Trojan Types
Trojans are generally the programs that pose as legitimate programs on your computer and add a subversive functionality to it. That's when it's said a program is Trojaned. Common functions of Trojans include, but are not limited to, the following:
Remote Access Trojans
These are probably the most widely used trojans, just because they give the attackers the power to do more things on the victim's machine than the victim itself while being in front of the machine. Most of these trojans are often a combination of the other variations described below. The idea of these trojans is to give the attacker a total access to someone's machine and therefore access to files, private conversations, accounting data, etc.
Password Sending Trojans
The purpose of these trojans is to rip all the cached passwords and also look for other passwords you're entering and then send them to a specific mail address without the user noticing anything. Passwords for ICQ, IRC, FTP, HTTP or any other application that require a user to enter a login+password are being sent back to the attacker's email address, which in most cases is located at some free web based email provider.
Keyloggers
These trojans are very simple. The only thing they do is logging the keystrokes of the victim and then letting the attacker search for passwords or other sensitive data in the log file. Most of them come with two functions like online and offline recording. Of course, they could be configured to send the log file to a specific email address on a schedule basis.
Destructive
The only function of these trojans is to destroy and delete files. This makes them very simple and easy to use. They can automatically delete all the system files on your machine. The trojan is being activated by the attacker or sometimes works like a logic bomb and starts on a specific day and at specific hour.
Denial Of Service (DoS) Attack Trojans
These trojans are getting very popular these days, giving the attacker the power to start DDoS when having enough victims, of course. The main idea is that if you have 200 ADSL users infected and start attacking the victim simultaneously, this will generate a lot of traffic (more then the victim's bandwidth, in most cases) and its the access to the Internet will be shut down.
Mail-Bomb Trojan
This is another variation of a DoS trojan whose main aim is to infect as many machines as possible and simultaneously attack specific email address/addresses with random subjects and contents which cannot be filtered.
Proxy/Wingate Trojans
The interesting feature implemented in many trojans is turning the victim's computer into a proxy/wingate server available to the whole world or to the attacker only. It's used for anonymous Telnet, ICQ, IRC, etc., and also for registering domains with stolen credit cards and for many other illegal activities. This gives the attacker complete anonymity and the chance to do everything from your computer, and if he/she gets caught, the trace leads back to you.
FTP Trojans
These trojans are probably the most simple ones and are kind of outdated as the only thing they do is to open port 21 (the port for FTP transfers) and let everyone or just the attacker connect to your machine. Newer versions are password protected, so only the one who infected you may connect to your computer.
Software Detection Killers
There are such functionalities built into some trojans, but there are also separate programs that will kill ZoneAlarm, Norton Anti-Virus and many other (popular anti-virus/firewall) programs that protect your machine. When they are disabled, the attacker will have full access to your machine to perform some illegal activity, use your computer to attack others and often disappear. Even though you may notice that these programs are not working or functioning properly, it will take you some time to remove the trojan, install the new software, configure it and get back online with some sense of security.
