Introduction to the latest legendary Trojan Horse and its defense strategy

Source: Internet
Author: User

Today, there are a large number of legendary game players in China, and the online virtual equipment transaction is booming. It is not surprising that a good equipment or advanced account has sold thousands of RMB, so a large number of Trojan viruses targeting legend games have emerged. When you run a plug-in containing Trojans or click an Email attachment from a stranger to open a malicious website webpage, the trojan will dive into your computer. Once you log on to the legendary game, the trojan will secretly record the account password you typed and send it to its owner for sale by the hacker. To help gamers stay away from the hateful legendary Trojan horse, we will introduce the popular legendary Trojan Horse and its prevention methods in the following sections.

The legendary Trojan

Currently, many Trojans are targeted at legendary Games, and new variants are constantly emerging. These Trojans have just begun to steal account passwords and have now evolved to prevent the operation of anti-virus software and anti-trojan software, among them, the most dangerous are the legend killer of Internet cafes, the legend boy, the legend black, the legend hacker Trojan, And the beebot.

1. Legend killer in Internet cafes (Trojan. PSW. LMir. qh)

This trojan breaks the encryption and decryption algorithm of the legend game, specifically for users playing the "legend" game in Internet cafes. As long as someone runs this Trojan on a computer in an Internet cafe, the account, password, equipment, and other information of all legendary gamers in the internet cafe will be stolen, which is quite scary! This trojan captures packets in the LAN and analyzes the "legend" game communication protocol to intercept information of all players in the Internet cafe.

2. Legend black noodle (Win32.Troj. Mir2HAK)

The legend black area will monitor player input, automatically record the legend account password you typed, and send it to the email address of the virus author, causing economic losses to you. During the trojan attack, you will copy yourself to the Windowssystem32 directory. The name of the Trojan and Its DLL file is very similar to that of the Windows system program and its DLL file. If you do not pay attention to them, you may think they are system files, it is highly deceptive.

3. Legend boy (Troj. MirBoy)

The legend boy is a trojan virus targeting the legend game. He steals the user's legendary account and password and sends it to the hacker's designated email address. After the virus intrude into the player's computer, it will copy itself to the system directory, and then modify the key value in the registry, so that the system will automatically load when started; it will also terminate all kinds of anti-virus software in the system, such as Skynet firewall and ZoneAlarm.

4. Legendary Trojan Horse (Win32.Troj. Sincom. e)

After running the trojan, it will steal the user's legendary account and password and send the information to the Trojan growers. As a result, players infected with machines will be completely controlled by others in the legendary game. In addition, it also disables common anti-virus software to prevent itself from being cleared by the anti-virus software.

5. beebot (Win32.Troj. MiFeng70)

The trojan steals the password of the legendary game and sends the password to the specified mailbox. In addition, it can also steal the passwords of the following software: QQ, miracle, Millennium, Red Moon, yitian, decisive battle, westward journey, Stone Age, legend of forgetting, DVAQ. Secret; under the Registry primary key HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun, add the key value "internet" = "% SYSTEM %" \ % VIRUSNAME % "; modify the key value "default" = "% SYSTEM %" \ % VIRUSNAME % "" % 1 "for the primary key HKLMSOFTWAREClasses xtfileshellopencommand of the Registry; in C: Autoexec. net stop "Internet Connection Firewall (ICF)/Internet Connection Sharing (ICS)"> C: BOOTEX. LOG

After the trojan is running, the hard disk will run wildly, listening to the UDP2222 port, and monitoring anti-virus software, such as Trojan and rising. Trojan horse through hxxp: // success? Eve = gip & mailid = check whether it is registered.

Legendary Trojan Protection

This year's legendary Trojan Horse is rampant. Some hacker websites sell Trojans with backdoors on the Internet and instruct others to use Trojans to steal passwords, the vast majority of legendary players must be aware of security now, or the next password will be you! To this end, you should take the following preventive measures:

1. Install and Upgrade anti-virus software in a timely manner

When surfing the Internet in Internet cafes and other public places, You must select a regular Internet cafe protected by anti-virus software to prevent your game account from being stolen, you need to know that "Internet cafe legend killer" can steal the passwords of all gamers in the internet cafe! Check the anti-virus software installed in Internet cafes. The version 16.35.20 or later of the anti-virus software can thoroughly scan and kill the "Internet cafe legend killer" virus. In addition, you need to check and kill your computer before the game. You must change your password before going offline and use the new password for the next game.

If you are surfing the internet at home, you should install anti-virus software with privacy information protection (such as KV2004 and Norton Security Special Police). upgrade to the latest virus database in time to enable real-time virus monitoring, some of the most powerful Trojans cannot be found if the anti-virus software has not been upgraded to the latest version.

In addition, you also need to enable the privacy information protection and monitoring function of anti-virus software to set the legendary account and password to the privacy protection status, so that even if you have a Trojan, you don't have to worry about theft of accounts and passwords by Trojans.

Ii. Install a third-party Firewall

We recommend that you install third-party firewalls such as Norton Security, ZoneAlarm Pro, Skynet firewall, and Kingsoft network firewall 6. These firewalls are powerful. Once Trojan viruses and hacker intrusions are detected, they will automatically trigger alarms, it also protects private information such as your game account and password to ensure the security of your Internet access.

Among them, Kingsoft subnet 6 has a unique function, which is to check whether your system has any vulnerabilities. If a vulnerability is detected, it also allows you to download and install patches and block the vulnerability. We recommend that you check it before accessing the internet, and then start a third-party firewall to play games online. Next we will introduce how to use the Norton Security Special Police and ZoneAlarm Pro. We will not discuss other firewalls.

1. Norton Security Expert

Latest Version: Chinese version of Norton Security Special Police 2004
Software size: 77,483 KB
Running platform: WinXP/2000/NT/Me/9X

Norton Security Special Police (NIS2004) is an excellent network security software released by seementon. It has a personal firewall function that can detect and kill Trojan viruses and conduct intrusion detection. It has the "privacy control" function, this prevents your account and password from being stolen. As long as you add all game accounts and passwords to the protection list of the Norton Security Special Police, when you use the "Web", "instant information" and "email" programs, the Norton Security Special Police will protect your input information. As long as you enter content related to protection information in any webpage, email, or instant message, Norton automatically converts it to "*". Even if a Trojan sends your password information to its "host" by email or other means, the other party only sees "*", which ensures the security of the password.

2. ZoneAlarm Pro

Latest Version: 5.5.062.004
Software size: 6499KB
Running platform: WinXP/2000/NT/Me/9X

ZoneAlarm is currently the best integrated personal firewall. It has powerful functions and is easy to operate. It provides a firewall function to prevent trojans from being secretly messed up on your computer, provides email monitoring, web page filtering, and pop-up ad shielding functions, as well as powerful gateway management functions, allowing senior users to develop Expert-Level Rules and freely control Internet resources.

Compared with other personal firewall software, ZoneAlarm occupies less resources and can protect personal privacy. As long as you set the following in ZoneAlarm, you can prevent trojans from sending your password.

Setting Method: click "ID lock". On the "General" tab, set "ID lock" to "high", and then open the "personal privacy" tab (such ), click "add", enter the account and password to be protected, and add all your passwords. In this way, once your password is sent out, ZoneAlarm will send an alarm, even if the other party receives the password, it will all be "*" and cannot be read.

 

498) this. style. width = 498; "align = center vspace = 1>

3. Use Trojan-killing software

Some legendary Trojans will automatically shut down anti-virus software and firewall after they run. In this case, the dedicated Trojan tool will be used to detect and kill Trojans in the system. Currently, many software programs are used to kill Trojans. Well-known software include Kingsoft drug overlord, Trojan killing, Trojan star, TrojanHunter, Anti-Trojan Shield, The Cleaner Professional, and Trojan removing masters.

1,

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.