Trojan Vs Rat Vs Rootkit Mayuri More1, Rajeshwari Gundla2, Siddharth Nanda3 1U.G

Trojan Vs Rat Vs Rootkit Mayuri More1, Rajeshwari Gundla2, Siddharth Nanda3 1U.G

IJRECE VOL. 7 ISSUE 2 (APRIL- JUNE 2019) ISSN: 2393-9028 (PRINT) | ISSN: 2348-2281 (ONLINE) Trojan Vs Rat Vs Rootkit Mayuri More1, Rajeshwari Gundla2, Siddharth Nanda3 1U.G. Student, 2 Senior Faculty, 3Senior Faculty SOE, ADYPU, Lohegaon, Pune, Maharashtra, India1 IT, iNurture, Bengaluru, India2,3 Abstract - Malicious Software is Malware is a dangerous of RATs completely and prevent confidential data being software which harms computer systems. With the increase leaked. So Dan Jiang and Kazumasa Omote researchers in technology in today’s days, malwares are also increasing. have proposed an approach to detect RAT in the early stage This paper is based on Malware. We have discussed [10]. TROJAN, RAT, ROOTKIT in detail. Further, we have discussed the adverse effects of malware on the system as III. CLASSIFICATION well as society. Then we have listed some trusted tools to Rootkit vs Trojan vs Rat detect and remove malware. Rootkit - A rootkit is a malicious software that permits a legitimate user to have confidential access to a system and Keywords - Malware, Trojan, RAT, Rootkit, System, privileged areas of its software. A rootkit possibly contains Computer, Anti-malware a large number of malicious means for example banking credential stealers, keyloggers, antivirus disablers, password I. INTRODUCTION stealers and bots for DDoS attacks. This software stays Nowadays, this world is full of technology, but with the hidden in the computer and allocates the remote access of advantages of technology comes its disadvantages like the computer to the attacker[2]. hacking, corrupting the systems, stealing of data etc. These Types of Rootkit: malpractices are possible because of malware and viruses 1. Kernel rootkit: Kernel rootkit operates at the operating that are created by hackers and attackers. There are also system making it difficult to spot and may also cause many tools to prevent these malwares. Let us discuss some serious consequences on the operating system. malware, their effects and how to remove them. 2. Firmware Rootkit: Firmware devices like network What Is A Malware? Malware is a software which is devices are affected by these kinds of rootkits. It is very malicious and intends to harm the other systems/devices, difficult to detect as it is booted when machines get server, computer network, people, and important data booted and stay in the device forever. belonging to any person or organisation. Malware is capable 3. Application Rootkit: These rootkits infect the application of disrupting the system’s function and allowing an attacker files inside the computer. The application files are to retrieve confidential and sensitive information. An replaced by the rootkit files or the behaviour of the attacker can spy on the host computer using a malware [1]. application is changed due to code injected. Malware can be classified as: 4. Memory rootkit: These kinds of rootkits take shelter of 1. Viruses the RAM to hide and operate from the computer 2. Worms memory. 3. Trojan 5. Bootkit rootkits: These rootkits infect the authentic boot 4. Rootkits loader of the computer with the corresponding rootkit, 5. Ransomware enabling them to activate when the operating system is 6. Keyloggers started. 7. Grayware 6. Persistent Rootkit: These types of rootkits are able to 8. Botnet restart the system activities after shutting down. 9. Spyware 7. Library rootkits: These Rootkits are capable of altering 10. Adware the library files in the system library. II. LITERATURE SURVEY Trojan - A Trojan is a malicious program that seems to be Author discussed in depth analysis of the rootkits that target legitimate but is capable of taking control of the host the operating system and which uses various hooking computer. The basic operations of trojan are damaging, techniques to hide themselves [8]. Konrad Rieck, Thorsten disrupting, stealing, or perpetrating further harmful actions Holz, Carsten Willems, Patrick D¨ussel, and Pavel Laskov on the data or network [3]. authors have proposed a method to classify different Types of Trojan: malware types based on behaviour of malware [9]. By 1. Backdoor Trojan: These types of trojan are capable of installing Remote Access Trojan, attacker can monitor and creating a “backdoor” on the computer. The attacker control the victim’s PC remotely to steal confidential can access and control the computer. The data in the information. Main issue is it is hard to prevent the intrusion INTERNATIONAL JOURNAL OF RESEARCH IN ELECTRONICS AND COMPUTER ENGINEERING A UNIT OF I2OR 113 | P a g e IJRECE VOL. 7 ISSUE 2 (APRIL- JUNE 2019) ISSN: 2393-9028 (PRINT) | ISSN: 2348-2281 (ONLINE) device can be stolen by a third person and more 3. Havex: Industrial Control Systems (ICS) is targeted by malwares can be uploaded to the device. Havex. Being very erudite, it gives the attacker, full 2. DDoS (Distributed Denial of Service) attack trojan: control of the infected machine. HTTP and HTTPS, helps These trojans perform DDoS attacks. The task is to it to communicate with its C&C server. deflate a network by inundating it with traffic coming 4. Agent.BTZ/ComRat: This RAT is a well known and from infected devices. infamous RAT created by the Russian government in 3. Downloader trojan: This Trojan makes the pre-infected order to target ICS networks in Europe. It is proliferated computer as its target by downloading and installing through phishing attacks. It cannot be easily detected in new editions of malicious programs including adware. an analysis as it avails advanced encryption. Enhanced 4. Fake AV Trojan: These trojans acts like antivirus, but anti-analysis and forensic methods are used by necessitates money to spot and remove threats. Agent.BTZ. 5. Game-Thief Trojan: The account information of online 5. Dark comet: It provides ample administration gamers is stolen by game-thief trojans. proficiencies across the infected device. It is difficult to 6. Info-stealer Trojan: As the name suggests, this trojan detect because of Crypters used to veil its existence from seeks for the data in the infected device. antivirus. It carries out several administrative tasks 7. Mail-finder Trojan: Stealing the email addresses present maliciously, for example disabling windows firewall, on the computer is done by this Trojan. Task manager and windows UAC. 8. Ransom Trojan: This Trojan asks for a ransom to 6. AlienSpy: It is designed to target Apple OS X platforms. reverse the changes or damage it made to the computer It indulges in collecting information, activating webcams, by blocking data or worsening the computer’s connecting to C&C server securely, providing control for functioning. victim machine. It detects the presence of virtual 9. Remote Access Trojan: An attacker can remotely access machines by anti-analysis techniques. the device, also whipping any data and prying on 7. Heseber: This RAT operates to deploy Virtual anyone. Networking Computing (VNC). It cannot be detected by 10. Rootkit Trojan: A Rootkit fleece or obscure a program antivirus as VNC is an authentic isolated administration on the infected device. tool. It also provides control over the infected system and 11. SMS Trojan: SMS Trojans intend to infect a mobile transfer files. device by sending intercept text messages. 12. Trojan-Banker: Trojan banker targets the financial Adverse effects of malware accounts of the host. It steals account information for 1. Increase in network traffic - Increase in network traffic which online transactions are done including credit illustrate the malware attacks on the computer. The card, bill pay data and online banking. malware works at the backend of genuine looking 13. Trojan IM: This Trojan aims instant messaging, stealing software and simultaneously increase the network traffic. the logins and password on IM platforms. 2. Loss of critical system elements - The malwares are designed to damage or steal user information. Some Remote Access Trojan (RAT) - Remote Access Trojan is a hackers intentionally erase the crucial elements of the malware program including a backdoor, enabling an system. administrative control on the targeted computer or device. 3. Crashing of the operating system - Computers get shut RAT is mostly downloaded unknowingly due to email down whenever the user tries to remove the infection. A attachments or games, compromising the host system. The fake Blue screen of Death might be experienced which intruder then distributes RATs to other vulnerable devices imitate a crashing computer. and establish a botnet. It monitors the behaviour of users 4. Hardware failure - A Trojan may carry out recurring with the help of keyloggers, access confidential information, actions like opening and closing the CD/DVD tray. The activate a system’s webcam and record videos, take repeated action causes the failure of the CD/DVD drive. screenshots, distribute malwares (generally viruses), format 5. Data loss or data theft - Most of the attackers intend to drivers and delete, download or alter files [4]. whip data for their personal interests which results in Types of RATs [5]: forfeiting of important data [6]. 1. Sakula: This RAT is endorsed, seems benevolent software 6. Financial losses due to bankrupting - Banking related and grants the permission of remote handling throughout information is stored in computers or online payment the host device, to the attacker. It instigates HTTP methods which can be easily hacked. Attackers try to requests while imparting with C&C (command and collect as much as possible data to steal money. control) server. 7. Compromised privacy - Many malwares succeed in 2. KjWorm: It is very difficult to detect as it is written in opening the webcam of the personal computers which VBS. The attacker can control the machine through the may result in compromising the privacy of the person. backdoor, extracting information and sending it to recede 8. Annoying Ads open randomly on a computer or the C&C server. mobile screens - Spywares are designed to collect and steal sensitive data without the user’s knowledge.

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    4 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us