Guide | How To The Trojan Horse

The associated guide may contain user-generated or external content.

Chromatinfish 123

Level 21
Thread author
Verified
May 26, 2014
1,051
According to myth, In the golden ages of Greece, Odysseus arranged for a horse to be built as an emblem of honor to the Trojans, whom they were fighting with. Under Epeios, the horse was built in 3 days and sent to Troy. However, the horse was ridden with Greek soldiers as part of a master plan to win their war with Troy. When dusk fell, a Greek soldier lighted a beacon to fool the Trojans into thinking that he was left behind in order to talk them into keeping the horse in the right place at the right time. However, Laocoon, a Trojan priest, saw through the plan and warned the king about the plot of the Greeks, but he was swallowed by the great god Poseidon's waves along with his brothers. The king's daughter, Cassandra, also thought that the horse "would bring a downfall to Troy," but she was ignored. Troy was utterly destroyed by the Greeks, but Aeneas led a small group of people to present-day Italy, where his sons, Romulus and Remus, eventually founded the Roman Empire.

So why is this on a security forum?

So let me ask you a question:
If you had malware on your computer before, where was it from?

Malware doesn't just come out of the blue. Most malware must be downloaded manually (Worms can be automatically sent, but most firewalls stop them rendering them less useful).

" But why would I download malware?" you might ask.

However, if the Greeks said to the Trojans, "Go ahead and accept this gift, by the way, it actually is a plot to make us win the war," would the Trojans have accepted the gift and gotten taken over?

Therefore malware tries to sneak its way in, as a blatant lie, or as a sneaky smuggler. The malware that blatantly lies about its function are Trojans. The malware that is sneaky can be classified as many different ways depending on its purpose/function, such as Adware, Spyware, Viruses (in general), or even just Malware (in general). There are other types of malware that can be diagnosed as both a Virus, Trojan, and then Ransom-ware. However, we will be talking about Trojans, or Trojan Horses, which are named after the famous Greek myth.

Most blatantly lying Trojans are normally Rouge Antiviruses, and can be easily avoided by using name brands only. However, some even cleverer schemes have been thought up in the past and still are here today.

What if I told you, in the past, you could get malware by fumbling on your keyboard while typing google.com?

If you were typing and you fumbled on your keyboard, or just wanted to buy goggles, you could end up at goggle.co which would make you download Spy Sheriff, first out of the misleading adverts:

upload_2016-6-27_20-47-40.png


Caption: An Adf.ly ad that tries to click bait users into clicking the ad. And look... the site it takes you to is actually dangerous (not WOT)!:

stuff_censored.jpg

...
but then uses a common method that many download sites use in a more malicious way... drive-by downloads. Have you wondered why a download site like Cnet can automatically download a file when you just visit your page? They can actually go further by allowing the program to self-download and self-open without your knowledge.

Hiding the .exe.

Hiding the executable extension is a dirty trick people can easily pull off. A harmless email sending you a pdf file could actually be an executable file, which can make changes to your computer.
Capture.PNG

Caption: Completely harmless, right?
capture2.PNG

...LOL No.

The truth is, anyone can edit any icon of any file type.

Your prevention kit:

The truth also is, you don't need the top of the line security software to dodge these schemes. As long as you have an Antivirus with decent email protection (any reputable one, free or paid), a well-trained brain that can recognize these threats, and turn some settings off, you're all set!

1) Disable the "Remove File Extensions" option

The Remove File Extensions option can easily make a nasty trojan disguise as a harmless PDF file. It just causes trouble.

View attachment 176740
Caption: Disabling this option will make your computer a lot safer

2) Get an Ad Blocker

Despite the controversy over websites losing profits, go get yourself an ad blocker. Just don't forget to whitelist your favorite news sites and YouTube channels. Adverts can easily trick you into downloading Malware.

3) Stick To Name Brands

Stick to a brand that your local Fry's or Best Buy (or any other technology shop) sells, rather than going to a dodgy corner of the internet and digging out AV Pro 2016.

4) Common Sense!

In the end, it's your brain that will get you into trouble and your brain has to get you out of it. Train yourself with the common dodge tactics malware developers use.

Good Software that I Recommend?

For an antivirus, I would recommend:

Free:
Detection- Avira or Avast
Configurability- Avast! Free
Set and Forget / Performance- Sophos Home

Paid:

Performance- ESET
Detection- ESET, Kaspersky
Configurability- ESET
Set and Forget- Webroot (Or get yourself a free AV)
I also recommend along with ESET and Kaspersky: Norton Security, Emsisoft, and F-Secure.
Note: I am a strong disliker of McAfee as the history of McAfee products on my computer have not pleased me very much. Therefore, with that in mind, I heartily recommend ESET, Kaspersky, Emsisoft, Norton, or F-Secure over McAfee *cough* ...Intel Security. I also have a history of BitDefender products that have overall made my computer run slowly, and I do not support Panda allegedly spoofing on AV-Test and AV-Comparative tests by being a sellout. These are just my opinions and shouldn't deter you from your favorite product and please don't make a huge debate out of this.
A common myth is that you need to pay to have good protection. However, you can get decent protection for free by simply downloading a free antivirus like Avast or Avira. I also have beta tested Sophos Home and it is extremely light and is a good option for your parents or grandparents so they don't mess up their settings.

Additional Software:

Malwarebytes Anti-Malware: Free Anti-Malware & Internet Security Software (Free)

This software is an on-demand scanner can scan your system for malware and is a secondary defense system to your main defense (There is I think an article about layered defenses).

AdGuard: Adguard blocks popups and other types of ads (Paid)

As a desktop application, Adguard can reduce bandwidth by blocking ads and stop annoyances, along with being able to block ads on any program you choose, such as Skype or and Instant Message software (if anyone uses them anymore :D). It can also block potentially malicious ads, like the one I showed you in this post. PS... It also works on HTTPS protocol and can use both TDI and WFP drivers, with the latter being less stable but more modern and works with newer browsers.

Unchecky: Unchecky - Keeps your checkboxes clear (Free)

Installers that install your favorite software can make you install PUP (Potentially Unwanted Programs). Unchecky will automatically uncheck you from content you don't want to install so you don't accidentally install it.

But: Your Brain Is The Ultimate Solution.
 
Last edited:

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Nowadays threats are already smarter enough so of course our minds most of the time will be deceiving on such indirect traps, thus the instinct is not fully active in some circumstances.

Knowledge is the power and key, that will be our primary weapons against pesky/clever threats.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top