Worm, Virus & Trojan Horse: Ethical Hacking Tutorial

Some of the skills that hackers have are programming and computer networking skills. They often use these skills to gain access to systems. The objective of targeting an organization would be to steal sensitive data, disrupt business operations or physically damage computer controlled equipment. Trojans, viruses, and worms can be used to achieve the above-stated objectives.

In this article, we will introduce you to some of the ways that hackers can use Trojans, viruses, and worms to compromise a computer system. We will also look at the countermeasures that can be used to protect against such activities.

What is a Trojan horse?

A Trojan horse is a program that allows the attack to control the user’s computer from a remote location. The program is usually disguised as something that is useful to the user. Once the user has installed the program, it has the ability to install malicious payloads, create backdoors, install other unwanted applications that can be used to compromise the user’s computer, etc.

The list below shows some of the activities that the attacker can perform using a Trojan horse.

  • Use the user’s computer as part of the Botnet when performing distributed denial of service attacks.
  • Damage the user’s computer (crashing, blue screen of death, etc.)
  • Stealing sensitive data such as stored passwords, credit card information, etc.
  • Modifying files on the user’s computer
  • Electronic money theft by performing unauthorized money transfer transactions
  • Log all the keys that a user presses on the keyboard and sending the data to the attacker. This method is used to harvest user ids, passwords, and other sensitive data.
  • Viewing the users’ screenshot
  • Downloading browsing history data

What is a worm?

 

A worm is a malicious computer program that replicates itself usually over a computer network. An attacker may use a worm to accomplish the following tasks;

  • Install backdoors on the victim’s computers.  The created backdoor may be used to create zombie computers that are used to send spam emails, perform distributed denial of service attacks, etc. the backdoors can also be exploited by other malware.
  • Worms may also slowdown the network by consuming the bandwidth as they replicate.
  • Install harmful payload code carried within the worm.

 

 

Comments

Post a Comment

Hello,

Thank you for reading blogs and your lovely comment. We hope you like this blogs.

Have a nice day!

Again Thanks,
Rk Thakur

Popular posts from this blog

Hacker

•  A hacker may refer to any of the following: Computer hacker1. A hacker is a term that first started being used in the 1960s and described a programmer or someone who hacked computer code. Later the term evolved into an individual who had an advanced understanding of computers, networking, programming, or hardware, but did not have any malicious intents. In 1981, Ian Murphy, also known as "Captain Zap", became the first hacker to be convicted of hacking. He hacked into the AT&T computer network and modified the billing rates system, changing the internal clocks so that cheaper late-night rates were billed to customers during mid-day hours. Today, a malicious hacker is usually referred to as a malicious user, black hat, or criminal hacker, which describes any individual who illegally breaks into computer systems to damage or steal information. Some people who consider themselves leet may refer to themselves as a leet haxors, h4x0rs, or HaXXorZ. However, often these users...
Read more

What constitutes ethical hacking?

  For hacking to be deemed ethical, the hacker must obey the following rules: 1.        Expressed (often written) permission to probe the network and attempt to identify potential security risks. 2.        You respect the individual's or company's privacy. 3.        You close out your work, not leaving anything open for you or someone else to exploit at a later time. 4.        You let the software developer or hardware manufacturer know of any security vulnerabilities you locate in their software or hardware, if not already known by the company. The term "ethical hacker" has received criticism at times from people who say that there is no such thing as an "ethical" hacker. Hacking is hacking, no matter how you look at it and those who do the hacking are commonly referred to as computer criminals or cyber criminals. However, the work that ethical hackers do for org...
Read more

Insecure Cryptographic Storage

●  Description Insecure Cryptographic storage is a common vulnerability which exists when the sensitive data is not stored securely. The user credentials, profile information, health details, credit card information, etc. come under sensitive data information on a website. This data will be stored on the application database. When this data are stored improperly by not using encryption or hashing*, it will be vulnerable to the attackers. (*Hashing is transformation of the string characters into shorter strings of fixed length or a key. To decrypt the string, the algorithm used to form the key should be available) Implication ·          By using this vulnerability, an attacker can steal, modify such weakly protected data to conduct identity theft, credit card fraud or other crimes. Vulnerable objects ·          Application database. Examples In one of the banking application, password database uses unsal...
Read more