One of the older and potentially widely misunderstood forms of malware is the Trojan. Simply put, a Trojan is a software application that is designed to provide covert access to a victim’s system. The malicious code is packaged in such a way that it appears harmless and thus gets around both the scrutiny of the user and the antivirus or other applications that are looking for malware. Once on a system, its goals are similar to those of a virus or worm: to get and maintain control of the system or perform some other task. A Trojan infection may be indicated by some of the following behaviors:
■ The CD drawer of a computer opens and closes.
■ The computer screen changes, either flipping or inverting.
■ Screen settings change by themselves.
■ Documents print with no explanation.
■ The browser is redirected to a strange or unknown web page.
■ The Windows color settings change.
■ Screen saver settings change.
■ The right and left mouse buttons reverse their functions.
■ The mouse pointer disappears.
■ The mouse pointer moves in unexplained ways.
■ The Start button disappears.
■ Chat boxes appear on the infected system.
■ The Internet service provider (ISP) reports that the victim’s computer is running port scans.
■ People chatting with you appear to know detailed personal information.
■ The system shuts down by itself.
■ The taskbar disappears.
■ Account passwords are changed.
■ Legitimate accounts are accessed without authorization.
■ Unknown purchase statements appear in credit card bills.
■ Modems dial and connect to the Internet by themselves.
■ Ctrl+Alt+Del stops working.
■ When the computer is rebooted, a message states that other users are still connected.
Operations that could be performed by a hacker on a target computer system include these:
■ Stealing data
■ Installing software
■ Downloading or uploading files
■ Modifying files
■ Installing keyloggers
■ Viewing the system user’s screen
■ Consuming computer storage space
■ Crashing the victim’s system