In-depth

What is a Trojan?

The malicious malware lurks behind legitimate software to invade your computer

Trojan virus

What was once the name for a wooden horse that was used to sneak Greek soldiers inside the walls of Troy is now a term that puts IT professionals on edge. A Trojan, often referred to as a Trojan horse, is a form of malware disguised as legitimate software that either causes damages to a user's device or enables external access to it.

As their namesake suggests, Trojans prefer to remain undetected on a user's machine, slowly gathering information about it before performing malicious functions. Once inside it can copy info to send back to its creator, block access to data, and even drain the machine of resources.

Related Resource

Enhance the safety and security of your people, assets and operations

Enable a true vision of security with an engineered solution based on hyperconverged and storage platforms

Download now

There are a number of Trojan classifications and each one can perform different malicious tasks on your computer, such as embedding a backdoor or injecting Rootkits which conceal certain objects or activities in your system. There are even Trojans that attempt to take financial information and even those that attack with DDoS software.

In 2019, an internationally coordinated effort from law enforcement agencies sized a website selling Trojan tools thought to be responsible for infecting thousands of computers. A larger percentage of these were Remote Access Trojans (RATs) that were sold for as little as $25.

Once a trojan has made its way onto a machine it's often too late to prevent malicious functions from initiating, making it one of the most effective tools for hackers.

Types of Trojan

There's a wide range of Trojan types out there, each named according to the methods they deploy to attack a system.

As the name suggests, Backdoor Trojans are designed to grant an external user full control over a system by creating a breach in a system - known as a 'backdoor'. This can then be exploited to repeatedly gain access to the system to steal or spy on its contents. The longer this door is open, the more damage a hacker can do.

Download Trojans get their name from being able to download other malware types once it has worked its way onto a system. Although a range of malicious tools can be installed, these Trojans often turn to keyloggers and cryptocurrency miners to secretly harvest data, often ending the attack with a ransomware infection.

Remote Access Trojans, or RATs, give cyber criminals full control over your machine via a remote network connection. These are usually downloaded invisibly with a user-requested program -- such as a game -- or sent as an email attachment.

Banking Trojans, also known as 'Trojan bankers', are so-called for their penchant for financial gain, typically lying in wait on a system until a user attempts to access their online banking service. The Trojan triggers by sending the user instead to a fake website, designed to mimic a legitimate bank, where it attempts to trick the user into entering their details.

Banking Trojans have been highly successful in the past, with notable examples such as Zeus, Dridex and Kronos. With today's heightened security and proactive attempts to clamp down on this style of attack, banking Trojans aren't as prevalent as they once were.

How to protect against Trojans

While Trojans can cause significant damage if loaded on someone's system, there are ways to prevent malware from causing problems.

Simple steps such as avoiding unsafe websites and keeping accounts safe with secure passwords and firewalls can help prevent malware attacks. Updating a device's operating system as soon as possible will also help prevent Trojans from causing damage as malware tends to exploit the problems in outdated software.

It's also advisable to back up your files regularly, as if a Trojan infects your computer, this will help you to easily restore your data. 

However, perhaps the most effective way of preventing this kind of malware attack is by installing anti-malware software on devices and running diagnostic scans with this software periodically.

Featured Resources

Five lessons learned from the pivot to a distributed workforce

Delivering continuity and scale with a remote work strategy

Download now

Connected experiences in a digital transformation

Enable businesses to meet the demands of the future

Download now

Simplify to secure

Reduce complexity by integrating your security ecosystem

Download now

Enhance the safety and security of your people, assets and operations

Enable a true vision of security with an engineered solution based on hyperconverged and storage platforms

Download now

Recommended

'Largest ever' Magecart hack compromises 2,000 online stores
hacking

'Largest ever' Magecart hack compromises 2,000 online stores

15 Sep 2020
Infocyte integrates with Palo Alto Networks Cortex XSOAR
cyber security

Infocyte integrates with Palo Alto Networks Cortex XSOAR

19 Aug 2020
Andrew Daniels joins Druva as CIO and CISO
Cloud

Andrew Daniels joins Druva as CIO and CISO

22 Jul 2020
University of California gets fleeced by hackers for $1.14 million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020

Most Popular

Accenture ploughs $3 billion into cloud migration support group
digital transformation

Accenture ploughs $3 billion into cloud migration support group

17 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
Google Pixel 4a review: A picture-perfect package
Google Android

Google Pixel 4a review: A picture-perfect package

18 Sep 2020