When most people think of the word “Trojan,” images of the Trojan horse come to mind, which is somewhat accurate in terms of describing a Trojan virus. For those who need a refresher, in the story the Trojan horse seemed like a legitimate gift of a large wooden horse, but was filled with soldiers ready to fight.
A Trojan virus is similar. It looks like innocent software that is completely legitimate, but it has malicious coding inside. They are also called Trojan viruses, Trojan horses, and even Trojan horse viruses.
What is a Trojan virus?
A Trojan virus is a piece of malicious code that is hidden inside of something, like software, that looks legitimate. In some cases a Trojan is not a code, but a program. A program that is fully malicious, but pretends to be legit via other means.
Trojans work to harm the computer of the victim in some way, taking control and disrupting, stealing, damaging, or otherwise harming the data on the computer or the network that it is on.
Is it a virus?
When discussing what is a Trojan virus, it is important to mention that this malware is technically not a virus. Viruses can self-replicate and execute themselves. However, Trojans cannot execute themselves; they rely on unwitting users to do so for them.
How do Trojans work?
A Trojan starts off by acting just like a legitimate program, file, or application. The goal of the Trojan is to get users to think it is legitimate so that they download and install it. Once the user runs the Trojan, it will execute whatever malicious code it was designed to follow.
Just some of the things that a Trojan may do include copying, modifying, blocking, or deleting data, or disrupting computer or network performance.
To better illustrate the answer to what Trojans are, consider an example with emails. A user checks their email and sees a message from someone they think they know, along with an attachment. They open the attachment because they think it comes from someone they trust.
However, the email was really from cybercriminals, and the file was a Trojan. When the user downloaded the file, it infected other files on the computer with malware.
This is just one example of a Trojan, and it is important to remember that they can perform a range of actions.
Common types of trojans and what they do to a computer
There are several types of Trojans, and the answer to what do Trojans do will depend on the specific type that a user is dealing with. The following provides an overview of the most common types of Trojan attacks, as well as what each does.
These Trojans create what is called a “backdoor.” Cybercriminals use these backdoors to get access to computers, and once they have access, they control the device. After obtaining access, the cybercriminals can do whatever they want. From downloading and stealing data to uploading more malware and using the device as a way of attacking other computers.
A DDoS Trojan performs Distributed Denial of Service attacks. This type of attack overwhelms a network with excessive traffic, causing it to go down. An attack of this sort will typically involve infecting multiple computers.
Downloader Trojans target computers that are already infected. The goal of this Trojan is to download even more malware, including malicious programs like adware and Trojans.
These Trojans feature code to take advantage of or exploit a known vulnerability in software on the device.
Fake Antivirus Trojans
Fake antivirus or fake AV Trojans initially pretend to be legitimate antivirus software. Once the user downloads them, they will demand money in exchange for scanning the computer for viruses, detecting them, and removing them. The threats that these Trojans detect may not always be real, as the ultimate goal is to make money.
Game Thief Trojans
A game-thief Trojan target online gamers, and the cybercriminals are either gamers or those that plan to sell their illegally gotten information to gamers. The goal of this Trojan is to steal information about the user’s gaming accounts.
These Trojans infect computers with the goal of stealing information.
A mailfinder Trojan wants to gather the email addresses that users have saved.
These Trojans do damage to computers, such as impairing their performance or blocking data. They demand a ransom in exchange for undoing that damage.
Remote Access Trojans
Cybercriminals use this type of Trojan to gain full control of a computer using remote network connections. The ultimate goal is usually to spy on the user or steal information.
A SMS Trojan is specific to mobile devices. They send or intercept text messages and can include texts to and from premium-rate numbers, which dramatically increase phone bills.
This malware aims to steal the account information for a user’s financial accounts.
These Trojans hope to steal the login information from for example messaging platforms.
A Trojan spy will spy on the user as they use their device. Such as taking screenshots or tracking data entered using the keyboard.
There are also many other types of Trojans in addition to these.
How to recognize and detect Trojan viruses
The best way to detect a Trojan is to use different cybersecurity programs that does so for you. However, you can also be on the lookout for some indications that there may be a Trojan or other malware on the device.
- Changes to the desktop screen (color, resolution, orientation, etc.)
- Changes to the taskbar (including disappearing)
- The mouse moving by itself
- Disabled antivirus or security software
- Programs running that you do not recognize
Examples of known and historical Trojan attacks
Another method of recognizing a Trojan is to be on the lookout for known ones. The Rakhni Trojan first started attacking computers in 2013 and delivers cryptojackers (that mine cryptocurrency with the infected device) or ransomware.
Another famous one is the ZeuS/Zbot, which first appeared in 2011. It steals credentials and potentially the balance in financial accounts via keystroke logging.
How to protect against trojans
Instead of relying on removing Trojans, it is best to prevent them.
There are multiple ways to do this, including the following:
Always install updates
As with protecting against any other type of malware, one of the best protections against a Trojan attack is always updating the operating system and any program on your computer. This ensures that you have patches for any known security flaws.
Use an antivirus program
One of the most basic steps is to use an antivirus program. Ideally, users should set it up to automatically scan the device at regular intervals.
If your device doesn’t already have a built-in firewall, you should install one and use it proactively.
Create smart passwords
When creating passwords, always opt for unique passwords for each account and choose complex ones.
Perform regular backups
Performing regular backups is very helpful if the device does get infected, as you can still restore your data.
Be careful with online activity
To further prevent a Trojan attack, it is smart to be cautious when online. This means not visiting websites that are unsafe, opening attachments or links from unknown email addresses, downloading or installing programs from unofficial sources, or clicking pop-ups.To further prevent a Trojan attack, it is smart to be cautious when online. This means not visiting websites that are unsafe, opening attachments or links from unknown email addresses, downloading or installing programs from unofficial sources, or clicking pop-ups. If you have a business with a lot of employees working from home, there are steps you can take to ensure that remote workspaces are secure against cyber attacks.
How to remove Trojans
Trojans are best removed by professionals, as it requires disabling startup programs on the device that you do not recognize. This should be done in safe mode and requires knowing the program that you are going to remove. Conveniently, some computer security programs can automatically remove Trojans.