Concept of Hacking

Free Hacking & Security Course

2. – Computer Hackers are here. Since the Internet became widely used in the World, With time we have started to hear more and more about hacking. Only a few Hackers, such as Kevin Mitnick, are well known and others international, hope Kashmir remember Shahid Malla and Adil Hussain Team Hackers Third eye

1. – In Computer World Hacking Means To get access to any Details or computer or email etc without permission. Hacking is The Art of exploring various security breaches is termed as Hacking.

3. -In a world of Black and White, it’s easy to describe the typical Hacker. A general outline of a typical Hacker is an Antisocial, Pimple-faced Teenage boy. But the Digital world has many types of Hackers.

4. -Hackers are human like the rest of us and are, therefore, unique individuals, so an exact profile is hard to outline. The best broad description of Hackers is that all Hackers aren’t equal. Each Hacker has Motives, Methods, and Skills. But some general characteristics can help you understand them. Not all Hackers are Antisocial, Pimple-faced Teenagers. Regardless, Hackers are curious about Knowing new things, Brave to take steps and they are often very Sharp Minded

Hacker

Hacker is a word that has two meanings:

Traditionally, a Hacker is someone who likes to play with Software or Electronic Systems. Hackers enjoy Exploring and Learning how Computer systems operate. They love discovering new ways to work electronically.

Recently, Hacker has taken on a new meaning — someone who maliciously breaks into systems for personal gain. Technically, these criminals are Crackers as Criminal Hackers. Crackers break into systems with malicious intentions.

They do it for Personal gain, Fame, Profit, and even Revenge. They Modify, Delete and Steal critical information, often making other people’s life miserable.

Hacking has a lot of meanings depending upon the person’s knowledge and his work intentions. Hacking is an Art as well as a Skill. Hacking is the knowledge by which one gets to achieve his Goals, anyhow, using his Skills and Power.

Most people associate Hacking with breaking law, therefore calling all those guys who engage in hacking activities to be criminals. We agree that there are people out there who use hacking techniques to break the law, but hacking is not really about that. In fact, hacking is more about following the law and performing the steps within the limits

Hacker vs. Cracker

What Is the Difference Between a Hacker and a Cracker?

Many articles have been written about the difference between Hackers and crackers, which attempt to correct public misconceptions about hacking. For many years, media has applied the word Hacker when it really means Cracker. So the public now believes that a Hacker is someone who breaks into computer systems and steals confidential data. This is very untrue and is an insult to some of our most talented Hackers.

There are various points to determine the difference between Hackers and crackers

Definition – A Hacker is a person who is interested in the working of any computer Operating system. Most often, Hackers are programmers. Hackers obtain advanced knowledge of operating systems and programming languages. They may know various security holes within systems and the reasons for such holes.

Hackers constantly seek further knowledge, share what they have discovered, and they never have intentions about damaging or stealing data.

Definition – A Cracker is a person who breaks into other people systems, with malicious intentions. Crackers gain unauthorized access, destroy important data, stop services provided by the server, or basically cause problems for their targets. Crackers can easily be identified because their actions are malicious.

Whatever the case, most people give Hacker a negative outline. Many malicious Hackers are electronic thieves. Just like anyone can become a thief or a robber, anyone can become a Hacker, regardless of age, gender, or religion. Technical skills of Hackers vary from one to another. Some Hackers barely know how to surf the Internet, whereas others write software that other Hackers depend upon

Types of Hacker

Let’s see the categories of Hackers on the basis on their knowledge.

Coders  

  • Real Hackers are the Coders, the ones who revise the methods and create tools that are available in the market. Coders can find security holes and weaknesses in software to create their own exploits. These Hackers can use those exploits to develop fully patched and secure systems.  
  • Coders are the programmers who have the ability to find the unique vulnerability in existing software and to create working exploit codes. These are the individuals with a deep understanding of the OSI Layer Model and TCP/IP Stacks.

Admins

Admins are the computer guys who use the tools and exploits prepared by the coders. They do not develop their own techniques, however they uses the tricks which are already prepared by the coders. They are generally System Administration, or Computer Network Controller. Most of the Hackers and security person in this digital world come under this category.

Admins have experience with several operating systems, and know how to exploit several existing vulnerabilities. A majority of Security Consultants fall in this group and work as a part of Security Team.

Script Kiddies

Next and the most dangerous class of Hackers is Script kiddies, They are the new generation of users of computer who take advantage of the Hacker tools and documentation available for free on the Internet but don’t have any knowledge of what’s going on behind the scenes. They know just enough to cause you headaches but typically are very sloppy in their actions, leaving all sorts of digital fingerprints behind. Even though these guys are the teenage Hackers that you hear about in the news media, they need minimum skills to carry out their attacks.

Script Kiddies are the bunnies who use script and programs developed by others to attack computer systems and Networks. They get the least respect but are most annoying and dangerous and can cause big problems without actually knowing what they are doing.   

 Types of Hackers on the basis of activities performed by them.

White Hat Hacker

A White Hat Hacker is a computer guy who performs Ethical Hacking. These are usually security professionals with knowledge of hacking and the Hacker toolset and who use this knowledge to locate security weaknesses and implement countermeasures in the resources.

 They are also known as an Ethical Hacker or a Penetration Tester. They focus on Securing and Protecting IT Systems.

Black Hat Hacker

A Black Hat Hacker is a computer guy who performs Unethical Hacking. These are Criminal Hackers or Crackers who use their skills and knowledge for illegal or malicious purposes. They break into or otherwise violate the system integrity of remote machines, with malicious intent.

These are also known as an Unethical Hacker or a Security Cracker. They focus on Security Cracking and Data stealing.

Grey Hat Hacker

A Grey Hat Hacker is a Computer guy who sometimes acts legally, sometimes in good will, and sometimes not. They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.

They are hybrid between White Hat and Black Hat Hackers.

Ethical Hacking  

Ethical Hacking is testing the resources for a good cause and for the betterment of technology. Technically Ethical Hacking means penetration testing which is focused on Securing and Protecting IT Systems.

Hactivism

Another type of Hackers are Hacktivists, who try to broadcast political or social messages through their work. A Hacktivist wants to raise public awareness of an issue. Examples of hacktivism are the Web sites that were defaced with the Jihad messages in the name of Terrorism.

Cyber Terrorist

There are Hackers who are called Cyber Terrorists, who attack government computers or public utility infrastructures, such as power stations and air-traffic-control towers. They crash critical systems or steal classified government information. While in conflict with enemy countries some government start Cyberwar via Internet

Why Hackers Hack?

The main reason why Hackers hack is that they can hack. Hacking is a casual hobby for some Hackers — they just hack to see what they can hack and what they can’t hack, usually by testing their own systems. Many Hackers are the guys who get kicked out of corporate and government IT and security organizations. They try to bring down the status of the organization by attacking or stealing information.

The knowledge that malicious Hackers gain and the ego that comes with that knowledge is like an addiction. Some Hackers want to make your life miserable, and others simply want to be famous. Some common motives of malicious Hackers are revenge, curiosity, boredom, challenge, theft for financial gain, blackmail, extortion, and corporate work pressure.

Many Hackers say they do not hack to harm or profit through their bad activities, which helps them justify their work. They often do not look for money full of pocket. Just proving a point is often a good enough reward for them.

Prevention from Hackers

What can be done to prevent Hackers from finding new holes in software and exploiting them?  

Information security research teams exist—to try to find these holes and notify vendors before they are exploited. There is a beneficial competition occurring between the Hackers securing systems and the Hackers breaking into those systems. This competition provides us with better and stronger security, as well as more complex and sophisticated attack techniques.

Defending Hackers create Detection Systems to track attacking Hackers, while the attacking Hackers develop bypassing techniques, which are eventually resulted in bigger and better detecting and tracking systems. The net result of this interaction is positive, as it produces smarter people, improved security, more stable software, inventive problem-solving techniques, and even a new economy.

Now when you need protection from Hackers, whom you want to call, “The Ethical Hackers”. An Ethical Hacker possesses the skills, mindset, and tools of a Hacker but is also trustworthy. Ethical Hackers perform the hacks as security tests computer systems.

Ethical Hacking — also known as Penetration Testing or White-Hat Hacking —involves the same Tools, Tricks and Techniques that Hackers use, but with one major difference:  

Ethical hacking is Legal.

Ethical hacking is performed with the target’s permission. The intent of Ethical Hacking is to discover vulnerabilities from a Hacker’s viewpoint so systems can be better secured. Ethical Hacking is part of an overall information Risk Management program that allows for ongoing security improvements. Ethical hacking can also ensure that vendors’ claims about the security of their products are legitimate.

As Hackers expand their knowledge, so should you. You must think like them to protect your systems from them. You, as the ethical Hacker, must know activities Hackers carry out and how to stop their efforts. You should know what to look for and how to use that information to thwart Hackers’ efforts.  

You don’t have to protect your systems from everything. You can’t. The only protection against everything is to unplug your computer systems and lock them away so no one can touch them—not even you.

That’s not the best approach to information security. What’s important is to protect your systems from known Vulnerabilities and common Hacker attacks.

It’s impossible to overcome all possible vulnerabilities of your systems. You can’t plan for all possible attacks — especially the ones that are currently unknown which are called Zero Day Exploits. These are the attacks which are not known to the world. However in Ethical Hacking, the more combinations you try — the more you test whole systems instead of individual units — the better your chances of discovering vulnerabilities.

Email hacking

How Email Works?  

Email sending and receiving is controlled by the Email servers. All Email service providers configure Email Server before anyone can Sign into his or her account and start communicating digitally.

Once the servers are ready to go, users from across the world register into these Email servers and set up an Email account. When they have a fully working Email account, they sign into their accounts and start connecting to other users using the Email services.

Email Travelling Path

Let’s say we have two Email providers, one is Server1.com and other is Server2.in, ABC is a registered user in Server1.com and XYZ is a registered user in Server2.in.  

ABC signs in to his Email account in Server1.com, he then writes a mail to the xyz@server2.in and click on Send and gets the message that the Email is sent successfully.

But what happens behind the curtains, the Email from the computer of abc@server1.com is forwarded to the Email server of Server1.com. Server1 then looks for server2.in on the internet and forwards the Email of the server2.in for the account of XYZ. Server2.in receives the Email from server1.com and puts it in the account of XYZ.

XYZ then sits on computer and signs in to her Email account. Now she has the message in her Email inbox

Email Service Protocols  

SMTP

SMTP stands for Simple Mail Transfer Protocol. SMTP is used when Email is delivered from an Email client, such as Outlook Express, to an Email server or when Email is delivered from one Email server to another. SMTP uses port 25.

POP3

POP3 stands for Post Office Protocol. POP3 allows an Email client to download an Email from an Email server. The POP3 protocol is simple and does not offer many features except for download. Its design assumes that the Email client downloads all available Email from the server deletes them from the server and then disconnects. POP3 normally uses port 110.

IMAP

IMAP stands for Internet Message Access Protocol. IMAP shares many similar features with POP3. It, too, is a protocol that an Email client can use to download Email from an Email server. However, IMAP includes many more features than POP3. The IMAP protocol is designed to let users keep their Email on the server. IMAP requires more disk space on the server and more CPU resources than POP3, as all Emails are stored on the server. IMAP normally uses port 143.

Configuring an Email Server

  • Email server software like Post cast Server, Hmailserver, Surge mail, etc can be used to convert your Desktop PC into an Email sending server.
  • HMailServer is an Email server for Microsoft Windows. It allows you to handle all your Email yourself without having to rely on an Internet service provider (ISP) to manage it. Compared to letting your ISP host your Email, HMailServer adds flexibility and security and gives you the full control over spam protection

Email Security

Now let’s check how secure this fast mean of communication is. There are so many attacks which are applied to Emails. There are people who are the masters of these Email attacks and they always look for the innocent people who are not aware of these Email tricks and ready to get caught their trap.

You have to make sure that you are not an easy target for those people. You have to secure your Email identity and profile, make yourself a tough target.

If you have an Email Id Do not feel that it does not matters if hacked because there is no important information in that Email account, because you do not know if someone gets your Email id password and uses your Email to send a threatening Email to the Ministry or to the News Channels.

The attacker is not bothered about your data in the Email. He just wants an Email ID Victim which will be used in the attack. There are a lots of ways by which one can use your Email in wrong means, i am sure that you would have come across some of the cased where a student gets an Email from his friends abusing him or cases on Porn Emails where the owner of the Email does not anything about the sent Email

Email Spoofing

Email spoofing is the forgery of an Email header so that the message appears to have originated from someone or somewhere other than the actual source. Distributors of spam often use spoofing in an attempt to get recipients to open, and possibly even respond to, their solicitations. Spoofing can be used legitimately.

There are so many ways to send Fake Emails even without knowing the password of the Email ID. The Internet is so vulnerable that you can use anybody’s Email ID to send a threatening Email to any official personnel.

Methods to send fake Emails

  1. Open Relay Server
  2. Web Scripts

Fake Emails: Open Relay Server

An Open Mail Relay is an SMTP (Simple Mail Transfer Protocol) server configured in such a way that it allows anyone on the Internet to send Email through it, not just mail destined ‘To’ or ‘Originating’ from known users.    An Attacker can connect the Open Relay Server via Telnet and instruct the server to send the Email.

Open Relay Email Server requires no password to send the Email.

Fake Emails: via web script

  • Web Programming languages such as PHP and ASP contain the mail sending functions which can be used to send Emails by programming Fake headers i.e.” From To Subject:”
  • There are so many websites available on the Internet which already contains these mail sending scripts. Most of them provide a free service.
  • Some of Free Anonymous Email Websites are:
  1. FakEmailer.net
  2. FakEmailer.info
  3. Deadfake.com
  4. Shahidmalla.com/emailspoofingtest

PHP Mail Script!

<later I will share it>

Consequences of fake emails

  • Email from your Email ID to any Security Agency declaring a Bomb Blast can make you spend rest of your life behind the iron bars.
  • Email from you to your Girl friend or Boy friend can cause Break-Up and set your friend’s to be in relationship.
  • Email from your Email ID to your Boss carrying your Resignation Letter or anything else which you can think of.
  • There can be so many cases drafted on Fake Emails.

Proving a fake Email

Every Email carry Header which has information about the Travelling Path of the Email

Check the Header and Get the location from the Email was Sent

Check if the Email was sent from any other Email Server or Website

Headers carry the name of the Website on which the mail sending script was used.

Email Bombing

Email Bombing is sending an Email message to a particular address at a specific victim site. In many instances, the messages will be large and constructed from meaningless data in an effort to consume additional system and network resources. Multiple accounts at the target site may be abused, increasing the denial of service impact.

Email Spamming

Email Spamming is a variant of Bombing; it refers to sending Email to hundreds or thousands of users (or to lists that expand to that many users). Email spamming can be made worse if recipients reply to the Email, causing all the original addressees to receive the reply. It may also occur innocently, as a result of sending a message to mailing lists and not realizing that the list explodes to thousands of users, or as a result of a responder message (such as vacation(1)) that is setup incorrectly.

Email Password Hacking

  • There is no specified attack available just to hack the password of Email accounts. Also, it is not so easy to compromise the Email server like Yahoo, Gmail, etc.
  • Email Password Hacking can be accomplished via some of the Client Side Attacks. We try to compromise the user and get the password of the Email account before it reaches the desired Email server.
  • We will cover many attacks by the workshop flows, but at this time we will talk about the very famous

  How To Hack Email Password? Methods List >>

Phishing

  • The act of sending an Email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.
  • The Email directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is Bogus and set up only to steal the User’s information.

Phishing scams could be

  1. Emails inviting you to join a Social Group, asking you to Login using your Username and Password.
  2. Email saying that Your Bank Account is locked and Sign in to Your Account to Unlock IT.
  3. Emails containing some Information of your Interest and asking you to Login to Your Account.
  4. Any Email carrying a Link to Click and asking you to Login.

Prevention against Phishing

  1. Read all the Email Carefully and Check if the Sender is Original
  2. don’t download untrust browser
  3. don’t use anyone free wife from unknow source
  4. Watch the Link Carefully before Clicking
  5. Always check the URL in the Browser before Signing IN to your Account
  6. Always Login to Your Accounts after opening the Trusted Websites, not by Clicking in any other Website or Email.

Email Tracing

  • Tracing an Email means locating the Original Sender and Getting to know the IP address of the network from which the Email was actually generated.
  • To get the information about the sender of the Email we first must know the structure of the Email.
  • As we all know the travelling of the Email. Each message has exactly one header, which is structured into fields. Each field has a name and a value. The header of the Email contains all the valuable information about the path and the original sender of the Email.
  • For tracing an email Address You need to go to your email account and log into the email which you want to trace after that you have to find the header file of the email which is received by you.
  • You will get the Source code of the email.
  • For Rediffmail-
  • For Yahoo mail-
  • For Gmail-
  • For Thehostz.com
  • www.elyspace.com

Now see from bottom to top and the first IP address you find is the IP address of the sender.

Once you have the IP Address of the sender, go to the URL www.ip2location.com and Find the location of the IP Address

Keystroke loggers

Keystroke Loggers (or Key loggers) intercept the Target’s keystrokes and either save them in a file to be read later or transmit them to a predetermined destination accessible to the Hacker.

Since Keystroke logging programs record every keystroke typed in via the keyboard, they can capture a wide variety of confidential information, including passwords, credit card numbers, and private Email correspondence, names, addresses, and phone numbers. Types of keyloggers

Hardware keylogger

Software keylogger

Some Famous keyloggers

  • Actual Spy
  • Perfect Keylogger
  • Family Keylogger
  • oSpynote
  1. Soft Central Keylogger
  2. Adramax Keylogger lates aviavble

Securing your Email account

  1. Always configure a Secondary Email Address for the recovery purpose.
  2. Properly configure the Security Question and Answer in the Email Account.
  3. Do Not Open Emails from strangers.
  4. Do Not Use any other’s computer to check your Email.
  5. Take Care of the Phishing Links.
  6. Do not reveal your Passwords to your Friends

Chapter 3: Windows Hacking and Security

There are three components of Windows Security:

  • LSA(Local Security Authority)
  • SAM (Security Account Manager)
  • SRM (Security Reference Monitor)  

LSA (Local Security Authority)  

LSA is the Central Part of NT Security. It is also known as the Security Subsystem. The Local Security Authority or LSA is a key component of the login process in both Windows NT and Windows 2000. In Windows 2000, the LSA is responsible for validating users for both local and remote logins. The LSA also maintains the local security policy.

During the local login to a machine, a person enters his name and password to the login dialog. This information is passed to the LSA, which then calls the appropriate authentication package. The password is sent in a nonreversible secret key format using a one-way hash function. The LSA then queries the SAM database for the User’s account information. If the key provided matches the one in the SAM, the SAM returns the users SID and the SIDs of any groups the user belongs to. The LSA then uses these SIDs to generate the security access token.

SAM (Security Account Manager)  

1- The Security Accounts Manager is a database in the Windows operating system (OS) that contains user names and passwords. SAM is part of the registry and can be found on the hard disk.

2- This service is responsible for making the connection to the SAM database (Contains available user-accounts and groups). The SAM database can either be placed in the local registry or in the Active Directory (If available). When the service has made the connection it announces to the system that the SAM-database is available, so other services can start accessing the SAM-database.

3- In the SAM, each user account can be assigned a Windows password which is in encrypted form. If someone attempts to log on to the system and the user name and associated passwords match an entry in the SAM, a sequence of events takes place ultimately allowing that person access to the system. If the user name or passwords do not properly match any entry in the SAM, an error message is returned requesting that the information be entered again.

4- When you make a New User Account with a Password, it gets stored in the SAM File.

5- Windows Security Files are located at  “C:\Windows\System32\Config\SAM”

6- The moment operating system starts, the SAM file becomes inaccessible.

SRM (Security Reference Monitor)  

a) The Security Reference Monitor is a security architecture component that is used to control user requests to access objects in the system. The SRM enforces access validation and audit generation. Windows NT forbids direct access to objects. Any access to an object must first be validated by the SRM. For example, if a user wants to access a specific file the SRM will be used to validate the request. The Security Reference Monitor enforces access validation and audit generation policy.

b) The reference monitor verifies the nature of the request against a table of allowable access types for each process on the system. For example, Windows 3.x and 9x operating systems were not built with a reference monitor, whereas the Windows NT line, which also includes Windows 2000 and Windows XP, was designed with an entirely different architecture and does contain a reference monitor.

Windows user account architecture

1.- User account passwords are contained in the SAM in the Hexadecimal Format called Hashes.

2.- Once the Passwords converted in Hashes, you cannot convert back to the Clear Text.

Cracking Windows User Account password  

Passwords are Stored and Transmitted in an encrypted form called a Hash. When a User logs on to a system and enters a password, a hash is generated and compared to a stored hash. If the entered and the stored hashes match, the user is authenticated (This is called the Challenge/Response).

Passwords may be cracked manually or with automated tools such as a Brute-force method or the Rainbow Table attack.

  • In this if we put the password and windows vey the password we entered on teen with the file in which the password is stored of ours.
  • This is stored in a file named SAM
  • It is shown in the picture above.
  • Now we need to attack this file.
  • For this we need to open this file but it is not possible as it is in process by the computer from its start up.
  • And we suppose that the file opens then also we cannot see the passwords stored in it because they are encrypted in the form of HASHES.
  • And they and not be decrypted. Ad it is the hardest encryption done and decryption is not easy.
  • But it is not impossible.
  • We Need a Bootable CD named Hiren boot and Can Crack the Password.
  • But Another Attack –
  • Go to C:\Windows\System32\
  • Copy the File cmd.exe to desktop and rename it to sethc.exe
  • Now copy the file sethc.exe to C:\Windows\System32\ and will give an error, give that error YES. And replace it.
  • Now You Are Done.
  • Now At the Login Screen Press SHIFT Key 5 times and a beep Sound will come and Command prompt will open.
  • In the command prompt type “explorer.exe” and Hit Enter a desktop will open in the tab mode. Use The Computer Unlimited…

Windows User Account Attack

1) To See all the account present on the computer  

2) To change the password without knowing the old password.

3) To make a new user account.

4) To Delete the Existing user account.

5) To make a hidden account in computer.***** { Works only in windows XP}

Note: – To login to this Hidden Account Press  

Ctrl + Alt + Delete + Delete

And give the hidden user name in the user name field and password respectively.  

And the above are to be executed in command prompt. And the hacker indicates the respective user name. Or the name of the account.

To hide a file behind an image.

To hide a file behind an image file which means that if anyone opens that image he will see the image only but if you open in a special way then you can open the hidden file behind the image.

So to hide the file behind a image open CMD.exe

To hide a file behind an image.

To hide a file behind a image file which means that if any one opens that image he will see the image only but if you open in a special way then you can open the hidden file behind the image.

So to hide the file behind a image open CMD.exe

1) Select an image to be used for hiding file behind the image.

2) Now select a file to hide behind the image and make it in .RAR format. With the help of the WinRAR.

3) And most important is that paste both  the files on desktop and run the following command on the command prompt.

4) And then type the following command.

cd desktop

Copy /b imagename.jpg + filename.rar  finalnameofimage.jpg

Make a Private Folder

To make a Private folder which nobody can open, delete, see properties, rename.

To make such a folder you need to make a folder with any name. For example- manthan on desktop.

And then open a command prompt and then type the following command on the screen.

Then type  

And hit enter the folder is locked

To open the folder just: replace with: f

And the folder is opened

Brute Force Attack

Brute force password means guessing any words like trying a random approach by attempting different passwords and hoping that one works. Some logic can be applied by trying passwords related to the person’s name, job title, hobbies, or other similar items.

Brute force randomly generates passwords and their associated hashes.

There are tools available to perform the Brute force attack on the Windows SAM File. Most famous tool available for Windows User Account Password Brute forcing is Cain and Abel. Another one is Sam Inside.

Trojans in Brief

This tutorial will include the understanding concept of Trojan, Dangers created by Trojans, how they can come to your computer, how do they destroy you and your data. How many types of Trojans are there, how Trojans are attached behind other applications and finally the most important, Detection of Trojan on your computer and their prevention to safeguard your system and your data

Knowing the Trojan

A Trojan is a malicious program misguided as some very important application. Trojans comes on the backs of other programs and are installed on a system without the User’s knowledge. Trojans are malicious pieces of code used to install hacking software on a target system and aid the Hacker in gaining and retaining access to that system. Trojans and their counterparts are important pieces of the Hacker’s tool-kit.

Trojans is a program that appears to perform a desirable and necessary function but that, because of hidden and unauthorized code, performs functions unknown and unwanted by the user. These downloads are fake programs which seem to be an original application, it may be software like monitoring program, system virus scanners, registry cleaners, computer system optimizers, or they may be applications like songs, pictures, screen savers, videos, etc..

You just need to execute that software or application, you will find the application running or you might get an error, but once executed the Trojan will install itself in the system automatically.

Once installed on a system, the program then has system-level access on the target system, where it can be destructive and insidious. They can cause data theft and loss, and system crashes or slowdowns; they can also be used as launching points for other attacks against your system.

Many Trojans are used to manipulate files on the victim computer, manage processes, remotely run commands, intercept keystrokes, watch screen images, and restart or shut down infected hosts

Types Of Trojan —

1. Remote Administration Trojans: There are Remote Access Trojans which are used to control the Victim’s computer remotely.

2. Data Stealing Trojans: Then there are Data Sending Trojans which compromised the data in the Victim’s computer, then find the data on the computer and send it to the attacker automatically.

3. Security Disabler Trojan: There are Security software disablers Trojans which are used to stop antivirus software running in the Victim’s computer.

In most of the cases, the Trojan comes as a Remote Administration Tools which turns the Victim’s computer into a server which can be controlled remotely. Once the Remote Access Trojan is installed in the system, the attacker can connect to that computer and can control it.

Next Part Will Be Updated Soon

Security & Hacking

Tagged in:

, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,