Sam Asks About Worms and Trojans
I want to tell you that I subscribe to several computer newsletter – but without doubt yours is the best – and the most fun to read. I was wondering if you would be so kind as to clarify the differences between a “worm” as opposed to a “Trojan”, in the way they spread? Thank you, Sam.
Thanks for your nice comments, Sam.
Worms are like viruses, but can act as Trojans as well. Their function may be nothing more than sending itself to as many addresses as it can harvest from the computer that it infects. Worms are generally distributed by email as attachments or via peer-to-peer file sharing programs. A worm can be polymorphic, which means that it assumes a different appearance each time it hits an inbox. Some worms with many different faces can have the same basic programming.
And there’s some new faces in town – well not really new but newer than Trojans, viruses, and worms – they’re called BotNets – and they’re distributed exactly the same way as Trojans, worms and viruses are. BotNets turn an infected computer into a zombie. An infected computer will become part of a network in which all the infected computers perform functions that the “controller” of the BotNet orders. Usually BotNets are used to send massive amounts of spam. Infected computers are turned into spam-sending machines and their owners are not aware of it. These infected “zombie” computers are manipulated from a remote computer to perform any task the controller desires.
Trojan horse programs are named for the giant wooden horse that concealed Greek soldiers who used it to invade the ancient city of Troy. Like that famous trick, a Trojan horse program conceals hidden programming. The hidden function may just be a joke, or something malicious like a keylogger – where every keystroke is logged – including the keystrokes of typed passwords, credit card numbers, user names, account numbers, etc. -and transmitted to a criminal sitting at his computer somewhere far away. Trojan horse programs are most often used to steal people’s sensitive data. Normally a Trojan will be programmed to send information from the infected computer to another computer or Web server. Trojans can be concealed inside other software or distributed via email as attachments. Windows XP, Vista, and Windows 7 users should make sure their Windows firewall is on and working and their anti-virus and anti-spyware programs are kept up-to-date. A third-party firewall does not provide additional protection and is a waste of money. As long as you use good antivirus and good antispyware – and frequently update them, spending money on some third-party firewall is unwise.
Email is another way viruses, worms and Trojans are spread. It’s well-known that some people will click links in email without thinking – others will click on any e-mail attachment that they receive as an attachment without thinking. Miscreants and criminals know this. Programmers with nothing better to do, get their kicks by writing malicious programs. These types of programs are designed to spread to all those who correspond with careless users. Because of this threat, the only 100 percent safe email file attachment is a deleted one.
Protect yourself! Make sure you use an anti-virus program and two good anti-spyware programs – and keep them updated frequently. Scan your computer online at least once per week to double-check that your computer is not infected. Keep your Microsoft Windows Updates current. Be careful with email attachments! Never open them directly from email. The safest policy is to immediately delete them but that’s not always practical. If you are certain it came from someone you know, you’re expecting it, and want to make sure it’s safe, save it to your desktop and scan it with your anti-virus program or use an online scanning service before attempting opening it. Just because the email address of the sender happens to be the same as someone you know well, does not guarantee that the person you know actually sent the email. Never assume if you’re not positive. And don’t click links in email unless you’re certain of its source.
Most importantly, use your head. Let your own common sense be your guide. The best software you have is that wonderful brain between your ears.