Trojan Horse Virus Definition
Contents
A Trojan horse or Trojan is a type of malware that is often disguised as legitimate software. Trojans can be employed by cyber thieves and hackers trying to gain access to users’ systems. Users are typically tricked by some form of social engineering into loading and executing Trojans on their systems. Once activated, Trojans can enable cyber-criminals to spy on you, steal your sensitive data, and gain backdoor access to your system.
Trojans can hide in unexpected places, such as emails, downloads, and more. It’s always better to be careful to avoid this type of malware. You can protect yourself against it viruses by using anti-Trojan software.
What is a Trojan?
The term “Trojan” derives from the ancient Greek story about the deceptive Trojan horse which led to the fall of the city of Troy. When it comes to your computer, a Trojan virus operates similarly – it hides within seemingly harmless programs or tries to trick you into downloading it. The name was coined in a US Air Force report in 1974, which speculated on hypothetical ways computers could be compromised.
You will sometimes hear people refer to a “Trojan virus” or a “Trojan horse virus,” but these terms are slightly misleading. This is because, unlike viruses, Trojans don’t self-replicate. Instead, a Trojan horse spreads by pretending to be useful software or content while secretly containing malicious instructions. It is more useful to think of “Trojan” as an umbrella term for malware delivery, which hackers use for various threats.
How Does it Work?
Trojan viruses work by taking advantage of a lack of security knowledge by the user and security measures on a computer, such as an antivirus and antimalware software programs. It typically appears as a piece of malware attached to an email. The file, program, or application appears to come from a trusted source. As the user views the email attachment, the trusted source it comes from has the potential to be a ruse. The goal is to get the user to download and open the file.
Once this happens, malware or other malicious content is installed and activated on the computer or other devices. One common form of attack is to have malicious content spread to other files on the device and damage the computer. How it goes about doing this varies from one Trojan to the next. It is all in the design and intent of the hackers that built the Trojan malware.
One item to remember when adopting security measures to combat Trojans is the performance. Although the term Trojan virus is often used, Trojans are more accurately described as Trojan malware. A virus is capable of executing and replicating itself on computers and mobile devices. Trojan malware cannot do this. The user has to execute the Trojan and it then goes on to perform the action designed by the hackers behind it.
How Does a Trojan Horse Infect a Computer?
A Trojan horse infects a computer from the inside, much like the ancient Greek’s Trojan horse. Just as Troy was tricked into bringing the horse in thinking it was an honorary symbol to end the war, users download and activate the Trojan horse on their own. How the Trojan horse infects a computer depends on its design. The primary goal of a Trojan horse as it infects a computer is to:
- Delete data on the device
- Copy data to steal and sell or use for other nefarious purposes
- Modify data
- Block data or access to data
- Disrupt the performance of the target computer and/or network
How Trojans impact mobile devices
Trojans aren’t problems for only laptop and desktop computers. They can also impact your mobile devices, including cell phones and tablets.
In general, a Trojan comes attached to what looks like a legitimate program. In reality, it is a fake version of the app, loaded up with malware. Cybercriminals will usually place them on unofficial and pirate app markets for unsuspecting users to download.
In addition, these apps can also steal information from your device, and generate revenue by sending premium SMS texts.
One form of Trojan malware has targeted Android devices specifically. Called Switcher Trojan, it infects users’ devices to attack the routers on their wireless networks. The result? Cybercriminals could redirect traffic on the Wi-Fi-connected devices and use them to commit various crimes.
What Does a Trojan Look Like?
A Trojan horse looks like a reputable file, that is part of what makes it difficult for users to decipher safe from unsafe. Most Trojan files are designed to appear as though the files are coming in an email attachment from a known email address. The malicious content within can unleash worms into a network that cause disruptions in performance and pose threats to data. The files can take the appearance of work files, image attachments, or even links on websites as users surf the web. For example, pop-up windows on other websites or programs available to download on websites. If not trustworthy, the odds are high that these files are malicious in nature.
Common types of Trojan malware
Backdoor
This Trojan can create a “backdoor” on your computer. It lets an attacker access your computer and control it. Your data can be downloaded by a third party and stolen. Or more malware can be uploaded to your device.
Distributed Denial of Service (DDoS) attack
This Trojan performs DDoS attacks. The idea is to take down a network by flooding it with traffic. That traffic comes from your infected computer and others.
Downloader
This Trojan targets your already-infected computer. It downloads and installs new versions of malicious programs. These can include Trojans and adware.
Fake AV
This Trojan behaves like antivirus software but demands money from you to detect and remove threats, whether they’re real or fake.
Game-thief
The losers here may be online gamers. This Trojan seeks to steal their account information.
Infostealer
As it sounds, this Trojan is after data on your infected computer.
Mailfinder
This Trojan seeks to steal the email addresses you’ve accumulated on your device.
Ransom
This Trojan seeks a ransom to undo the damage it has done to your computer. This can include blocking your data or impairing your computer’s performance.
Remote Access
This Trojan can give an attacker full control over your computer via a remote network connection. Its uses include stealing your information or spying on you.
Rootkit
A rootkit aims to hide or obscure an object on your infected computer. The idea? To extend the time a malicious program runs on your device.
SMS
This type of Trojan infects your mobile device and can send and intercept text messages. Texts to premium-rate numbers can drive up your phone costs.
Trojan banker
This Trojan takes aim at your financial accounts. It’s designed to steal your account information for all the things you do online. That includes banking, credit card, and bill pay data.
Trojan IM
This Trojan targets instant messaging. It steals your logins and passwords on IM platforms.
That’s just a sample. There are a lot more.
Examples of Trojan malware attacks
The malware attacks can inflict a lot of damage. At the same time, Trojans continue to evolve. Here are three examples.
- Rakhni Trojan. This malware has been around since 2013. More recently, it can deliver ransomware or a cryptojacker (allowing criminals to use your device to mine for cryptocurrency) to infected computers. “The growth in coin mining in the final months of 2017 was immense,” the 2018 Internet Security Threat Report notes. “Overall coin-mining activity increased by 34,000 percent over the course of the year.”
- ZeuS/Zbot. This banking Trojan is another oldie but baddie. ZeuS/Zbot source code was first released in 2011. It uses keystroke logging — recording your keystrokes as you log into your bank account, for instance — to steal your credentials and perhaps your account balance as well.
How Do You Prevent Trojans?
- Computer security begins with installing and running an internet security suite. Run periodic diagnostic scans with your software. You can set it up so the program runs scans automatically during regular intervals.
- Update your operating system’s software as soon as updates are made available from the software company. Cybercriminals tend to exploit security holes in outdated software programs. In addition to operating system updates, you should also check for updates on other software that you use on your computer.
- Protect your accounts with complex, unique passwords. Create a unique password for each account using a complex combination of letters, numbers, and symbols.
- Keep your personal information safe with firewalls.
- Back up your files regularly. If a Trojan infects your computer, this will help you to restore your data.
- Be careful with email attachments. To help stay safe, scan an email attachment first.
A lot of things you should do come with a corresponding thing not to do — like, do be careful with email attachments and don’t click on suspicious email attachments. Here are some more don’ts.
- Don’t visit unsafe websites. Some internet security software will alert you that you’re about to visit an unsafe site, such as Norton Safe Web.
- Don’t open a link in an email unless you’re confident it comes from a legitimate source. In general, avoid opening unsolicited emails from senders you don’t know.
- Don’t download or install programs if you don’t have complete trust in the publisher.
- Never click on pop-up windows that promise free programs that perform useful tasks.
- Don’t ever open a link in an email unless you know exactly what it is.
How Do You Remove a Trojan?
If a user discovers a Trojan horse it can be removed using manual operations or software programs. Removing it can be difficult because it is possible for hidden files to exist on the computer. If it is discovered, the malicious threats can be removed by
- Identifying the file or files infected and removing it from the system
- Disable the function of System restore
- Restart the computer and press F8 (Windows PCs) and select safe mode to start up the computer
- Use Add or Remove Programs in the control panel to remove the programs affected by the Trojan horse
- Remove extensions by deleting files of a program within the Windows System folder
While you can follow these manual steps on a personal computer, it is not an effective approach for Trojan viruses that infect enterprise computer systems. In this case, the situation can be very complex and the best approach is to seek outside help. The benefit for any enterprise network using Avatara’s CompleteCloud platform is that its built-in security systems constantly work to prevent Trojan horses and other malware to avoid the problem in the first place.