1. Trojan Program Cyber security attacks
Trojan programs that share files via instant messenger instant messaging allows file-sharing on a computer, they can be saved as the name of a popular software. All present popular instant messengers have file sharing abilities, or allow users to have the above functionality by installing patches or plug-ins; this is also a major threat to present information security.
These communication software also make it difficult for existing hack prevention method to prevent and control information security. Hackers use instant communication capability to plant Trojan program into an unsuspected program; the planted program is a kind of remotely controlled hacking tool that can conceal itself and is unauthorized.
The Trojan program is unknowingly executed, controlling the infected computer; it can read, delete, move and execute any file on the computer. The advantages of a hacker replacing remotely installed backdoor Trojan programs with instant messengers to access files are: When the victim gets online, the hacker will be informed. Thus, a hacker can track and access the infected computer, and incessantly steal user information.
The most commonly used method is eavesdropping on unsuspecting users to retrieve user accounts, passwords and other user related information. The theft of user account number and related information is a very serious problem in any instant messenger. For instance, a hacker after stealing a user’s information impersonate the user; the user’s contacts not knowing that the user’s account has been hacked believe that the person they’re talking to is the user, and are persuaded to execute certain programs or reveal confidential information. Hence, theft of user identity not only endangers a user but also surrounding users.
Guarding against Internet security problems is presently the focus of future research; because without good protection, a computer can be easily attacked, causing major losses. Hackers wishing to obtain user accounts may do so with the help of Trojans designed to steal passwords. If an instant messenger client stores his/her password on his/her computer, then a hacker can send a Trojan program to the unsuspecting user. When the user executes the program, the program shall search for the user’s password and send it to the hacker. There are several ways through which a Trojan program can send messages back to the hacker.
The methods include instant messenger, IRC, emails, etc. Current four most popular instant messengers are AIM, Yahoo! Messenger, ICQ, and MSN Messenger, none of which encrypts its flow. Therefore, a hacker can use a man-in-the-middle attack to hijack a connection, then impersonate the hijacked user and participate in a chat-session.
Trojan Program Denial of Service
There are many ways through which a hacker can launch a denial of service (DoS) attack on an instant messenger user. A Partial DoS attack will cause a user end to hang, or use up a large portion of CPU resources causing the system to become unstable. There are many ways in which a hacker can cause a denial of service on an instant messenger client. One common type of attack is flooding a particular user with a large number of messages. The popular instant messaging clients contain protection against flood-attacks by allowing the victim to ignore certain users. However, there are many tools that allow the hacker to use many accounts simultaneously, or automatically create a large number of accounts to accomplish the flood-attack.
Adding to this is the fact that once, the flood-attack has started and the victim realizes what has happened, the computer may become unresponsive. Therefore, adding the attacking user accounts to the ignore list of the instant messenger client may be very difficult DoS attacks are very easy to generate and very difficult to detect, and hence are attractive weapons for hackers. In a typical DoS attack, the attacker node spoofs its IP address and uses multiple intermediate nodes to overwhelm other nodes with traffic. DoS attacks are typically used to take important servers out of action for a few hours, resulting in DoS for all users served by the server. It can also be used to disrupt the services of intermediate routers.