What is a Trojan virus? How does it work?
Trojan viruses (also known as Trojan horses) are a common kind of malicious software. By pretending to be a legitimate program or file, Trojans are easy to install unknowingly. While every Trojan virus pretends to be another kind of program, they can do anything, from stealing your banking information to encrypting your files and demanding a ransom.
In this article, we’ll explore the topic of Trojan horses from a variety of angles.
What does a Trojan virus do?
The definition of a Trojan virus doesn’t specifically define what it does, only how it spreads. Trojan horses always impersonate some kind of legitimate software. Once it’s on your computer, a Trojan horse can perform any malicious activity.
As an example, many kinds of Trojan horses appear to be updates for common software like Adobe Flash. Instead of updating Flash when they’re run, these programs install malware.
Types of Trojan viruses
Trojan horses are commonly categorized by the specific programs that they impersonate. Sometimes, they’re also categorized by what they do after they’re installed. Here are some of the most common types of trojan viruses:
- Fake antivirus software. This particularly nasty variety pretends to be antivirus or anti-spyware software. Since users commonly give security software full permissions to their computer, fake antivirus software can be particularly damaging.
- Downloader Trojans. These kinds of malware don’t do anything inherently malicious on their own. Instead, they download another program that does the dirty work.
- Spyware Trojans (including banking trojans). Software that steals information, like banking credentials or tax records, is known as spyware. Trojan horses commonly distribute spyware by tricking users into unwittingly installing it.
- Backdoor Trojans. Backdoors give external hackers control over your computer. With a backdoor trojan, a criminal tricks you into letting them remotely access and command your computer.
- Botnet Trojans. As a type of backdoor Trojan, these pieces of malware add victims’ computers to a botnet. The botnet might take down an entire website through a distributed denial of service attack, for example.
Where do Trojan viruses come from?
Trojan viruses can originate from a wide variety of places. While other kinds of malware require less human interaction, Trojan horses dupe computer users into installing them.
Some of the more standard ways to get a Trojan virus are listed below:
- Malicious emails. Email messages purporting to be from a legitimate sender but containing malicious attachments or links commonly have Trojans. These emails might link to elaborate websites that impersonate real software download pages pixel-for-pixel.
- Peer-to-peer downloads. Executables disguised as video files and “ride-along” malware still exist on many peer-to-peer file sharing networks.
- Malvertising. Malicious advertising commonly results in malware installations. Unscrupulous ad buyers put fake download buttons next to real download buttons, encouraging users to click the wrong thing. These ads often contain Trojan horses.
In general, every Trojan virus installation requires some amount of social engineering. To get malware installed on your computer, hackers have to trick you into allowing it.
Can a Trojan virus be removed?
Yes. While a computer Trojan might have stolen your information or sold access to your system’s resources for crime, you can remove it.
Today’s increasingly advanced malware takes more time and effort to remove thoroughly than ever before. Using a strong anti-malware tool is likely the best place to start. However, as with other kinds of malware, the most surefire way to get rid of a Trojan is to completely wipe and reinstall your computer.
These days, malware rarely arrives alone. Even if you detect a single Trojan on your computer, you might have other kinds of more sneaky malware running as well. For this reason, completely wiping your computer can be the only solution in some cases.
Examples of Trojans
Like other types of malware, Trojans have been involved in all sorts of major examples of cybercrime. Some of the most high-profile computer Trojans are listed here:
- FinFisher spyware, used by governments to spy on citizens, sometimes uses a Trojan to arrive on victims’ computers. By presenting itself as a fake software update or malicious email attachment, it evades detection.
- Koobface worm used Facebook messages with fake Adobe Flash updates to spread.
- Shedun malware for Android involved over 20,000 fake versions of popular apps with hidden malware inside. Most users were unable to get rid of the malware without getting a new phone.
- Flashback Trojan for macOS used a fake Adobe Flash installer combined with a security vulnerability in Java.
How to protect against Trojans
Even compared to other kinds of malware, trojans are sneaky. Protecting against them entirely is challenging. That said, it’s not impossible.
- Use common sense when downloading programs and opening files. Don’t download untrustworthy programs or open attachments from unknown sources.
- Be careful with file sharing. Peer-to-peer file sharing applications (like movie torrenting) can be an easy way to accidentally get malware. Be very careful with the files you download, especially from shadier sources.
- Use an antimalware solution. Even with perfect carefulness, you’re bound to slip up at some point. An antivirus program can provide a backstop to catch mistakes before your information gets compromised.
Always check the address bar when downloading files or entering information. Some trojans work similarly to phishing attacks. A hacker might create a website that pretends to come from a company you use every day. Be sure that the website displayed in the address bar is the website you actually intend to reach.