Whats A Trojan Horse
Trojan is a malicious program/code which is used for remote access to target computer and then attack using unauthorized access to target or victim's computer and causes damage to the system. Trojan is a small hidden code inside another program that's why it easily enters system without knowledge of computer user.The term is derived from the Trojan Horse story in Greek mythology.
In the 12th century B.C., Greece declared war on the city of Troy. The dispute erupted when the prince of Troy abducted the queen of Sparta and declared that he wanted to make her his wife, which made the Greeks and especially the queen of Sparta quite furious.
The Greeks gave chase and engaged Troy in a 10-year war, but unfortunately for them, all of their efforts went down the drain. Troy was simply too well fortified.
In a last effort, the Greek army pretended to be retreating, leaving behind a huge wooden horse. The people of Troy saw the horse, and, thinking it was some kind of a present from the Greeks, pulled the horse into their city, without knowing that the finest soldiers of Greece were sitting inside it, since the horse was hollow.
Under the cover of night, the soldiers snuck out and opened the gates of the city, and later, together with the rest of the army, killed the entire army of Troy.
This is why such a program is called a Trojan horse - it pretends to do something while it does something completely different, or does what it is supposed to be and hides it's malicious actions from the user's prying eyes.
There are many types of Trojan Horse ,Some of the common ones are as fallows
- RATS (Remote administration Tools )
- Priviledges-Elevating Trojans
- Denial Of Service (DOS)
- File Sending Trojans(FTP Trojan)
- Destructive Trojans
RATS - Remote Administration Tools
Remote Administration Tool also known as RAT is used to remotely connect and manage single or multiple computers. RAT is one of the most dangerous Trojan because it compromises features of all types of Trojans. It provides an attacker with nearly unlimited access to host computer ,The following are some of the common features found in a RAT (Remote Administration Tool)
- Screen/camera capture or control
- File management (download/upload/execute/etc.)
- Shell control (usually piped from command prompt)
- Computer control (power off/on/log off)
- Registry management (query/add/delete/modify)
- Other product-specific function
How RATS Work
Remote administration trojans open a port on your computer and bind themselves to it (make the server file listen to incoming connections and data going through these ports). Then, once someone runs his client program and enters the victim's IP, the trojan starts receiving commands from the attacker and runs them on the victim's computer.
Some Trojans let you change this port into any other port and also put a password so only the person that infect this specific computer will be able to use the trojan. However, some of these password protections can be cracked due to bugs in the trojan (people who program RATs usually don't have much knowledge in the field of programming), and in some cases the creator of the trojan would also put a backdoor (which can be sometimes detected, under certain conditions) within the server file itself so he'll be able to access any computer running his Trojan without the need to enter a password. This is called "a backdoor within a backdoor".
Are RATS Illegal ?
Well, It is actually both. There are RATS that are Legal and that are actually Illegal. The difference between them both are the fact that, Legal RATS inform the connected remote that you are on the computer, And Illegal RATS do not inform the remote that you are on the computer.
legal means the person has full control as well, They can kill the connection any time they please, No backdoor is left on their PC, And it is in your network.
Illegal means the person does not know you are connected and they have no knowledge you are till you take action, They have no control to kill the connection (unless they unplug the Internet), But even then, A backdoor is left on the computer meaning anytime the computer is on and the Internet is up, You can connect anytime you want. You can destroy files, Download files, Steal information, Basically make their life miserable.