How To Atteck Systems Using Trojan

1.Making use of a Trojan Horse Construction Kit, a new Trojan packet is created.

2. A Dropper is created; this is part of the malicious code in the trojanized packet which is to be installed on the target.

3.Making use of wrapper tools to create a wrapper and have it installed on the victim’s computer. Tools that be used are: Graffitti.exe, Elite Wrap etc.

4.Transfer this Trojan to victim’s computer. It can be done via using normal means like pen drive, floppy etc and copy it to victim’s computer or they can be spread using emails, chats, network sharing etc.

5.Execute or run the dropper, using this dropper the malware is disguised making the victim feel that the application or link is genuine. After the victim’s computer is infected with one malware, it then helps other malware and unwanted programs to be installed on it.

6.Finally execute the damage routine, which means that do the action that the Trojan actually wanted to, like copy some files and send to attacker, delete important files or even format the hard disk of the victim.

 

execute execute The above picture demonstrates the steps taken by an attacker. The Attacker, making user of a Dropper, take a Trojan and combines it with a Funny Video Clip and shares it you as a Gift. Once the victim open that video for viewing, the dropper will drop the Trojan on the system and then it may be executed to cause damage.

Wrappers:-

are tools that help a Trojan to be bound with a genuine looking application. When this wrapped exe or image is clicked, the main Trojan is installed on the victim’s computer in background while in foreground the wrapper application is being installed. Wrappers are also known as guleware, as it sticks other application or exe’s with itself. Some wrapper programs are: Kriptomatik, SCB Lab’s Professional Malware Tool.

Evading Antivirus:-

Hackers use some techniques to avoid being caught by the anti-virus programs:

– Do not uses downloaded Trojans from web

– They write own Trojans

– Rename Trojan files to different application names like :

Exe to vbscript

Exe to .xls file

Exe to ppt

Exe to mp4

– The checksum value is changed so signature does not match and IDS cannot detect it – Send multiple parts than once on the target system are combined to make one Trojan file.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s