How the Trojan attacks work ?


A Trojan Is a small program that run hidden on an infected computer or A Trojan is a malicious program that , when installed on a system , can be used for nefarious purposes by an attacker . Tools allow remote administration or access to a vulnerable system, RATs , are called Trojan .

That means that after the system has been infected with a trojan ,an attacker can control nearly all hardware and software on the system by remote. Today, Trojan are highly sophisticated and provide attackers with many different advanced features for remote control.
Once a Trojan has been introduced into a system, not only does all the data become vulnerable to threat but there is a good chance that Compromized system can be used to set up an attacker on some third-party system.


A Trojan  attacks can be executed by the following simple step :

  1. The Most difficult part of executing a trojan attack is installing the server part of the Trojan on the victim's computer . Some of more common ways to do this are :
  2. Email: Sending the Trojan server file as an attachment to email , address to the victim. The problem with this method is that most often , the victim may not open the infected attachments.
  3. Auto run CD-Roms : Burn the Trojan onto a CDROM and then use  the autorun facilities  of the CD to automatically execute/install the trojan , the moment the CD is inserted into the tray.                                                                                       
  4. Instant Messenger : It is also possible to send the Trojan server part disguised as a normal file over IRC or Instant messenger . Attackers generally rename the trojan so that it looks like a normal,legitimate file.                                              iv. physical address: Physical access to the victim's computer gives an opportunity to the attacker to install the Trojan server part manually.
  5. The server part of the trojan , once installed on the victim's computer Subsequently binds itself to a specific port on the victim's system and listen for connections. Every Trojan listens for connection at a predefined specific port number , which is different for each Trojan .
  6. Next, It is  necessary for the attacker to locate the IP address of the target system on which the server part of the trojan has been installed. This step enables the attacker to connect to the infected computer and control it by remote. Some Trojan are designed in such a way as to Automaticallly email the IP address of the victim to the attacker , every time the target logs into the internet.
  7. Then, the Attacker uses the client part of the trojan tool, which is installed on his system to connect to the server part of the trojan installed on the victim's computer . The The Attackers connects to the preset port number that the trojan uses. After establishing the connection, the victim's system lies open to the attacker to infect almost any kind of damage.
  8. Most often, after the Trojan has been installed in the target system , the attackers will install a backdoor on it to ensure easy access whenever they want to enter.

Types of Trojans :

  1. Trojan:iCmd
  2. MoSucker Trojan
  3. Proxy server Trojan
  4. SARS Trojan
  5. Wrappers
  6. Packing tools: wordpad
  7. Remote by email
  8. Tool: Icon plus
  9. Defacing Application :Restorator
  10. Tetris
  11. HTTP Trojan
  12. Shttpd Trojan -HTTP server
  13. Reverse connection Trojan
  14. Nuclear Rat Trojan
  15. Tool: badluck Destructive Trojan
  16. ICMP Tunneling
  17. Backdoor: Theef
  18. T2w
  19. Biorante RAT

Anti Trojan Software:

  1. Trojan Hunter
  2. Comodo BOclean
  3. Trojan remover
  4. Spyware doctor
  5. Spyware fighter
  6. Backdoor Countermeasures
  7. Tripwire
  8. System File verification
  9. MD5sum.exe
  10. Microsoft Windows defender

That's It Friends If You Have any query please comment ,,

Thank you for reading ...