The scenario describes a situation where a hacker infects an internet-facing server and leverages it to perform malicious activities such as sending spam emails, participating in distributed denial-of-service (DDoS) attacks, or hosting spam content. This behavior is characteristic of a Botnet Trojan.
According to the CEH v13 Official Courseware and Study Guide:
A Botnet Trojan is a type of malware that transforms infected machines into bots (also called zombies), which can be remotely controlled by an attacker (bot herder or bot master).
These bots become part of a botnet — a network of compromised machines used for coordinated cyberattacks including:
Sending unsolicited spam emails (junk mail)
Participating in DDoS attacks
Hosting or distributing malware and phishing content
The infected machine can receive commands from a command-and-control (C&C) server and act in concert with other infected machines to amplify attacks or spread malware.
Incorrect Options:
B. Banking Trojans are designed specifically to steal financial data such as online banking credentials.
C. Turtle Trojans is not a valid classification in CEH v13 or cybersecurity literature (may be a distractor).
D. Ransomware Trojans encrypt data and demand a ransom for decryption, not typically used for junk mail or botnet activities.
Reference – CEH v13 Official Courseware:
Module 06: Malware Threats
Section: “Types of Trojans”
Subsection: “Botnet Trojans”
CEH v13 eBook or Study Guide — usually found under “Trojan Classifications by Payload”
Practical labs in CEH Engage and iLabs also demonstrate botnet functionality using tools like Zeus and Emotet in real-world botnet infection scenarios.
