Republic of the Philippines
National Police Commission
PHILIPPINE NATIONAL POLICE
Camp BGen Rafael T Crame, Quezon City
ACG-CYBER SECURITY BULLETIN NR 203: UNDERSTANDING THE RISK OF TROJAN MALWARE
Reference Number ACG-CSB 012521203
The following information was obtained from different cyber security sources for notification to all parties concerned pursuant to the mandate of the Philippine National Police Anti-Cybercrime Group (PNP ACG) and classified as “Restricted” pursuant to the PNP Regulation 200-012 on Document Security and Impact Rating as high based on PNP Information Communication Technology (ICT) Security Manual s.2010-01 p. 22 and p.129.
A Trojan horse or Trojan is a type of malware that is often disguised as legitimate software. Trojans can be employed by cyber-thieves and hackers trying to gain access to users' systems. Users are typically tricked by some form of social engineering into loading and executing Trojans on their systems. Once activated, Trojans can enable cyber-criminals to spy on you, steal your sensitive data, and gain backdoor access to your system. These actions can includes deleting data, blocking data, modifying data, copying data, and disrupting the performance of computers or computer networks.
Trojan viruses work by taking advantage of a lack of security knowledge by the user and security measures on a computer, such as an antivirus and antimalware software program. A Trojan typically appears as a piece of malware attached to an email. The file, program, or application appears to come from a trusted source. As the user views the email attachment, the trusted source it comes from has the potential to be a ruse. The goal is to get the user to download and open the file.
You might think you received an email from someone you know and click on what looks like a legitimate attachment, but you been fooled. The email is from a cybercriminal, and the file you clicked on, downloaded, and opened install malware on your device. When you execute the program, the malware can spread to other files and damage your computer.
One item to remember when adopting security measures to combat Trojans is to understand the behavior of a Trojan. Although the term Trojan virus is often used, Trojans are more accurately described as Trojan malware. Virus is capable of executing and replicating itself on computers and mobile devices, while Trojan malware cannot. The user has to execute the Trojan and it then goes on to perform the action designed by the hackers behind it.
All PNP personnel as well as the public are advised to follow the tips in order to avoid the risk of TROJAN MALWARE:
- Never download or install software from untrustworthy and unsecured sources.
- Never open an attachment or run a program sent to you in an email from someone you do not know personally.
- Keep all software on your computer up to date with the latest patches.
- Make sure a legitimate and licensed antivirusis installed and running on your computer.
For additional information, please refer to the following websites:
POINT OF CONTACT