While downloading an IRC (Internet Relay Chat) script recently, I encountered a "Trojan Horse" virus, luckily my antiviral software spotted it before it could do any damage. Greek literature tells us that what may look harmless, may in fact, be deadly. As I had no prior experience of this virus I did a little research. I found that Trojans do anything from destroying the software they infect to completely wiping your hard drive. Amazingly, I also found that with a Windows version of a small program known as trin00, (a Trojan), any Windows PC can be co-opted into the sorts of attacks like those that crippled Yahoo! eBay and Amazon recently.
As the subject of my addiction, the protection of my PC and the data therein is always foremost in my mind, but on a broader scale I was quite worried to know that any ordinary Windows based computer can be used to mount these hacker attacks to send out an intense stream of requests for data to Web servers, leaving the servers unable to handle legitimate requests (DDoS distributed denial of service). The threat level is so high, with the vast amounts of PCs connected to the Web, that major antivirus vendors have begun to release software that can detect and disable the the Trojan. The American FBI has released similar software for other operating systems such as Linux.
It seems that users whose computers are linked to the Internet over constant connections such as cable or ADSL are most at risk. The Trojan will spread via shared and emailed attached files that are billed as interesting programs or games. But more than likely it is corporate users who will be most vulnerable as they exchange files far more frequently. Similarly, businesses are likely targets of DDoS attacks. Though Trin00 is not known to damage the machines it runs on, it can cause potential financial loss, imagine if someone blocked the entrance to every HMV store in the country with truckloads of potatoes!
The increasing numbers of high-bandwidth connections, the millions of machines with weak security, the increasingly complex software created by programmers with little training in writing secure code produced under extreme pressure to get products on the market, all means that there is an accelerating number of "always-on, rarely protected" systems attached to the net.
Mounting defences requires international co-operation and a sustained community effort, and of course, it is extremely difficult to investigate and prosecute these types of crimes successfully. So one should always be very wary of "Greeks" bearing "gifts".
Home