Trojan horse attacks pose one of the most serious threats to computer security. If you were referred here, you may have not only been attacked but may also be attacking others unknowingly.
According to legend, the Greeks won the Trojan war by hiding in a huge, hollow wooden horse to sneak into the fortified city of Troy. In today's computer world, a Trojan horse is defined as a "malicious, security-breaking program that is disguised as something benign". For example, you download what appears to be a movie or music file, but when you click on it, you unleash a dangerous program that erases your disk, sends your credit card numbers and passwords to a stranger, or lets that stranger hijack your computer to commit illegal denial of service attacks like those that have virtually crippled the DALnet IRC network for months on end. The following general information applies to all operating systems, but by far most of the damage is done to/with Windows users due to its vast popularity and many weaknesses.
(Note: Many people use terms like Trojan horse, virus, worm, hacking and cracking all interchangeably, but they really don't mean the same thing. Let's just say that once you are "infected", trojans are just as dangerous as viruses and can spread to hurt others just as easily!)
Trojans can be far more malicious than viruses and you should care - they're programs that let someone else remotely administer your computer without your knowing about it. There are legitimate programs that do this too, systems administrators use them to administer networks, but Trojans are a different matter. If you're on a network you know it has an administrator to keep things running smoothly. A Trojan can be planted by anyone, without your permission or knowledge. And unlike a remote administration program, a Trojan can be highly destructive. So let's take a quick look at what Trojans do, and more importantly, what you can do to stop them.
Trojans can log every keystroke you type (even when you're offline) and have your e-mail program send the information to the person who planted the Trojan without your knowing it. Trojans can get all your passwords, credit card numbers and other information stored on your computer - or even things that you type into the computer and don't save. They can be used to read, delete or change all your files, turn your screen upside down, abruptly disconnect you from the Internet, or direct your browser to only certain web sites and other nuisances. It gets worse - Trojans can be used to spy on you through your chat and instant message programs, web cam or microphone, and even destroy your hardware.
They can damage your reputation as well as your hardware and data. Trojans can be used to get into your address book and send very convincing looking e-mails saying whatever someone else likes from you to your employer, bank manager, clients, girlfriend, whomever, and they can make you seem to say really awful things to people in on-line chats or conferences. You can imagine some of the consequences - a 'Net conference with important clients and you won't see the message coming from you saying "screw you, you're all a bunch of lamers anyway," but the persons you're talking with will. Or someone can plant a Trojan and use your computer to hack into somebody else's computer. And all kinds of other bad things. Possibly the worst things about Trojans are that most people don't even know they exist, and most anti-virus scanners do not pick up or delete them. Trojans are becoming more common, especially as more people have cable and DSL or other "always on" connections, though you can get them using regular dial-up connections too. And some of the newer Trojans are harder to detect (this is one reason to be careful of running .htm or .html files you receive by e-mail - there are Trojans out now that use HTML code and will bypass firewalls - a couple of examples are NOOB and godmessage). They are, in short, very easy to plant on your computer without your knowing it until substantial damage has been done. There are all kinds of script kiddies out there using ICQ and IRC, not to mention e-mail. Criminals use the Internet, too, and there may be people out there who just plain don't like you and would do something that vicious to get revenge - the Internet, like the real world, has its share of crackpots, and most of these programs require no technical expertise to use. Be aware enough from reading this to realize that Trojans can be a serious threat to your privacy, reputation, data and computer hardware.
There are some things you can do. Be careful about accepting files over the Internet or opening e-mail attachments unless you know what they are and who they're from. Get a good firewall, like Zonealarm, available free from Zonelabs. Even if other firewalls have had you befuddled, this one won't. It's very powerful and it's also very user- friendly. And head over to the Moosoft site and pick up a copy of The Cleaner. It's a great anti-trojan scanning and cleaning program, and it also has a neat little feature called TCActive that you can run at Windows startup. It'll sit in your system tray, use almost no computer resources, and keep any known Trojans from activating on your machine. If you do find your machine infected with a Trojan Horse program, don't panic. Disconnect from the Internet, run your Trojan scanner, and delete the Trojan. Trojans can't be cleaned, like many viruses can. They can only be deleted, but doing this will in no way harm your machine or your software.