What is a trojan horse?

A Trojan horse is malicious software that enters your computer without your knowledge. It disguises itself as legitimate software or hides within seemingly innocent email attachments or free downloads. Once it enters your computer, it can cause unexpected changes to your settings and engage in malicious activities, causing harm to your system.

How does a trojan horse work?

Before a trojan horse can infect a computer, the user must unknowingly download and install the malicious program. The trojan cannot manifest independently; it requires the user's action to be unleashed on the system. Attackers often employ social engineering tactics to convince users to download the malicious application. These tactics can be found in banner ads, website links, pop-up advertisements, and, most commonly, in seemingly harmless emails and email attachments. 

The trojan server is installed once the email is opened and the attachment is downloaded. It automatically runs each time the computer starts up. In some cases, an infected computer can continue spreading the trojan horse to other computers, creating what is known as a botnet. This involves turning innocent computers into "zombie" computers, controlled without the users' knowledge. Hackers utilize these zombie computers to distribute additional malware and create a network of compromised machines.

Go deeper: 

• What is social engineering? 
• What is a botnet? 
• What is malware?

Common uses of trojan horses

Once a trojan horse is active on a system, it puts sensitive user data at risk and can negatively impact performance. Some of the common actions that a trojan can carry out include:

• Backdoor access: A trojan can give the attacker backdoor control over the infected computer, allowing them to execute various malicious activities.
• Keylogging: Trojans can record keyboard strokes to steal the user's account data, including login credentials and browsing history.
• Virus or worm Installation: Trojans can download and install other malware, such as viruses or worms, exploiting vulnerabilities in other programs.
• Ransomware: A trojan can install ransomware, encrypting the user's data and extorting money in exchange for a decryption key.
• Unauthorized camera and recording access: Some trojans can activate a computer's camera and recording capabilities, compromising privacy.
• Zombie computer creation: Trojans can turn a computer into a zombie, allowing attackers to use click fraud schemes or other illegal activities.
• Assisting law enforcement: In some cases, a trojan may be used legally to capture information relevant to a criminal investigation for law enforcement purposes.

Read also: What is ransomware and how to protect against it 

Types of trojan horses

Trojan horses come in various forms, each designed to carry out specific malicious activities:

• Downloader trojan: This type targets computers already infected with malware, downloading and installing new versions of malicious programs.
• Backdoor trojan: Backdoor trojans create a secret entrance (backdoor) on the infected computer, allowing attackers to gain unauthorized access and control.
• Distributed Denial of Service (DDoS) attack trojan: These trojans perform DDoS attacks, flooding a network with traffic to overwhelm it and cause disruption.
• Game-thief trojan: Game-thief trojans specifically target online gamers, attempting to steal their account information.
• Mailfinder trojan: Mailfinder trojans aim to steal email addresses stored on a targeted device.
• SMS trojan: SMS trojans infect mobile devices and can send or intercept text messages.
• Trojan-banker: This type of trojan attempts to steal financial account information, including credit card and banking data.
  

See also: HIPAA Compliant Email: The Definitive Guide 

In the news

The ILOVEYOU virus, a trojan horse created by Onel de Guzman, emerged in 2000 as one of the most destructive cyberattacks in history with damages estimated up to $8.7 billion. De Guzman, accused of orchestrating the virus's global spread, eventually confessed to its creation. The incident showed significant cybersecurity vulnerabilities and stressed the imperative for enhanced protection despite technological advancements over the past two decades.

FAQs

What are the signs of a Trojan horse infection?

Common signs of a Trojan infection include slow computer performance, unusual error messages, unauthorized access to files or data, and unexplained network activity.

How can I protect my devices from Trojan horses?

To protect your devices, it's important to use reputable antivirus and antimalware software, keep your operating system and software up to date, avoid clicking on suspicious links or downloading files from unknown sources, and be cautious when opening email attachments.

What should I do if I suspect a Trojan horse infection?

If you suspect a Trojan infection, run a full system scan using an updated antivirus program, disconnect the infected device from the network, and seek professional assistance if needed.

Can Trojan horses be removed from an infected device?

In many cases, Trojan infections can be removed using antivirus or antimalware software. However, some sophisticated Trojans may require advanced removal techniques, and in extreme cases, a device may need to be reset to its factory settings.