A backdoor Trojan may pose as legitimate software to fool users into running it. Alternatively—as is increasingly common—users may allow Trojans onto their computer by following a link in spam email or visiting a malicious webpage.
Once the Trojan runs, it adds itself to the computer’s startup routine. It can then monitor the computer until the user is connected to the Internet. When the computer goes online, the person who sent the Trojan can perform many actions—for example, run programs on the infected computer, access personal files, modify and upload files, track the user’s keystrokes,
or send out spam email.
Well-known backdoor Trojans include Netbus, OptixPro, Subseven, BackOrifice and, more recently, Zbot or ZeuS.
To avoid backdoor Trojans, you should keep your computers up to date with the latest patches (to close down vulnerabilities in the operating system), and run anti-spam and antivirus software. You should also use a firewall, which can prevent Trojans from accessing the Internet to make contact with the hacker.