If we want to implant our Trojan on someone else's computer, we need to disguise ourselves first. Generally, there are two main methods to hide Trojans:
1. disguise yourself as a general software
Many users may have encountered such a situation. On the website, a small program that claimed to be a very interesting one was obtained and executed, but the system reported
Internal error. The program exits. Most people think that the program is not well developed and will not suspect that the trojan program is running. Wait until running
I was told that my password was incorrect when I was using my q and other programs, and I was not familiar with my password. Then I remembered how to check my machine.
Whether a trojan is installed.
This kind of program is disguised as a normal program. In essence, it is disguised as a Trojan. In the beginning of the Trojan code, the process of self-Installation and hiding will be completed,
Finally, an error message is displayed, deceiving the user.
2. Bind yourself to a normal program
For old hackers, they can use some bundled software to bundle a genuine installer and Trojan into a new file,
Then, when you install the genuine program, you will be planted with Trojans without knowing it.
However, this trojan may be noticed by users, because the size of the w I n z I p program usually increases after the trojan is bound.
After disguise, Trojans can be sent to attackers via emails, or stored on websites for download. Hackers also add some
Attractive words to seduce others, like "The latest hot movie !" , "C u t e f t p 5.0 completely decrypted version !!!" .
It is not a lie. After the CuteFTP is installed, your machine will be "completely decrypted. Those who like free software should be careful!
In view of the dangers of Trojans, many people still have some knowledge about the trojan, which plays a role in restraining the spread of the Trojan.
Horse designers do not want to see, so they have developed a variety of functions to disguise Trojans, in order to reduce user vigilance and deceive users.
· 74 ·
The following describes several common methods for embedding Trojans in disguise:
1. Direct sending Spoofing
Change the Trojan server program icon. If it is set to an image icon, you can set its extension to *** .jpg.exe format and send it directly to the other party.
The default setting is to hide the extension of a known file, so the recipient will easily believe that this is an image. After the other party runs, the result is unresponsive.
The typical performance of the Trojan horse), the other party said: "Why can't you open it! ", Answer:" Oh, no, the program is broken, right? ", Or:" Sorry, I sent an error.
Now! ", And then send the right things (normal games, pictures, etc.) to the other party. After receiving the message, he is happy and does not want to see the situation just now.
2. Bundle Spoofing
Bundle the Trojan server with a game or tool into a file and send it to someone else in Q or e-mail. After others run it, they often hide in w I n-
In the system directory of d o w s, the icon is disguised as a text file or webpage file and is connected to the outside world through the port. Then combine yourself with some e x e
Files are bundled together, or the file association method is changed to achieve the purpose of self-starting. In addition, even if the system is reinstalled later, if
If the program is still saved, it is possible to try again.
3. Folder inertial click
After disguising a trojan file as a folder icon, put it in a folder, and set three or four empty folders outside.
Click the habit, point to the Trojan disguised as a folder, it will not be able to hold the mouse down, so that the trojan runs successfully.
4. Dangerous download points
After breaking some download sites, download a few software with a large volume of downloads, bind the trojan, and then quietly put it back for others to download.
The number of downloads equals to the number of computers with one more Trojan. Or bind the Trojan to other software, and then release it in a bright future.
When downloading websites from various major software, they do not detect viruses, and even new Trojans cannot be found.
5. Email Spoofing
The premise for this type of Trojan embedding is to use anonymous email tools to impersonate friends or large websites, organizations, and organizations to send Trojans to others and download them.
If the attachment is running, the trojan is in progress. For example, the system administrator impersonates an organization and sends system patches or other installation programs to each client.
6. QQ Spoofing
The premise for this type of Trojan embedding is that you must first have a Q number that is not your own. Then use this Q number to send Trojans to friends.
Preface: because the owner of the stolen number is trusted, friends will not hesitate to run the trojan program, and the result will be unsuccessful.
7. Zip camouflage
Bind a trojan together with a corrupted z I p package (which can be made), and specify the bundled file as the z I p icon.
Others have read his suffix. Otherwise, it will be no different from the corrupted z I p. I don't know that a trojan is already running quietly.
Common practices for zi p camouflage are as follows:
First, create a text document, input any byte (in fact, only one line, minimum), and rename its suffix t x T to z I p.
And then bundle it with the trojan program. Modify the bundled file icon to the z I p icon.
8. Send a link to the Forum
Upload the bundled Trojan on a forum where attachments can be uploaded (for example, bind the Trojan to an image), and then send the link to the target meat to be attacked.
The host tempted him to click the link.
10. webpage Trojan
Bind a Trojan on your webpage, and then invite the target user to access the target user on Q, so that you can easily plant the trojan you configured.
The following section describes how to combine the trojan program and other programs.