Inside Tufts

University Information Technology

Information Security

Trojan Clean Up

Trojan programs do not self-replicate but come disguised as real software. Trojans can be distributed through IRC, P2P file sharing programs, newsgroup postings, email attachments, weak permissions on shares and weak passwords. Anti-virus software may be able to stop a trojan attached to an email message, but usually will not block trojans piggy-backing on downloads from P2P services.

Once a trojan is active on a host, it usually calls other programs. Trojans are used to set up zombie computers which launch DDoS attacks or spam. Keyloggers can also be downloaded by a trojan horse program and used to steal passwords, credit card numbers and steal identities.

For the above reasons, Information Security asks FSPs to reformat and rebuild trojaned computers. While it is theoretically possible to identify what additional programs the trojan downloads, it takes longer to clean up the computer than to rebuild it. See Jesper Johansen's eloquent Cleanup Essay.