What is a Trojan?
The malicious malware lurks behind legitimate software to invade your computer
What was once the name for a wooden horse that was used to sneak Greek soldiers inside the walls of Troy is now a term that puts IT professionals on edge. A Trojan, often referred to as a Trojan horse, is a form of malware disguised as legitimate software that either causes damage to a user's device or enables external access to it.
As their namesake suggests, Trojans prefer to remain undetected on a user's machine, slowly gathering information about it before performing malicious functions. Once inside it can copy info to send back to its creator, block access to data, and even drain the machine of resources.
Improving cyber security for remote working
13 recommendations for security from any locationDownload now
There are a number of Trojan classifications and each one can perform different malicious tasks on your computer, such as embedding a backdoor or injecting rootkits which conceal certain objects or activities in your system. There are even Trojans that attempt to take financial information and even those that attack with DDoS software.
In 2019, an internationally coordinated effort from law enforcement agencies sized a website selling Trojan tools thought to be responsible for infecting thousands of computers. A larger percentage of these were remote access Trojans (RATs) that were sold for as little as $25.
Once a trojan has made its way onto a machine it's often too late to prevent malicious functions from initiating, making it one of the most effective tools for hackers.
Types of Trojan
In reality, Trojan is just an umbrella term and is not enough to fully describe how the malicious software works. There are a wide variety of Trojans in the wild, and they are usually named based on their behaviours once they have gained access to a system.
Backdoor Trojans, or remote access Trojans (RATs), are built solely to grant hackers full control over a system by creating some form of backdoor, allowing them to come and go as they please. This can be repeatedly exploited so long as the Trojan goes undetected, for everything from spying on users to supporting larger cyber attacks.
Download Trojans are so-called as they’re able to download other malware once they gain access to a system. A range of malicious programs can be downloaded this way, but the most popular tools are keyloggers, that harvest usernames and passwords as they are entered, or cryptocurrency miners, that silently make use of a system’s processing power to mine for Bitcoin and other digital tokens.
Banking Trojans, also known as 'Trojan bankers', are focused on financial gain. These hide themselves on a system until the user attempts to access online financial services, whether that’s a bank account or a payment service. The Trojan is then able to intercept this traffic and redirect the user to a fake website that looks near-identical to the page they were expecting to see. These fake pages are normally packed with data capture forms that attempt to steal user information.
Banking Trojans have been highly successful in the past, with notable examples such as Zeus, Dridex, and Kronos. With today's heightened security and proactive attempts to clamp down on this style of attack, banking Trojans aren't as prevalent as they once were.
How to protect against Trojans
While Trojans can cause significant damage if loaded on someone's system, there are ways to prevent malware from causing problems.
Simple steps such as avoiding unsafe websites and keeping accounts safe with secure passwords and firewalls can help prevent malware attacks. Updating a device's operating system as soon as possible will also help prevent Trojans from causing damage as malware tends to exploit the problems in outdated software.
It's also advisable to back up your files regularly, as if a Trojan infects your computer, this will help you to easily restore your data.
However, perhaps the most effective way of preventing this kind of malware attack is by installing anti-malware software on devices and running diagnostic scans with this software periodically.
The complete guide to changing your phone system provider
Optimise your phone system for better business resultsDownload now
Simplify cluster security at scale
Centralised secrets management across hybrid, multi-cloud environmentsDownload now
The endpoint as a key element of your security infrastructure
Threats to endpoints in a world of remote workingDownload now
2021 state of IT asset management report
The role of IT asset management for maximising technology investmentsDownload now