A Trojan horse attack indicates that an attacker embeds malicious code (usually through IFrame and Script reference) to webpages of a website that the attacker has gained control over.
When users access the webpage, the embedded malicious code exploits the vulnerability of the browser itself, third-party ActiveX vulnerabilities, or vulnerabilities in other plug-ins (such as Flash and PDF plug-ins) to download and run malicious Trojans without the knowledge of the users.
When a website has been infected with a Trojan horse, it indicates that the website has been successfully intruded. Hackers can have access to the user account and password, business data, and other sensitive data. In serious cases, hackers can make the server a bot, which causes great harm.
Implement code security policies (black box penetration tests and white box code audits) before releasing an application online.
Regularly check and fix various vulnerabilities in the website and the server environments of the website in daily operation and maintenance. Update the operating system and application software in a timely manner.
Use Alibaba Cloud Security Web Application Firewall (WAF) to protect your website.