What is a Trojan
A Trojan or Trojan horse is a malware program which is developed by cyber criminals for malicious purposes. Once installed, this malware program can cause serious disruptions. It can lead to system crashes, data theft, identity theft and can even spy on the user.
The name Trojan comes from a Greek mythology. According to this mythology, the Greeks used a deceptive war technique to conquer the kingdom of Troy. They build a large wooden horse which the residents of Troy pulled in the city. During the night time, the soldiers who were hiding inside the horse emerged, opened the city gates for their fellow soldiers to come and conquer the city of Troy. Through this deceptive technique, Troy was conquered by the Greeks. For malware programs, the term Trojan was first used in the year 1974 by the U.S. Air Force report that discussed the major vulnerabilities in the computer system.
How is a Trojan malware distributed?
Generally, the Trojan horses are distributed as email attachments. These spam emails are disguised in a way that they appear to be genuine and highly authentic. These emails appear to be forwarded by authorized sources which encourage the user to click on the mail attachments. As soon as the user downloads these files and executes them on the system, the malware program starts corrupting the system. Trojans are also distributed through other malicious strategies which include software bundling and may also be distributed through other share wares. If you visit other malevolent websites on a frequent basis then also your system may get infected.
The good news is that Trojans are generally identified by most anti Trojan software and do not hamper the system performance. They do not replicate themselves like a typical virus but may come attached to a virus which is spread from one computer to another across a network.
How does a Trojan horse work?
The cyber criminals forward spam emails to the system user which contains malicious email attachments. As soon as the user clicks on those attachments, the malicious code is executed. Even after getting infected, the computer does not reveal any discrepancies. That is why the victim remains unaware of the infection. The infection remains undetected for a specific time period until the victims perform a specific action on the system, such as accessing his bank account. When the victim performs such an action, the malware program gets triggered and performs its intended function. After that, it may either return to an inactive state or continue to disrupt the system and cause other malicious actions.
There are a series of actions which are performed by a Trojan horse. The list of these malicious actions includes:
- Lead to the installation of other malicious programs such as worms or viruses to cause further exploitations.
- Give a backdoor control to the attackers over the computing device.
- Turn the system into Zombie bot which can be used to perform illegal activities such as click fraud schemes.
- Allows an unauthentic access to the attacker to control the victim’s device.
- It may spy on the user and even record his keyboard strokes to steal the user’s bank account credentials and other sensitive information.
- Install a ransomware program in order to encrypt the victim’s data and extort money from the victim in exchange of the decryption key.
- Activate the system’s camera and recording capabilities.
Types of Trojans
Trojan or a Trojan horse can be classified according to the type of actions they perform on your computer system:
- Backdoor Trojan: A Backdoor Trojan enables malicious users to exercise remote control over the infected systems. This type of Trojan allows the cyber criminals to do anything they want on the infected system which includes forwarding, receiving, launching and deleting files. It can reboot the computer system and can even unite a group of victim computers to create a botnet or zombie network.
- Rootkit: The rootkits are designed to conceal certain activities or objects in your computer system. Their primary goal is to prevent the malicious programs from being detected.
- Trojan-DDoS: The Trojan DDoS are the programs which perform Denial of Service attacks against the targeted web address. It does so by forwarding multiple requests from your computer and several other infected computers. The attack can overload the target which ultimately leads to a Denial of Service attack.
- Trojan-FakeAV: The Trojan-FakeAV program negatively impacts the performance of the antivirus software. This type of Trojan is programmed to extort money from the user for detecting and removing the threats.
- Trojan Banker: These types of Trojans are designed to steal the user’s account data from the e-payment systems, online banking systems and credit and debit cards.
- Exploit: The exploits are the programs which contain code or data which takes the advantage of the vulnerabilities within the application software that runs on the system
- Trojan Downloader: The Trojan downloaders can download and install the other versions of malicious programs such as adware and browser hijackers.
- Trojan Dropper: The Trojan droppers are used by the cyber criminals to install viruses, Trojans or to prevent the detection of other malicious programs. Generally, antivirus are not capable of identifying this type of Trojan.
- Trojan GameThief: This type of Trojan is designed to steal your account information from online games.
- Trojan IM: The Trojan IM programs can steal your login credentials for the online messaging platforms such as MSN Messenger, ICQ, Yahoo Pager, AOL Instant Messenger, Skype and many more.
- Trojan Ransom: The ransom Trojan can modify or encrypt your system data so that you can no longer use a specific data. To reverse these malicious changes, the cyber criminals ask the user to pay a certain amount of ransom.
- Trojan Spy: This type of Trojan can spy on how the victim uses his computer. For e.g. by tracking the data you type on your keyboard, getting a list of running application and even taking the screenshots.
- Trojan Mailfinder: This type of Trojan specializes in extracting the email addresses from your computer system.
Examples of Trojan horse
There is an extensive list of Trojans discovered by malware researchers. Some of the most vicious ones which caused massive destruction are as follows:
- Tiny Banker: This Trojan allowed the cyber criminals to steal sensitive financial information. This Trojan infected over two dozen US banks in 2012.
- Magic Lantern: This one was a keystroke logging Trojan created by FBI around the turn of the century to assist with criminal surveillance.
- Bitfrost: This one was a remote access Trojan which infected the windows users by changing, creating and altering components.
- Zeus: Zeus is a financial services crimeware toolkit which allows the cybercriminals to build their own Trojan horse. The Trojan built with Zeus still remain the most dangerous banking Trojans in the world. It was first detected in the year 2007.
- Fake AV Trojan: This Trojan embedded itself in the windows system tray and delivered official looking popup windows that seemed to alert the user about a specific problem in the computer. When the user follows these directions, they actually ended up downloading more malware infections.
Trojans are not limited to Computers and laptops
If you think that Trojans are issue only for your computer system or laptop then you are probably wrong. There are many Trojanized apps out there which infect an extensive range of mobile devices. A Trojan is an infection which comes attached with what looks like a legitimate program. However, in case of apps the Trojanized apps are distributed as fake updates which are made available on the unofficial or pirate app market. These malicious apps are capable of performing all the malicious functions as stated above.
How to protect your computer from Trojan attacks
The best way of preventing your computer system from such Trojan attacks is to use effective Trojan antivirus software that may keep such infections at bay. With the help of an effective antimalware program, you can defend your computer system. There are many Trojan Virus Removers out there but the best ones you can use include Malware Bytes, Hitman Pro, Bull Guard, 360 Total Security and Avast.
In addition to using Trojan malware removal software here are some additional precautionary measures you can take:
- Resist clicking on spam emails, avoid downloading email attachments or click on links in suspicious emails.
- Computer security is not just restricted to using an internet security suite. One needs to run periodic diagnostic scans with that software.
- Make sure to update your operating system’s software to assure that you are using the latest version to fight the new malware infections.
- Resist visiting unsafe websites such as free downloading platforms and adult sites. Generally, all the internet security software have the features to alert you if it is safe to visit a particular website or not.
- Protect your accounts with unique and complex passwords.
- Make sure to keep your information safe with additional firewalls.