Worms and Trojan horses (or Trojans) are malicious computer programs that seek to damage your computer or network or steal information. They are different from computer viruses, although people generally make the mistake of clubbing all of these together.
A worm is a standalone computer program that replicates itself to spread to other computers in the network. Unlike a virus, which requires a host file, a worm enters a computer by exploiting any vulnerability (or tricking a user into executing them) and then uses the information transport mechanism to spread to other machines. They invariably cause damage to the computer and affect its normal operation. A worm can make unlimited copies of itself and can use your computer to email itself to everyone in your contact list and then use those computers for further movement, thus creating a cascading effect. This may also cause too much expense of system memory or network bandwidth, which will ultimately shut the network down.
A trojan does not have replicating capability and spreads by user action. A trojan will disguise itself as a useful program, and once installed, will do anything with the computer. The possible effects may include popping up too many windows and advertisements, crashing the system, stealing information and allowing backdoor access to others. It can only spread if a user installs it and these are generally sent as email attachments to others or are downloaded from the internet.
What is a Trojan horse?
Trojan horse programs are named for the famous wooden horse used by the Greeks to sneak soldiers into the ancient city of Troy. Like it’s ancient counterpart, a Trojan horse is a program that conceals its purpose — it claims to do one thing but really does another. The term, Trojan horse, is usually used to refer to a non-replicating malicious program which is the main characteristic that distinguishes it from a virus. Trojan horses often appear as e-mail attachments with enticing names that induce people to open them. Virus creators often use Trojan horses to trick users into installing viruses. Trojan horses are also often used to gain access to a computer system to run monitoring or shadowing software. A logic bomb is a specific type of Trojan horse that executes when specific conditions occur. Triggers for logic bombs can include a change in a file, by a particular series of keystrokes, or at a specific time or date.
Trojan Horse Example
Trojan horses usually rely on email to spread. The email will claim to do something that most users would find beneficial but in reality it will do harm to the system if run. One recent example is an email message that purports to be a free upgrade to Internet explorer from Microsoft. The email message contains an executable attachment called Ie0199.exe which instructs the user to download and install the program in order to receive an upgrade for their Internet browser. However, while Microsoft does issue security bulletins via email, they do not provide patches, upgrades or other executable files via email. Once installed, this program modifies the system and attempts to contact other systems.
What is a worm?
A worm is a small piece of software that uses security holes within networks to replicate itself. The worm scans the network for another computer that has a specific security hole. It copies itself to the new machine exploiting the security hole, and then starts replicating from that system as well. Once infected, the worm may send itself to everyone in your address book. Using a network in this manner, worms expand extremely quickly. The greatest danger from worms is that they will eventually use all the memory available to a computer or a network.
On Nov 2nd 1988 Robert Morris Jr., a graduate student in Computer Science at Cornell, wrote an experimental self-replicating, self-propagating program called a worm and injected it into the Internet. He chose to release it from MIT, to disguise the fact that the worm came from Cornell. Morris soon discovered that the program was replicating and reinfecting machines at a much faster rate than he had anticipated — there was a bug. Ultimately, many machines around the country either crashed or became “catatonic”. When Morris realized what was happening, he contacted a friend at Harvard to discuss a solution. Eventually, they sent an anonymous message from Harvard over the network, instructing programmers how to kill the worm and prevent reinfection. However because the network route was clogged, this message did not get through until it was too late. Computers were affected at many sites, including universities, military sites and medical research facilities. The estimated cost of dealing with the worm at each installation ranged from $200 to more than $53,000.
Worms and Trojan Horses are computer viruses that latch onto your computer and eat up your files and go in through the sub files in your computer and wipe out your data