What is a Trojan Horse?

A Trojan Horse is a delivery mechanism for viruses and other types of malware. It may appear to offer free games or music, or suggest you won something or can get a big discount. However, a trojan instead can infect your computer or mobile device with malicious code and open you up to attacks from hackers in a variety of ways. As a result, trojans are a major cybersecurity threat.

Arguably the first computer Trojan, called ANIMAL, was created in 1975 when a programmer developed a guessing game that would surreptitiously copy itself onto directories in users’ computers. Even though it was generally considered a harmless prank, it carried out actions without the user’s approval and paved the way for more harmful applications such as ransomware that can enable an attacker to gain control of your computer.

Importantly, “a Trojan relies on the end user to take action” by clicking to download a file that can install malware, says Lucia Milică, global resident chief information security officer at the cybersecurity firm Proofpoint. This is done with trickery or what security experts call “social engineering” to gain your trust.

One of the tricks hackers use is to make the action required seem urgent, says Art Sturdevant, vice president for technical operations at the security firm Censys. “We look for things where you need to do something right now,” Sturdevant says, which can sometimes get users to skip a thorough check of a message.

A Trojan can deliver a wide array of payloads that can infect your machine with harmful malware and allow an attacker to steal your data or take control of your device for other malicious purposes. Here are some of the main kinds of Trojans:

Backdoor Trojan

A backdoor Trojan creates a secret pathway for hackers to get into your device and do pretty much whatever they want. That could mean stealing your data, deleting files, or uploading additional malware. This is often used to create a “botnet” of zombie computers to carry out other types of attacks.

Distributed Denial of Service (DDoS) Attack Trojan

One type of malware delivered by a Trojan can allow an attacker to carry out a Distributed Denial of Service (DDoS) Attack which can be used to disrupt or shut down a website or network by bombarding it with traffic, possibly for economic or political motives.

Trojan Downloader

A downloader Trojan installs itself on a device and waits for it to connect to the internet to download additional malware. These may be disguised as an invoice or other attachment to an email.

Fake AV Trojan

A fake AV trojan disguises itself as an antivirus or anti-spyware program, sometimes in the form of a popup, to get users to pay for bogus security software. Sometimes these can slow down your system to make you think the threat is credible, according to security experts.

Game Thief Trojan

As the name implies, a game-thief Trojan attempts to steal credentials for online games, and could glean personal or financial data.

Infostealer Trojan

According to Trend Micro, an Infostealer Trojan surreptitiously gleans information from a device including user names and passwords. Some may include keyloggers’ that record every keyboard action, which can also reveal sensitive information.

Mailfinder Trojan

A tool used by spammers and cyber criminals, the mailfinder trojan harvests email addresses from a system and delivers them to malicious actors to carry out various kinds of attacks.

Ransom Trojan

Another pernicious Trojan, this one includes a ransomware virus which encrypts and locks all your files and data and demands payment, usually in cryptocurrency. Some security professionals point out that paying the ransom does not always guarantee you will be able to recover your data.

Remote Access Trojan

Similar to the backdoor trojan, a remote access trojan (RAT) is designed to allow a hacker to remotely control a device or system while hiding in the background.

Rootkit Trojan

Trojans may also deliver rootkit malware, which is hard to detect and can give an attacker administrator-level control to manipulate your computer and steal your data.

Trojan Banker

A banker trojan is designed to steal credentials for online banking, payment systems, and credit cards, and use the malware to transmit the data to the attackers. Often this uses a realistic-looking pop-up window which asks for credentials when a users logs into a financial website.

Trojan IM

Cybercriminals have evolved to find targets using the most popular programs, and the trojan IM can harvest credentials from messaging platforms such as Facebook Messenger, Telegram and Skype and provide another avenue of attack.

The Zeus trojan, which peaked in the early 2010s, delivered a panoply of malware, including some that were effective in stealing banking credentials along with sensitive personal data, while infecting major government and corporate networks including NASA, Bank of America and the Department of Transportation .

The storm trojan in 2007 was hidden in emails purported to have information about severe storms in Europe but created a backdoor that installed a Rootkit that enabled attackers to create a botnet to spread more malware. Attacks have subsequently used similar themes to get users to click on the Trojans.

While Trojans can pose risks to computer users, these can be minimized by following protocols and being vigilant about security. Here are some ways to stay safe:

Install antivirus software

Antivirus software can offer strong protection against most Trojans, “but you have to keep these programs up to date,” Sturdevant points out. “If you don’t keep it up to date, you don’t get the full benefit of the program. Really sophisticated attackers are developing new things all the time.”

Regularly update your device’s operating system

Keeping your operating system on your PC or mobile device up to date is another way to keep attackers at bay. “It’s important to keep all your software and devices updated with the latest patches,” Milică says.

Use unique, strong passwords

Strong and unique passwords set with a password manager are part of your line of defense against attackers. An easy-to-guess password or one that is reused across different applications can allow a hacker to gain access to multiple accounts, increasing your vulnerability.

Use firewalls to protect your personal information

Many antivirus software programs include firewalls for an extra layer of protection, and your home router – which also needs to be updated periodically – can offer a hardware-based defense, especially for DDoS attacks.

Back up your files regularly

Backing up your files doesn’t protect against malware, but it does prevent you from losing valuable data in case of an infection such as ransomware which encrypts and locks your files.

Only visit secured websites

Secured websites which have a padlock in the URL showing they have an SSL or TLS certificate keep your data encrypted in transit and make it more difficult for a hacker to see or modify what is being sent.

Only click on email attachments from known senders

Hackers are constantly finding new ways to entice people to click on attachments including impersonating your friends and colleagues. If you get a message that seems out of the ordinary appearing to come from a known person or company, “think about why you are getting this message,” says Milică. Verify the message through another channel such as calling your colleague or visiting the website if it is a bank.

Only download software from trusted publishers

Be cautious about any downloads, especially for security software, which could end up being a fake AV Trojan. Also, be sure that any website you visit is without SSL or TLS encryption. Don’t click through browser warnings about untrusted web pages, which could resemble real websites.

Learn More

Guides From 360 Reviews

Why You Can Trust Us

At US News & World Report, we rank the Best Hospitals, Best Colleges, and Best Cars to guide readers through some of life’s most complicated decisions. Our 360 Reviews team draws on this same unbiased approach to rate tech products that you use every day. The team doesn’t keep samples, gifts, or loans of products or services we review. In addition, we maintain a separate business team that has no influence over our methodology or recommendations.


Leave a Comment