Trojan 2.0 - Implications of Web 2.0 technology
Finjan Malware Research Center has just released the Fourth Security Risk Report. Accordingly, measures against traditional malware - signature-based (virus detection based on a database of known malware software) and
Security experts have warned that Blogger, MySpace, and Facebook can easily be used by trojans 2.0 to become stolen data.
Finjan Malware Research Center has just released the Fourth Security Risk Report. Accordingly, traditional anti-malware signature-based measures (virus detection based on a database of known malware software) and blocking control channels via commands (command-and- control) - will be less effective because malicious software writers are taking advantage of Web 2.0 technology.
In computer jargon, trojans are simply malware but disguised as "harmless" to hide in computers. When started, they will install other programs or execute code that functions to capture or destroy data contained in the system.
Trojan keylogger has the function to record actions on the keyboard of the infected computer user and send the collected data back to the person who distributed it. This is a common form of trojans.
Often, an attacker can control remote trojan software. Finjan uses Trojan 2.0 to refer to the new generation of Trojans because they exploit bugs on Web 2.0 and software.
In his report, Finjan explained that locking down the Trojan's command-control structure is getting harder and harder to implement, when these commands are executed on open channels.
' By transmitting via a third-party web service, Trojans can avoid being killed by Web security software .'
Since then, the report confirms that any blog that supports RSS can be a "control center". And closing that blog is also ineffective because Trojans can be directed to target another RSS feed.
Stealing data can also be easily accessed when stored on Web 2.0 addresses such as Blogger, MySpace, and Facebook.
For security companies that are competing with each other, this is a big problem. Because this model uses Web addresses and real domain names to route the botnet, its communications are no different from normal Web traffic that existing security software cannot detect in most case, 'Finjan's report said.
Finjan concluded that real-time data investigation is essential to countering the risk of trojan 2.0. There have been many security experts speaking up about this issue.
Signature-based security methods will not be able to protect the Internet from trojans in an era when Trojan itself has its own signature. And both the port blocking will not help when the data is transmitted through the open ports.
Hoang Nguyen
You should read it
- Can Trojans self-replicate?
- What is a Trojan? How to avoid trojan attack?
- The intense revival of Briz Trojan
- How to 'defend' Zeus trojan
- Trojan worms' hybrid
- Appeared Trojans spy on businesses
- Detecting trojans kidnapping and turning email into spam
- McAfee spoofing spam to distribute trojans
- Trojans appear to attack Microsoft Office
- It's BBC's turn to be spoofed by trojans to spread
- Use SEO to bring Google search results to bank trojans
- New generation extortion trojan detection
Maybe you are interested
How to turn on automatic email replies on Gmail The Computex 2020 event was officially canceled How to Survive Without the Internet on Vacation How to Define, Add, and Subtract Matrices in MATLAB How to Use MatLab to Solve Matrix Equations and Perform Statistical Analysis How to Create a Matrix, Vector, and Cell Array in MATLAB