HOW HACKERS WRITE A TROJAN HORSE

Hackers have written Trojan horses in practically every programming language, including MS-DOS batch files and BASIC. The choice of programming language isn't as important as creating a Trojan that can avoid detection, install itself without the victim's knowledge, and do its work. Still, the two most popular programming languages for writing RATs are C/C++ (Back Orifice, for example) and Delphi (NetBus), because both languages can create small programs that can be stored in a single executable file.

While it's possible to write a RAT in a language like Visual Basic, the chances of such a Trojan running are much lower, since Visual Basic programs require special, large run-time files, while C/C++ and Delphi programs do not. If a computer lacks the correct run-time files, Visual Basic programs won't run.

Some Trojans are easier to write than others. A Trojan horse that mimics a login screen to steal passwords will be much easier to write than a remote access Trojan. To help each other out, many hackers provide the source code for their Trojans on hacker sites. Hackers can then study the source code and try to write a new Trojan from scratch or modify the source code to create a new variant instead.

Another way to get source code to create a Trojan horse is to copy the code from any open source project. (Linux is the most famous open source project, but there are other ones as well, such as Phoenix Mail, which was used to create the ProMail Trojan horse.) Once hackers have the source code to a legitimate program, they can add their own code to turn the program into a Trojan horse.