A trojan horse (also called trojan) is a kind of malware that impacts a user’s system in the garb of legitimate software. They are attacking tools used by cybercriminals to gain illegal access over others’ systems.
Trojan horse is capable of modifying, stealing, blocking and deleting user data without the user’s consent. It can spy the user’s activities, extract confidential information and obtain backdoor access to the user’s system.
This malware program may be hidden as a harmless email-attachment or free-downloadable software. The moment the user clicks on it, the malware gets installed on the user’s system, and the malicious codes execute whatever task the attacker had designed to carry out.
So now, let discuss with the types of trojan horses available, followed by how they affect us and how to protect ourselves from their attacks.
What are the different types of trojan horses?
The trojan horses can disrupt the performance of the target computers very severely.
There are several forms of trojan available in the cyber world, and each of them is capable of inflicting severe damage to the systems. They are as follows
- Trojan rootkits
- Backdoor trojan
- Trojan banker
- Trojan spy
- Trojan Fake-AV
- Trojan DDoS
- Proxy Trojan
- Data sending trojan
- Trojan game-thief
- Trojan SMS
- Trojan Mailfinder
These are some of the most popular trojans that attack different users globally. Even after their installation, the system may keep working as if nothing happened, and therefore, users may not suspect or detect their presence.
Where does the term Trojan horse come from?
The term ‘trojan’ originates from Greek mythology where the Greeks had built a large wooden horse which the city of Troy had pulled in.
The soldiers, who hid inside the horse, came out in the night and opened the city gates to allow their fellow soldier companions in, and overran the city.
The term was first used in the 1974 U.S air-force report concerning vulnerabilities of a computer system. However, Ken Thompson popularised it when he received the Turing award in 1983.
Let us now discuss how each one of them attacks and impacts a system.
How can trojans impact you?
Trojans are very deceptive. They appear legitimate but are malicious and destructive in reality. They can gain control over your system and may lock you out of it!
Let us see how they affect us.
It is a kind of virus that downloads and installs malware programs on a system. It installs malicious software and adware on a system and harms the system.
Rootkits are sophisticated malware that avert users from detecting the presence of malware on their devices.
It helps cyber crooks in extending the life of the malicious programs on the infected systems so that they run for a longer time.
Rootkits aid attackers in gaining access over a user’s system and can conceal some of its activities. Cybercriminals often enrol the victim’s device as a part of the botnet.
It is a very popular trojan and one of the most dangerous one till date. In this type of trojan, the attacker illegally gains remote access of your device and does whatever he feels like doing.
Using backdoor trojans, the attacker can send, receive, launch or delete files, display data or reboot the system.
Often, they assemble a group of such infected devices to form a botnet or zombie network, which are eventually used in criminal activities.
Also known as trojan-ransom, ransomware is one of the most dangerous trojan horse malware. The cybercrook illegitimately gains access over a user’s system and locks further authorised access of the user.
It encrypts all the files and demands a ransom from the victim in return of the decryption key. Sadly, even after paying the money, there is no guarantee of recovering the files.
WannaCry and Petya are two of the many troublesome ransomware attacks that had put the world in a panic.
It is a kind of trojan designed to steal account related pieces of information. It is capable of stealing confidential data concerning your online banking system, e-payment systems and credit/debit cards.
This type of trojan can spy on the activities you are performing on your device. It can stealthily track the running applications, data entered through the keyboard or can also take screenshots.
It is one of the most feared malware attacks which intend to extort money from the target users. Trojan fake-AV programs misguide the user, telling him about the presence of malware on his system.
They demand a sum of money in exchange for removing all the threats from the system. Moreover, in reality, the risks do not even exist on the system.
Trojan DDoS programs execute Denial of Service (DoS) attacks against a targeted web address.
It overwhelms the target address by sending multiple requests from your computer as well as several other infected devices like yours. Finally, it leads to a denial of service.
This type of trojan lets the attacker hijack a user’s computer by behaving as a proxy server. The attacker then gains illegitimate access over the user’s system and fulfils unlawful purposes through it.
Data sending trojan
Data sending trojan is a kind of trojan which provides confidential information like passwords, login credentials etc to the cybercriminals. It aids the hackers in hijacking a system.
Similarly, Trojan game-thief steals different user-account details from online games.
Trojan-IM illegally obtains a user’s login credentials and passwords and uses them for instant messaging programs like MSN Messenger, AOL Instant Messenger, ICQ etc.
Trojan SMS can charge you money by sending messages from your device to the ones with premium-rate phone numbers.
Trojan Mailfinder can harvest email addresses from your computer.
So, you see that there are so many kinds of trojan horses available in the cyber world. Most of them are dangerous and threatening to the users.
Do you remember some of the popular trojan attacks that have occurred? Well, I am here to tell you.
Examples of popular trojan horse malware attacks
Some of the famous trojan horse malware attacks that have occurred over the years are mentioned below.
Bitfrost is a kind of remote access trojan (RAT) that gained control over the victim’s system. It mostly infected the Windows clients by creating and modifying components.
In this attack, the cyber crooks stole sensitive financial information. This kind of trojan horse mainly targeted banks and other financial institutions.
The Researchers of the Center for Strategic and International Studies Security Group identified it in 2012 after it had affected 24 U.S banks.
In the Windows system tray, fakeAV trojans intruded users’ systems and displayed fake alerts to the users concerning the presence of malware on their systems.
When the user followed the steps, shown by it to fix the issue, they ended up with more malware on their system unknowingly.
Hackers can make their trojan horses using Zeus. Zeus, till date, remains one of the most deadly trojan attacks, especially in the banking world.
It was first detected in 2007. It uses different techniques like form grabbing, keylogging and polymorphic variants of the trojan that use ‘drive-by-downloads’ to obtain the victim’s credentials.
How to prevent oneself from being attacked by trojan horses?
Keeping a few critical points in your mind can avert you from being attacked and targeted by trojan horses. They are discussed below.
- You may often click on an email attachment or an image without knowing who sent it or what it exactly is. Avoid doing so.
Trojan horses mostly hide in such infected attachments or images or links and wait for them to be clicked by you. The moment you do so, the malicious codes start executing their tasks and malware gets installed on your system.
Be careful and avoid opening such emails or files from unknown senders.
- Hackers never leave the golden opportunity to exploit vulnerabilities in your system. Therefore, make sure your software is always updated, especially programs like OS and browsers.
Also, you can keep software and hardware firewalls to control malicious internet traffic and secure your internet connection, and thus, stopping trojans from downloading into your system.
- Install an antivirus software or a trojan remover. It will help in scanning your device and making sure that you have not downloaded any trojans.
There are multiple free antivirus programs available on the internet. Some of them frequently provide updates whereas some of them can be trojans themselves!
So, it is better to download renowned and trusted software programs.
Kaspersky Anti-Virus is excellent in detecting and preventing trojan horse attacks.
Endpoint protection software like Comodo endpoint protection brings together a lot of features like antivirus, robust firewall, anti-spyware, host intrusion techniques and application control features.
In all, it provides comprehensive protection.
Trojan horse is a deceptive malicious program which misguides users by appearing as legitimate software and prompts them to install it. They may appear as free software or infected email attachments or malicious links to harmful websites.
They are of different types and pose as a dangerous cyber threat globally. Trojan horses are capable of stealing confidential user data, modifying them, spying user activities, damaging their systems, extorting money from the victims and using their devices for executing criminal tasks.
Keeping oneself safe from trojan horse attacks is not very difficult if you develop good online habits and incorporate robust security solutions for your device.
Keeping the software updated, installing antivirus/anti-malware programs, setting up firewalls, avoiding emails or files from unexpected senders, avoiding free software download, etc can help you protect yourself and your data.