Here we will learn how worms and trojan are used in Hacking terms and how they function within a system.
We already learned about Virus, a type of Malware, here we will understand about Worms and Trojans.
Make sure you check out our course structure, so you can start tour systematical learning journey. Complete Ethical Hacking Course|2020
Worm is an acronym for Write – Once – Read – Many.
Wait a minute?, Is it me or the question that what is the difference between worms and Virus is also occurring to you?
We have learned that the Virus cannot spread all by itself, they need a host program to attach to itself in order to propagate.
But a WORM is capable of self replicating itself.
Hence the name Write Once Read Multiple.
This is the behaviour of WORM.
In terms of inflicting damage, both Virus and Worms can be same in terms of fatality but what makes a Worm more nastier is that unlike Virus the Worm doesn’t need a host to replicate itself.
It doesn’t need a help of human or a host program to propagate.
The Working Mechanism
This standalone piece of code tries to propagate itself by finding a weakness in victim’s system
Usual places is the stored email address on a machine.
Trojan Horse : –
It is a great story of how the name came to existence, the name of this Malware came form an accident story of a battle between the Greeks and the Troy.
The Greeks sent a huge wooden horse as a gift to the People of Troy.
However, inside the horse Greek soldiers were ready to attack.
People of Troy accepted this amazing gift only to find themselves caught in the onslaught of Greeks.
On the name of same wooden horse the Malware gets its name.
Trojan horses a malicious piece of code which looks legitimate to the victims, because of it’s appearance.
But believe us the fatality rate can be similar to Worms and Viruses.
The Trojan Horse doesn’t replicate itself like Worm but it works in a different way.
It requires user interaction to be executed.
A user is likely to find trojan horse on email attachment which once opened the execution phase starts.
ILOVEYOU : –
In 2000s, this malware was quite popular because it damaged huge number of systems.
The malware affected 10s of millions of windows based users. Single-handedly it brought down major corporation’s email networks.
How it worked?
It came as an email attachment with a name as LOVE-LETTER-FOR-YOU.TXT.vbs
Once saved on a system, a user can view the file name but without the .CBS extension (where the code was written.)
Last part which defines a visual basic script, in those days the extension was by default hidden.
It was hidden because .vbs file type was interpreted by windows as known file type.
A user will look at the file and think it’s a simple text file.
And therefore the likelyhood of opening this malicious file was very high.
Once opened the VB Script starts executing itself.
ILOVEYOU than overwrites existing files, resulting in huge damage to the user.
Also this Malware copied all the email address used by Microsoft Outlook.
The email then were forwarded to multiple mails found.
The reciever sees the mails as send by a known person rather than the attacker
This way within minutes, thousands of emails starts overwhelming the system causing complete shutdown mail servers.
The attack estimated to have caused US $ 5 – 8 billion dollars.
And over 50 million infections were reported in 10 days.
Thank you for reading