El contenido no se encuentra disponible en el idioma seleccionado. Estamos trabajando continuamente para agregar más idiomas. Gracias por su apoyo.
- What's New
- Function Overview
- Service Overview
- Billing
- Getting Started
- User Guide
- Best Practices
- SDK Reference
-
FAQs
-
Product Consulting
- What Does SA Do?
- Why Is There No Attack Data or Only A Small Amount of Attack Data?
- What Is the Data Source of Situation Awareness?
- How Do I Get Information About the Most Vulnerable Assets?
- What Are the Dependencies and Differences Between SA and Other Security Services?
- What Are the Differences Between SA and HSS?
- Why Cannot the Total ECS Quota Be Less Than the Number of Existing ECSs?
- Can SA Be Used Across Accounts?
- How Do I Update My Security Score?
- How Do I Handle a Brute-force Attack?
- How Do I Assign Operation Permissions to an Account?
- How Do I Handle the 403 forbidden Error Reported by SA?
- Why Is the Event Data in SA Inconsistent with That in WAF and HSS?
- What Are Differences Between SA and SecMaster?
- Purchase Consulting
- Regions and AZs
-
Product Consulting
- Videos
-
More Documents
-
User Guide (ME-Abu Dhabi Region)
- Service Overview
- Edition Upgrade
- Permissions Management
- Editions
- Security Overview
- Resource Manager
- Threat Alarms
- Baseline Inspection
- Events
- Logs
- Integrations
- Settings
-
FAQs
-
Product Consulting
- What Does SA Do?
- Why Is There No Attack Data or Only A Small Amount of Attack Data?
- What Is the Data Source of Situation Awareness?
- How Do I Get Information About the Most Vulnerable Assets?
- What Are the Dependencies and Differences Between SA and Other Security Services?
- Why Cannot the Total ECS Quota Be Less Than the Number of Existing ECSs?
- How Do I Update My Security Score?
- How Do I Handle a Brute-force Attack?
- How Do I Assign Operation Permissions to an Account?
- Why Is the Event Data in SA Inconsistent with That in WAF and HSS?
- Purchase Consulting
-
Product Consulting
- Change History
-
User Guide (ME-Abu Dhabi Region)
- General Reference
Show all
Copied.
Trojan
Overview
A Trojan horse, or just "Trojan", is any malicious computer program which misleads users of its true intent. It acts like a legitimate application program or file to deceive victims into executing or spreading it. When victims execute it, attackers gain unauthorized access to target hosts to steal data, such as usernames, passwords, and encrypted files. Trojan typically serves as a foundation for further attacks.
Suggestion
If a Trojan is detected and the ECS instance has network requests coming from Trojans, the ECS instance has been infected. For example, the ECS instance cloud attempt to send DNS resolution requests related to WannaCry ransomware or to download .exe Trojans. The severity of this type of threat is High. You are advised to perform the following operations:
- Disable the ECS instance that is infected.
- Check whether other hosts on the subnet where the instance resides are infected.
- Purchase HSS.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot