|
[Navigation links] [Safe Computing] -- Operating Systems, Personal Information, SPAM & Viruses [Been Hacked?] -- Trojans, security breaches, and open relays [Firewalls] -- Firewalls - Do I need one? What is my firewall telling me? [Resources] -- Legal and Internet Resources [Tools] -- Trojan, Virus and other internet utilities [Need Help?] -- It's too complicated, HELP! [TDS-3] --Installing TDS-3 - Trojan Defense Suite virus scan --Online antivirus utility [Home] -- Home, James! |
[Security@ddiction]Been hacked or suspect you have?or why is my Internet Service Provider phoning?Trojans - What are they? In computers, a Trojan horse is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage. Many trojans allow a remote user to gain control of your system. A Trojan horse may be widely redistributed as part of a computer virus. The term comes from Homer's Iliad. In the Trojan War, the Greeks presented the citizens of Troy with a large wooden horse in which they had secretly hidden their warriors. During the night, the warriors emerged from the wooden horse and overran the city In the world of viruses, trojans are the most dangerous of them. They provide a hacker with complete access to your computer system, and all information stored on it. The hacker will be able to access all email accounts on the computer, steal passwords from instant messenger programs and take them over, and install keyloggers. Keyloggers are where trojans can get very dangerous for the user. A keylogger allows the hacker to literally capture every keystroke and clicked link the user makes. What does this mean? It means a hacker can potentially steal your logins for websites... including your bank and credit card information. If you find you have had a trojan on the system, it's advisable to update all information to ensure the hacker can't make use of it. This means change all passwords for all your accounts. How do I get rid of a trojan? In order to rid yourself of a trojan, there are two basic approaches. You can try and clean it off using a trojan cleaning utility such as TDS which is also listed on the tools page. It is important to distinguish between trojan detection and removal, and virus scanning/removal. Many antivirus utilities are unable to either detect or remove trojans. For assistance with installing and configuring TDS-3 click here The other approach to ridding your computer of a trojan is to have your hard drive wiped by formatting it, and then reinstalling the operating system. If you choose this approach, it is advisable to have a professional take care of it for you to ensure everything runs smoothly afterward! It's also important to note that formatting your hard drive will result in the loss of all data stored on it. Security Breach/hacked It can be a daunting task to discover whether or not your computer system has been compromised. With a sloppy hacker, or simply one attempting to learn it can become readily apparent. Your system may behave oddly, the mouse moves on it's own, or perhaps they are so bold as to put messages on your screen. On a Microsoft Windows OS, it may be possible to recover from the breach. The steps mentioned above may assist you. Within the Linux OS, things can be a bit more challenging. Unless you have kept backups and have an intimate knowledge of your specific installation, it would generally be safest to simply wipe the system clean and start from scratch. While there are rootkit removal tools available from places like www.securityfocus.com or www.chkrootkit.org they are something you certainly use at your own risk. If it was a 'default' installation of a rootkit, these tools might be of some use. It can however be foolhardy to assume the hacker is both new and lazy. Assume the worst. How do they get in?
There are basically two ways for a hacker to penetrate your system. The first, and by far the most common, is user error. Most often a hole in the security of the system comes about because of lack of knowledge on the part of a user on the computer system. Typically, the user executes an unknown and untested file without first scanning it with both an antivirus program and an antitrojan program to ensure the file is safe. This oft overlooked step could save thousands of people the pain, inconvenience and expense of recovering from a hack. Quite often trojan horse programs and viruses are passed between friends. These cleverly disguised files often pass themselves off as a picture file, or perhaps a cute animation. The bit of social engineering is key to the spread of the trojan virus. Because the file often appears legitimate, and perhaps passes itself off as a game of some kind, or an animation, the file is passed from person to person. Unknownst to the people viewing or executing the file, a trojan program is being installed in the background. Trust nothing. Scan *every* file, regardless of who it came from. Seem extreme? Perhaps it is... but you'll be hard pressed to ever be taken over by a hacker by following this sort of advice. Treat unknown files as though they were a strange package found in the alley. |