In part 1 we looked at viruses. In this part we look at trojan horses and cookies.

Trojan Horse:

A Trojan Horse meets the definition of virus that most people use, in the sense that it attempts to infiltrate a computer without the user’s knowledge or consent. A Trojan Horse, similar to its Greek mythological counterpart, often presents itself as one form while it is actually another.

Trojans typically do one of two things: they either destroy or modify data the moment they launch, such as erase a hard drive, or they attempt to ferret out and steal passwords, credit card numbers, and other such confidential information.

Trojan Horses can be a bigger problem than other types of viruses as they are design to be destructive or disruptive, as opposed to viruses and worms where the coder may not intend to do any harm at all. Essentially this distinction does not matter in the real world. You can lump viruses, Trojans, and worms together as “things I don’t want on my computer or my network”. Many trojans are now delivered using virus technology, including the ability to self-replicate across computers in networks.

Recent examples of Trojans include fake anti-virus software. Here the user is presented with a pop-up which claims to have found lots of malware, and requests the user to pay a sum of money in order the program be activated and clean the “found” malware.

The methods for dealing with Trojans are generally the same as for those for dealing with viruses. Most virus scanners attempt to deal with some of the common Trojans with varying degrees of success. There are also specific “anti-Trojan” scanners available.

Cookies:

A cookie is just a bit of text in a file on your computer, containing a small amount of information that identifies you to a particular website, and whatever information that site wanted to retain about the user when they are visiting.

Cookies are a legitimate tool used by many websites to track visitor information. As an example, I might go to an online computer store and place an item in the basket, but decide not to buy it right away because I want to compare prices. The store can choose to put the information about what products I put into my basket in a cookie stored on my computer. This is an example of a good use of cookies to help the user experience.

The only websites that are supposed to be able to retrieve the information stored in a cookie are the websites that wrote the information in that particular cookie. This should ensure your privacy by stopping anyone other than the site you are visiting from being able to read any cookies left by that site.

Some cookies however are not so good. They may track your Web surfing habits across many different websites without informing you, and then use this data to customize the advertisements you see on websites, etc., typically considered as an invasion of privacy. Good anti-malware programs are able to scan for and identify many of the bad cookies, taking appropriate action against them, normally deletion.

Next time we’ll look at general spyware and rootkits.

Previously we have looked at malware and viruses (part 1), and trojans and cookies (part 2). This time we look at general spyware and rootkits.

Spyware:

The spyware problem is similar to the cookie problem from the point of view that both are an invasion of privacy, although spyware is different from cookies, technically speaking. Spyware is a program that runs on your computer and, again, tracks your habits and tailors these patterns for advertisements, etc. Because it is a computer program rather than just a bit of text in a cookie, spyware can also do some nasty things to ensure that the spyware keeps running and keeps influencing what you see.

Spyware programs have to be downloaded in order to work, however they are commonly downloaded without the user knowing. Common tactics for surreptitious installation include rolling up advertising programs into “free” shareware program downloads, and once the spyware is installed it can download advertisements 24 hours a day and overlay them on websites and programs you are using.

Some forms of spyware monitor a target’s Web use or even general computer use and sends this information back to the spyware program’s authors for use as they see fit. Other forms of spyware take over parts of your Web browsing interface, forcing you to use their own search engines, where they can track your browsing habits and send pop-up advertisements to you at will.

The biggest concern regarding spyware is that most of them are poorly written or designed. Many people first realize their computer is running spyware when it noticeably slows down or stops responding, especially when doing certain tasks such as browsing websites or retrieving e-mail. In addition, poorly written spyware can often cause your computer to function incorrectly even after it has been removed.
Rootkit:

A rootkit is a collection of malware and other tools which use stealth technology to keep themselves hidden from the user and often even from the operating system. It enables an attacker to have “root” (administrator) access to the computer. For example, it can intercept requests to a file manager such as Explorer and cause it to keep certain files hidden from display, even reporting false file counts and sizes to the user. Because rootkits can use stealth technology and hide themselves from both the user and the operating system they are generally very hard to get rid of. Specialist sotware tools are required.

Next time we look at the latest trends and how we can protect ourselves from the huge arsenal of online threats.