成員,針對 Windows PC. 它透過加密檔案和附加一個檔案來造成嚴重的破壞。 “.嗓音” 延伸到他們的…

Target of Trojans

Most often, the target of such a malicious agent is an ordinary PC and its user, but incidents in a corporate environment are also possible. There is a possibility of spamming to infect multiple computers to form a botnet. Some Trojans are embedded into legitimate software and do not interfere with its operation; 因此, the victim does not even notice their activities in the system. In addition to personal computers, an attacker can infect mobile devices in order to spy on the victim or steal their confidential information.

Threat Source

The source of the threat can be file hosting and torrent trackers, on which an attacker has downloaded a malicious program disguised as legitimate software, fake websites, spam mailings, ETC. An important rule for protection is not to follow dubious links or run suspicious programs. Most Trojan horses are successfully detected by antivirus and antispyware software. Law enforcement may install Trojans on a suspect’s computer or other devices in order to gather information and evidence. The intelligence of many countries uses such means for espionage. In general, Trojans are very common due to the fact that there are a huge number of different tools for creating them. 例如, there are utilities that allow you to add a malicious agent to existing legitimate software.

Risk analysis

Both home and corporate users are at risk. 木馬 (木馬) may pose a serious threat to the victim (鼠, bankers), or they may not interact with it in any way (DDoS Trojans). Many of them are difficult to detect, as they are embedded in the code of a legal program and do not interfere with its functioning. A characteristic feature of a Trojan is autoloading: as a rule, it needs to be automatically launched at system startup or when a user logs in. Another symptom is a slow computer. The Trojan loads the processor (especially for DDoS Trojans), which can slow down the PC and increase the CPU temperature. If antivirus software does not help, then the only reliable way out is to reinstall the OS or contact specialists.

Loaris 木馬清除器 is your anti-malware solution. It can reset browser settings, quarantine suspicious files, and so on. A wide range of useful features to help you is available in Loaris Trojan Remover.

 

發表評論