Completely parse the latest computer virus: Custom Trojan

The boundaries between viruses, worms, and Trojans are becoming increasingly vague, so they can be understood for their potential purposes.
More and more easily. Generally, a virus is transmitted by email with a certain payload. Worms use other channels
Channels, such as IM, SNMP, RSS (not yet available, but it may be faster) and other Microsoft protocols. Worm connection
It usually brings a certain amount of load. They aim to spread as quickly as possible.

The prototype of a Trojan Horse is to hide the Greek people and bring them to the city of Troy. Now the Trojan horse usually refers
Load placed on the user's computer. Hackers remotely access users' computers using Trojans.
Install any program they want to install. Some hackers can even use Trojans to open the CD on users' computers.
The player is only used for voice and entertainment.

Not all Trojans are for entertainment games. Botnets are waiting for commands
Launch an attack on the target website. There are also trojans used to install AD software, which hackers can make profits from. Of course
It's easy to install such software to record everything you hit through the keyboard, or even your laptop's mike.
Everything that Feng says. Trojans have so many features that they can be used to generate benefits, so many viruses and worms
Trojan will be installed.

Anti-Virus manufacturers employ a large number of researchers, honeypot and users to find viruses as quickly as possible. Average cost
Six hours to discover viruses, classify them, and provide users with new definitions. The critical weakness of the entire industry is
Yes, these research technologies cannot do anything that can protect you from custom viruses or Trojans.

Custom malware can be easily created. Take out the source code of an existing trojan or virus and modify it
The existing anti-virus and anti-spyware cannot be identified. Even if you or your IT department finds this trojan,
Reporting does not make any sense because it is not widely spread. Therefore, developers of custom Trojans can use
And then attack other targets.

Michael Haephrati's notorious Trojan is used to steal confidential messages from many Israeli companies.
. Now, China is also in a commercial online phishing Long March.

First, send a custom virus to collect email addresses. The virus is only in the domain of the target.
. Then, send an email to the machine containing the custom Trojan. the email address appears to be within the same organization.
In this way, the user is likely to open this email.

There are no effective preventive measures for such attacks. You do not open any attachment,
You may miss some valuable opportunities if you lose productivity at the cost. Both existing anti-virus and anti-spyware Products
Not designed to discover custom Trojans.

So what should we do?

· Use a firewall proxy server to prevent internal interactions from being sent to hackers. Block FTP, Telnet, and SSH.
In the UK, this can play a role in dealing with Haephrati Trojans. However, haokui is not very long and can be customized.
The author of the Trojan will change the Trojan to other channels, such as email, Skype, and Web.

· The use of various host-based intrusion protection systems may identify and exploit Trojans
Block. Sana security company, McAfee, eEye, Determina and Symantec have all developed such products
Product. These products are not omnipotent, but there are two other aspects in capturing custom Trojans.

· Use a whitelist to list friends who do not stop. Websense has such a client
It can prevent external interactions with known bad IP addresses.

A custom Trojan is a new type of network threat that targets your information, organization, and assets. If
In your opinion, zero-day worm attacks are a headache, so custom Trojans are not inferior. Custom Trojan is not required
To rely on existing vulnerabilities, you cannot identify them using existing desktop or network protection measures and manipulate custom trees.
The starting point of the Trojan is to bring harm to you.