Trojan horses or Trojans are a type of malware disguised as legitimate software. Cyber thieves or hackers can use Trojans to gain access to user’s systems. Social engineering is used to trick users into installing and running Trojans on their computers. Trojans, once activated, can be used by cybercriminals to spy on your computer, steal your sensitive information, and gain backdoor entry to your system.
What is a Trojan?
“Trojan” is a term that comes from an ancient Greek legend about the Trojan horse, which led to The Fall of Troy. Trojan viruses operate in a similar way to your computer. They hide within seemingly innocent programs or try to trick you into downloading them. In 1974, a US Air Force report speculated on possible ways that computers could be compromised.
Sometimes, people will refer to a Trojan virus or trojan horse virus. However, these terms can be misleading. Trojans are not self-replicating viruses. A Trojan horse spreads by pretending that it is useful software or content but secretly contains malicious instructions. It is better to consider “Trojan”, which hackers use to deliver malware, as an umbrella term.
How does Trojans work?
To be effective, a Trojan must be executed by the victim. Trojan malware can infect computers in many ways, including:
- By clicking on malicious links or opening infected emails, a user can fall prey to phishing attacks or any other social engine attack.
- The pop-up appears as a fake anti-virus program and asks users to install it. This is called “scareware”. This is a Trojan that users download onto their devices.
- The user goes to a malicious website and is presented with drive-by that pretends to be helpful software.
- Untrustworthy websites allow users to download programs whose publishers are unknown.
- Trojans can be installed by hackers through software vulnerabilities or unauthorized access.
- Hackers make a fake Wi-Fi hotspot network look like the one that a user wants to connect to. The user can be redirected to fake sites by hackers when they connect to this network. These websites contain browser exploits that will redirect any file they attempt to download.
Sometimes, Trojans are referred to as “Trojan-Dropper”. Downloaders and droppers are programs that help with malware removal, including Trojans. They are usually implemented as small programs or scripts. They do not carry any malicious activity, but rather open the door to attacks by downloading, compressing, and installing core malicious modules.
Different types of Trojans
Trojans can be classified according to what type of actions they can do on your computer. Examples of Trojan horse viruses include:
Backdoor Trojans allow malicious users to gain remote control of infected computers. These Trojans allow the user to control the infected computer from anywhere they want, including sending, receiving, and launching files, displaying data, and rebooting it. Backdoor Trojans can be used to unify several victims’ computers into a botnet or network that can then be used for criminal purposes.
Exploits are programs that contain code or data that exploits a flaw in the software you have installed on your computer.
Trojan-Banker programs can be used to steal account information for online banking, electronic payment systems, and credit or debit card transactions.
Clampi, also known as Lights or Ilomo, is waiting for users to log in to make financial transactions such as online banking access or to enter credit card information to make an online purchase. Clampi’s sophisticated nature allows it to slip behind firewalls and remain undetected for long periods.
Crysis is often associated with fake support calls or so-called scareware. A pop-up message is displayed to victims, stating that their computer has been infected or that your device has been compromised. For support, the user is directed to a number. The user is pressed to pay for the assistance if they call the number. Sometimes, the customer service agent may ask the user to remotely access their computer to prevent data theft or device hijack.
These programs use DDoS to attack a specific web address. Multiple requests can be sent from both your computer and other infected computers to overwhelm the target address. This could lead to a denial-of-service attack.
Trojan-Downloaders can download and install malicious programs on your computer, including Trojans or adware.
These programs can be used by hackers to install Trojans and viruses or to block the detection of malicious programs. Some antivirus programs may not be able to scan all components of this Trojan.
Trojan-FakeAV software mimics the activity of antivirus programs. They will extort money in exchange for detection and removal, even though they do not report any threats.
This program steals account information from online gamers.
Ghost is an Android banking Trojan. It is disguised in malicious apps that are distributed via unofficial websites with randomly generated hostnames. These are most commonly encountered by victims when they search for apps not on Google Play. After the app has been downloaded, it asks for permissions, which allow malware infection if enabled. Ghost was discovered by security mistakes made by the gang behind the app. Researchers were able to view their operation and identify some of the perpetrators.
Trojan-IM programs can steal logins and passwords to instant messaging programs such as WhatsApp Messenger, Facebook Messenger, Skype, and many others. This Trojan allows the attacker to hijack chat sessions and send the Trojan to anyone on your contact list. They may also use your computer to launch DDoS attacks.
These programs can collect email addresses from your computer and allow cybercriminals to send spam and malware mass mailings to your contacts.
This Trojan can alter data on your computer, causing problems with your computer’s performance or preventing you from accessing certain data. After you pay them the ransom, the criminal will restore your computer’s performance and unblock your data.
Remote Access Trojans
Remote Access Trojans, also known as RAT, allow hackers to gain complete control of your computer from a remote location. These Trojans can be used to spy on you or steal your information. The intruder could use the compromised host system to distribute RATs on other computers to create a botnet.
Rootkits can hide certain activities or objects in your system. Rootkits are often used to hide malicious programs and extend the time that programs can run on infected computers.
These programs can be costly as they send text messages to premium rates phone numbers from your mobile device.
Trojan-Spy software can track your computer’s activities, such as taking screenshots and tracking data entered via your keyboard.
Qakbot is a sophisticated banking Trojan. This malware is believed to have been the first to specifically harvest banking information. It is often used together with other well-known tools.
Trojan Wacatac, a Trojan threat capable of causing severe damage to the target system, can perform a variety of malicious activities. It typically infiltrates through a phishing email, file-sharing over the infected network, and software patches. It is designed to steal confidential information and then shares it with hackers. It may also give hackers remote access to perform harmful tasks.