What is a Trojan?
November 4, 2021
Table of contents
A Trojan masks itself as a legitimate program or file so it can get inside your computer and perform malicious actions. While nobody wants to get hacked, millions of people fall prey to criminals every year. How does a Trojan virus work? And, more importantly, how can you protect yourself?
Let’s start with a story. During the Trojan war more than 3,000 years ago, the Greeks built a huge wooden horse and brought it to the gate of the city of Troy. The Trojans thought it was a gift and a war trophy symbolizing their victory.
What they didn’t know was that, inside that wooden horse, a bunch of Greek warriors were hiding. When the horse was dragged into the city, the Greeks got outside, opened the gate to the other troops, and destroyed the city.
Trojan horses in computing work exactly the same: they pretend to be what they’re not to get inside your system and put your computer under siege. Hackers use various social engineering techniques to trick people into downloading malware, and their methods are getting more and more sophisticated every year.
What is the main difference between a virus and a Trojan?
A Trojan is often called a virus, but that’s not entirely true. A virus can replicate itself and spread its copies further, whereas a Trojan horse can’t. Technically, a Trojan horse is a type of malware.
What does Trojan malware do?
Trojan malware can steal your passwords, record your keystrokes, modify your data, and even download more malicious programs in the background. Some Trojans start their harmful actions the moment they get inside your computer, while others wait for instructions from a hacker. A hijacked computer can be used to create a botnet and execute DDoS attacks.
You can accidentally download a Trojan bundled with some program or click on a malicious email attachment. At first, you might not know that you have an invisible guest on your device, and, for some people, it can take a while to realize that something’s wrong.
Types of Trojans
There are different types of Trojan malware, depending on the goal a hacker is trying to achieve and the way a Trojan operates. Let’s discuss the most common ones.
Backdoor Trojan. This type of Trojan gives remote access to your computer so hackers can execute commands, spy on your data, and perform other malicious actions. A backdoor Trojan can invite more malware inside your computer and completely ruin your system.
Banking Trojan. Banking Trojans use keyloggers to steal your credit card details, passwords, and authentication details. Hackers can impersonate a well-known bank, create a fake website, and trick users into typing their credentials. Usually, these types of scams are conducted through a malicious link in an email or text message.
Downloader Trojan. These Trojans have only one mission: to get inside your system and then download more malware.
DDoS Trojan. In a DDoS attack, a target network, server, or service is flooded with a huge amount of traffic, which causes the system to crash. These attacks are usually executed by botnet armies, a bunch of infected devices that have no idea about the processes running in the background. DDoS Trojans are only interested in recruiting more “zombie” soldiers to the botnet army so a hacker could acquire enough resources to launch an attack.
Fake antivirus Trojan. As the name suggests, fake antivirus Trojans pretend to be legitimate antivirus software. They cause panic among users by claiming that their system is infected and push them to pay for additional features. If you decide to pay, things might get even worse.
Ransom Trojan. This type of Trojan encrypts your data and holds it to ransom. If you refuse to pay the criminals, you might not get your files back. However, there’s no guarantee that you will retrieve your data even after paying. Ransomware often targets healthcare institutions, because they are more likely to pay money for getting their systems to work again.
SMS Trojan. While SMS Trojans cause less trouble than some other types of Trojans, they can still cost you a lot. They can send text messages to premium rate numbers and intercept your communication.
GameThief Trojan. Online gaming accounts are in high demand on the dark web, so criminals launch Trojans that steal users’ credentials.
Mailfinder Trojan. Mailfinders extract email addresses from the victim’s device and then send them to a hacker, who can then use them to orchestrate other vicious attacks.
Trojan-spy. These Trojans are built to spy on victims for various purposes, such as stealing sensitive data or gathering intelligence.
How to detect a Trojan
It can be hard to tell if you have a Trojan on your device. But, if you’re experiencing any of the issues mentioned below, you might have an unwanted guest:
Pop-ups and warnings that you have a virus show up.
Your computer becomes slow and occasionally crashes.
Some programs might not work or launch on their own.
You’re being redirected to suspicious sites.
You find programs on your computer that you don’t remember installing.
Your default browser changes without your consent.
How to remove a Trojan
Disconnect your computer from the internet so hackers can't execute any more commands remotely.
Restart your computer in safe mode.
Check all the apps that run in the background and quit the malicious ones.
Go through your app list and remove the ones you don’t recognize.
Scan your computer with antivirus software.
Reinstall your browser.
How to protect yourself from a Trojan
Nobody can be 100% safe from Trojan horses, and each of us could fall prey to criminals. However, with certain software and some common sense, you can minimize the risk of getting infected. Here are a few pieces of advice on how to protect yourself from Trojans and other malware:
Always update your software on time. Hackers often exploit software vulnerabilities, while developers try to patch them. If you postpone updates, a criminal can infect you through a security hole that was fixed months ago.
Never click on suspicious links in an email or text message. Phishing emails are the primary means of getting malware on your device. Never click on links unless you know and trust the sender.
Don't click on attachments. Email attachments are also a popular way of delivering malware, yet many people fail to pass this test.
Avoid torrenting sites. Malware can arrive bundled with other programs or files, so avoid using torrenting sites, as you can never know what you will get there. Stick to official app stores.
Create unique passwords. Having the same password for all accounts is a huge no-no. Make sure to use upper-case and lower-case letters combined with special characters and numbers in your passwords.
Enable two-factor authentication. Whenever you can, always use two-factor authentication as it will add an extra layer of security to your accounts.
Use antivirus software. While most devices arrive with native security software, having an additional antivirus is definitely not a bad idea.
Run away from suspicious websites. If a website starts to bombard you with strange ads, leave immediately. One accidental click, and you might end up with a herd of Trojan horses or adware.
Scan external devices before running them. An infected USB or external drive is a well-known way of transferring malware from one device to another, so always run a security scan first.
Use a VPN. A virtual private network encrypts your internet traffic and hides your IP address, thus improving your security. It’s especially useful on public Wi-Fi, as hackers can set a fake hotspot and infect your device remotely.
You can find the original blog post here at NordVPN.