|
For example, a program may claim to be the latest release of a famous game. Upon execution you may find your hard disk formatted, or files erased or other such thing. Writing such a program is a none-too-difficult a task. All that the writer has to do is to create a program containing the destructive code or, even simpler, add some destructive code to an existing file. Then, he/she lets it loose where it would be widely copied such as on a BBS where the SysOp is negligent (most are not - they do extensive testing before up-loading new programs). Since these programs do not replicate on their own (unlike viruses), even an elementary skill in programming sufficies to create them. Trojans can be categorized by the time when they begin their destructive acts. Those that trigger off at a particular time or date are called `Time Bombs`, while those that get activated based on some particular logic, such as number of disk accesses, or number of times a key is pressed are called `Logic Bombs`. In any event, the distinction is academic. Both types of bombs appear to execute normally. But, unknown to the user, a part of the code (appended by the mischief mongers) tests for the activation logic. If the necessary conditions are met, the Trojan code performs the destructive task, and, in most cases, even `self destructs` along with the rest of the data on disk making detection difficult. Due to their inherent limitations, Trojans cannot spread very far without being detected. The chances of a `Trojan epidemic` are limited as such programs largely depend on copying of files; they do not self replicate. Also, when attacked, since the source of the destruction is known (the program which was running), the affected user can and generally will warn others to beware of that program. Consequently, a bomb's run time life is extremely restricted.
|