Trojan Horse Programs and How to Avoid Them
This is a writing sample from Scripted writer Ron Lilek
Malware exists in many forms, so how can you protect yourself from them all? The best defense is knowing what's out there and what it looks like. In Greek mythology, Athenian soldiers hid inside a giant wooden horse which they presented, ostensibly as a tribute, to inhabitants of the walled city of Troy. Once brought inside the walls, they waited until nightfall, then stealthily opened the gates of the city to invading forces. Thus the Trojan horse, by pretending to be something it was not, led to the downfall of the city-state of Troy. Today, the "Trojan horse" is a horse of a different color. Unlike the one-time occurrence of the original, the modern Trojan horse seems to be multiplying in numbers and successes. A stark example would be the so-called Zeus program, which was first detected in 2007. It's estimated that Zeus has infected millions of computers worldwide, stealing banking information, money and personal information (like Social Security numbers) that can be sold on the black market.While most of us think we're safe from cyber invasions as long as we don't open unidentified email attachments, a Trojan horse can be spread through other means. Recently, a bogus website on Facebook about the NFL was exposed as a Trojan horse. With Facebook being noteworthy for its easy access to hackers (just Google "hacking facebook profiles" and an entire menu of methodologies and instructions pops up), it's only natural that it would be a prime target for cyber criminals. And according to experts, it remains so. Once a Trojan horse gets onto a computer, that computer can become a "bot" or "zombie": that is, a computer used to relay malware programs via the Internet. Strung together in a peer-to-peer network, these "botnets" operate without computer owners' knowledge. The malware they carry can then be controlled by the hacker who initiated the program. For example, a hacker can create a Trojan horse, spread it through a seemingly innocuous website link opened by unaware computer owners, and then use the Trojan horse to attack a competitor's website or run a financial scam. This way, the thousands of computers on the botnet become unwitting participants. There's no foolproof way to avoid falling victim to a Trojan horse (except to never connect to the Internet), but there are some measures you can take to minimize your vulnerability:
- Never open an email attachment from an unknown and mistrusted source.
- The same goes for hyperlinks sent by email. Even if it comes from a friend, the link itself may be carrying a Trojan horse. Satirical political links, for instance, are constantly being emailed en masse to people of like-minded persuasions. Open them at your own risk.
- Don't be fooled by emails purported to be from legitimate marketers. If you get an email with a link to "customer service" because your order has been delayed or you're due a rebate, and you have no idea what the sender is talking about, delete it immediately. Don't worry. If it's legitimate, they'll find a way to reach you.
- Unauthorized downloads of movies and music are often accompanied by a Trojan horse.
Finally, even though anti-virus softwares cannot guarantee that you won't acquire a Trojan horse, a good anti-virus solution can often detect and quarantine the offending program. Additionally, if you make sure you have downloaded the latest service pack and all security patches sent by the makers of your computer's operating system, you are decreasing your likelihood of being victimized. Trojan horses are considered malware because their intention is to do evil. It's in all of our best interests to defeat them.