An Overview of Trojan Operation

Trojan: The name says it all!!

A Trojan or Trojan horse is a program which carries out an unauthorized function while hidden inside an authorized program. It is designed to do something other than what it claims to, and frequently is destructive in its actions.

Remote Access Trojan : These trojans give the attacker a total access to victim’s machine.

For example:
• Prorat
• Y3k RAT
• Netbus

Pass Stealing :Look for other passwords entered & then send them to a specific mail address.
For example:
• Magic PS
• Demon PS
• Lord PS

Key Loggers :They only log the keystrokes of the victim & then let the attacker search for sensitive data.
For example:
• Perfect Keylogger
• Ardamx Keylogger

The Trojan Operation

1. Hacker gets the Internet Protocol address (i.e. the addres of a computer over the internet in simple words) of the victim.

2. The open ports are found out through port scanners like Blue Port Scanner, ProPort etc.

3. Now the attacker creates a server and a client program to proceed further.

4. To make the server look legitimate ,attacker binds it with some innocent looking file like a mp3,video or an image file.

The conversion exe to image file or any other file is not happening here. But it'll look like another file.

5. Next, the attacker sends that compromised file to the victim and with some social engineering makes him run the file.

6. Once the victim runs that file , the trojan server gets installed and attacker connects to the victim.Now ,the attacker can find out sensitive informations.

* If the victim is behind proxy server then RAT with a reverse connection is used.
(in reverse connection server connects to client)

Brought to you by Preetish from techfuzon.com .

Plurk This Post Ping This Post Reddit Stumble This Post

 Link to this page

 Link to this page