LabRats #095: Trojan horses: ancient Greece going modern
The Greeks, according to poet Homer, offered the Trojans a huge wooden horse. Whether it was a peace offering is difficult to say. What Homer claimed in his Odyssey was that the Trojans accepted the gift, little knowing there were Greek soldiers inside. When everybody went to bed, and all Trojans were snoring their way through the night, the Greek soldiers climbed out and killed everybody in sight. That’s the origin of the saying, Beware Greeks bearing gifts.
It is also the origin of the name, Trojan horse, in computer-speak. Someone sends you a file that offers you paradise on earth, you double-click to open it, and all hell breaks loose.
What you actually got is known as a payload. For example, you will get a so-called spam engine. Your system, without your knowledge or consent, starts sending out spam, that is, all kinds of unsolicited solicitations that have nothing to do whatsoever with serious business. On most occasions, you will be also flooding the world with the attachment that you have so carelessly opened.
More often than not, users thus attacked are not even aware their computers have been infected and they are wreaking havoc on other users all over the world. Besides, on more occasions than one, creators of Trojan horses also manage to install special software on your system that allows them to see everything that you keep on your hard drive, and control what your machine is doing from a safe distance. Your computer thus becomes what is known as a zombie, and if there are more such infected machines, and rest assured, there are, you become a part of an entity called botnet. What happens then? Well, quantity can spell power, and a hacker can try to blackmail a corporation, demanding huge amounts of money, and if the corporation won’t comply, the hacker can have the botnet attack the corporation’s servers, flooding them with unsolicited data and action requests. If you’ve ever heard of a Distributed Denial of Service (DDoS for short), that’s what it is.
In this installment of LabRats, Andy Walker and Sean Carruthers explain how to protect your machine (and yourself) against such attacks. Install a powerful anti-virus suite. A logical piece of advice is: don’t click on attachments sent to you by people you’ve never heard of, and even when you get such attachments from friends, ask them first, before double-clicking.