Kinds of Trojan Horse Viruses

Remote-Access Trojans

• Remote-access Trojans, also known as RATs or backdoor Trojans, are the most common and dangerous of all Trojan horses. They run invisibly on host PCs, permitting an intruder to gain remote access and control of the machine. This type of Trojan functions similarly to legitimate remote administration programs, such as Symantec's pcAnywhere, but are designed specifically for stealth installation and operation. These programs are typically hidden in games and other small executable files that are distributed through email attachments.

Anti-Protection Trojans

• Anti-protection Trojans are usually referred to as security software disablers. They are designed to disable firewalls, as well as antivirus software and filters. Once these programs are installed on a machine, a hacker is able to more easily attack the host PC.

Destructive Trojans

• Destructive Trojans delete files. They can be instructed to automatically delete all of the core system files in an operating system, including DLL, EXE or INI files, on the host PC. They can either be activated by a hacker or can be set to activate on a specific date. They are similar to viruses, but since they are typically hidden within files with a system name, antivirus software is unlikely to detected them.

Data-Sending Trojans

• Data-sending Trojans remit critical data back to the hacker, including passwords or confidential information such as address lists, credit card or banking information, or other private data. The Trojan might search for particular information in specific places on the hard drive of the infected PC, or it might install a keylogger and transmit keystrokes back to the hacker via email or forms on a website.

Denial of Service Attack Trojans

• Denial of service (DoS) attack Trojans involve a multi-step process. Multiple PCs are infected with a zombie that is scheduled to attack specific websites simultaneously so that the heavy traffic volume will overload the site's bandwidth. The heavy traffic volume then causes the site's Internet access to fail. A variation of this type of Trojan involves mail bombs that simultaneously attack specific email addresses with random subjects and contents that are unable to be filtered. Since these are typically targeted to a specific email address, general purpose anti-virus software is unlikely to detected them.

Proxy Trojans

• Proxy Trojans transform a computer into a proxy server, either making it available to all Internet users or just to the hacker. This type of Trojan is developed to create "economizers" that are then used to provide complete anonymity for illegal actions, including buying merchandise with stolen credit cards and initiating Denial of Service attacks. If the hacker's actions are tracked, they are then traced to the victim's host PC rather than the actual hacker. Legally, the computer where the attack is launched is responsible for any damage the attack causes.