Trojan Horse or Trojan is a malware that infects a computer without the user's knowledge and does malicious activities like stealing sensitive information, formatting disks, corrupting data, degrading system performance etc.
The name Trojan is derived from the ancient Greek wooden horse that the Greeks used to invade Troy stealthily. Trojan programs generally tricks a user by some form of social engineering and get loaded and executed into the system. They often misrepresent themselves to appear useful, routine or interesting to the user and persuades the user to install it.
Unlike worms or viruses, they cannot inject themselves to other files or self-replicate.
If installed with elevated privileges, Trojans get unlimited access to the computer and do much destructive activities. This includes :
- data corruption
- formatting of disks
- crashing the computer
- spreading malware to other computers in network with the help of an infected computer
- steal sensitive information, like login information, bank account and credit card passwords etc.
- Spy on user activities
- use the infected computers as a botnet and using their computational resources for doing some illegal activities
- install ransomware and extort money
- keystroke logging
- controlling the computer system remotely
Some common types of Trojans
Let's look at a few types of Trojans to understand in a better way how it affects us.
This type of Trojans give the attacker remotes control over the computer after infecting it. This controls may be data corruption, system crash, rebooting computer, displaying attacker controlled data etc. Sometimes, attackers even use the infected computers as a botnet and use their resources for criminal purposes.
This type of Trojans infect a computer and searches for vulnerabilities of the programs or software running on the system to control it further.
This type of Trojans infect a computer and disables anti-virus or other security programs, so that it can infect the computer further.
They steal sensitive user data like bank account passwords, credit card numbers etc from the infected computer.
This type of Trojans use the infected computers to perform a DDoS or Distributed Denial of Service attack on a victim computer in the network.
They misrepresent themselves to appear a security program and often reports that the computer is infected, though it is actually false. Their main purpose is to appear useful to the user so that the user installs it and gets infected by the Trojans.
They steal account information for online gamers.
They steal login information of Instant Messaging users.
The purpose of Trojan-Ransomware is to infect the computer and extort money from the user.
They cost the user a huge amount of money by sending text messages to some premium rate phone numbers without the user's knowledge.
They spy on the user using keylogger, webcam etc and collects sensitive data.
They harvest email addresses from the infected computer.
They play annoying sounds on the speaker or display taunting message on the screen, but otherwise comparatively less harmful.
- Trojans mostly uses some social engineering to infect a victim's computer. Do not click on any link if you are not very sure of its authenticity. Do not open email attachments if you are not sure of the sender. And, always avoid downloading software from untrusted sources.
- Trojans often exploit security vulnerabilities of commonly used software to infect a computer. So, always keep your computer updated with recent security patches of all the commonly used software.
- Update your Operating Systems with recent patches for the same reason.
- Always keep your system updated with recent patches of anti-malware programs from a trusted source.
- Configure Firewalls in your system properly.
This was an introductory article on Trojans. Hope to keep you updated with more information from time to time. Stay safe, stay protected.