In-depth

What is a Trojan?

The malicious malware lurks behind legitimate software to invade your computer

Trojan virus

What was once the name for a wooden horse that was used to sneak Greek soldiers inside the walls of Troy is now a term that puts IT professionals on edge. A Trojan, often referred to as a Trojan horse, is a form of malware disguised as legitimate software that either causes damage to a user's device or enables external access to it.

As their namesake suggests, Trojans prefer to remain undetected on a user's machine, slowly gathering information about it before performing malicious functions. Once inside it can copy info to send back to its creator, block access to data, and even drain the machine of resources.

Related Resource

Improving cyber security for remote working

13 recommendations for security from any location

Download now

There are a number of Trojan classifications and each one can perform different malicious tasks on your computer, such as embedding a backdoor or injecting rootkits which conceal certain objects or activities in your system. There are even Trojans that attempt to take financial information and even those that attack with DDoS software.

In 2019, an internationally coordinated effort from law enforcement agencies sized a website selling Trojan tools thought to be responsible for infecting thousands of computers. A larger percentage of these were remote access Trojans (RATs) that were sold for as little as $25.

Once a trojan has made its way onto a machine it's often too late to prevent malicious functions from initiating, making it one of the most effective tools for hackers.

Types of Trojan

In reality, Trojan is just an umbrella term and is not enough to fully describe how the malicious software works. There are a wide variety of Trojans in the wild, and they are usually named based on their behaviours once they have gained access to a system.

Backdoor Trojans, or remote access Trojans (RATs), are built solely to grant hackers full control over a system by creating some form of backdoor, allowing them to come and go as they please. This can be repeatedly exploited so long as the Trojan goes undetected, for everything from spying on users to supporting larger cyber attacks.

Download Trojans are so-called as they’re able to download other malware once they gain access to a system. A range of malicious programs can be downloaded this way, but the most popular tools are keyloggers, that harvest usernames and passwords as they are entered, or cryptocurrency miners, that silently make use of a system’s processing power to mine for Bitcoin and other digital tokens.

Banking Trojans, also known as 'Trojan bankers', are focused on financial gain. These hide themselves on a system until the user attempts to access online financial services, whether that’s a bank account or a payment service. The Trojan is then able to intercept this traffic and redirect the user to a fake website that looks near-identical to the page they were expecting to see. These fake pages are normally packed with data capture forms that attempt to steal user information.

Banking Trojans have been highly successful in the past, with notable examples such as Zeus, Dridex, and Kronos. With today's heightened security and proactive attempts to clamp down on this style of attack, banking Trojans aren't as prevalent as they once were.

How to protect against Trojans

While Trojans can cause significant damage if loaded on someone's system, there are ways to prevent malware from causing problems.

Simple steps such as avoiding unsafe websites and keeping accounts safe with secure passwords and firewalls can help prevent malware attacks. Updating a device's operating system as soon as possible will also help prevent Trojans from causing damage as malware tends to exploit the problems in outdated software.

It's also advisable to back up your files regularly, as if a Trojan infects your computer, this will help you to easily restore your data.

However, perhaps the most effective way of preventing this kind of malware attack is by installing anti-malware software on devices and running diagnostic scans with this software periodically.

Featured Resources

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Simplify cluster security at scale

Centralised secrets management across hybrid, multi-cloud environments

Download now

The endpoint as a key element of your security infrastructure

Threats to endpoints in a world of remote working

Download now

2021 state of IT asset management report

The role of IT asset management for maximising technology investments

Download now

Recommended

Ryuk behind a third of all ransomware attacks in 2020
Security

Ryuk behind a third of all ransomware attacks in 2020

29 Oct 2020
REvil hacking group says it has made more than $100m in a year
Security

REvil hacking group says it has made more than $100m in a year

29 Oct 2020
36 billion personal records exposed by hacks in 2020 so far
Security

36 billion personal records exposed by hacks in 2020 so far

29 Oct 2020
Trump website defaced in second successive cyber breach
Security

Trump website defaced in second successive cyber breach

28 Oct 2020

Most Popular

Do smart devices make us less intelligent?
artificial intelligence (AI)

Do smart devices make us less intelligent?

19 Oct 2020
Politicians need to stop talking about technology
Policy & legislation

Politicians need to stop talking about technology

21 Oct 2020
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

21 Oct 2020