Some Terminologies You Should Know About Trojans
In this following post we will discus some most frequently used terminologies that we usually hear when word Trojan pops out. They are discussed here because after knowing them you’ll be able to understand how attacker manages to circulate RAT server, hide its presence and also bypasses firewall rules.
Over And Covert Channel:
A channel here describes means of communication. An overt channel means legal, obvious or known where as covert means hidden and concealed. In other words overt means legal means of communication whereas covert means illegal means of communication. In technical terms overt channel follows rules by TCP/IP suite where as covert channel exploit weakness of TCP/IP model for illegal communication.
Wrappers are programs that helps binding two files together. They can bind either multiple files of same extension or multiple files with multiple extension. Wrappers are also known as packers and file binders. They can execute process in background or complete stealth mode.
Trojan Construction Kits:
These are the things we call today as RAT clients. All RAT clients are nothing but Trojan Construction Kits. They help attacker build features in their RAT server.
Stub is unusual and extra embedded code in some program to change its signature. Stubs are used for generating a RAT server that changes signature of RAT server and it bypasses scanning by Anti-Virus.