What is trojan?
Updated at: Oct 01, 2019
A trojan, or trojan horse, is a malware widely used for hacking and stealing data. The more advanced forms of trojan act by opening channels of communication between the hacked machine and the attacker, the so-called backdoors. Thus, the trojans end up being a dangerous threat that can access sensitive information from the machine or even install other types of malware, such as ransomware.
There are different types of trojan and it's common for people to confuse trojan with virus and worm. But we already anticipated that they are different things. Trojans don't auto-replicate or infect other files, unlike their fellow viruses and worms. In order to spread, trojans require user interaction, such as opening an email attachment or running a downloaded file from the internet.
How trojan infects devices
To explain how trojans infect devices, let's tell a story. In the epic poems Aeneid and Odyssey, attributed respectively to Virgil and Homer, a wise Greek warrior named Odysseus (or Ulysses) found an unusual way to overcome the immense walls of Troy. As the war seemed interminable, the Greeks would send an offering to the Trojans: a large wooden horse.
The present was carried into the city, but what the Trojans didn't know was that the gigantic horse hid Greek soldiers. Familiar or not with the poems, you can already imagine the end of the story. The Greeks won because they tricked the Trojans. On devices, that's how a trojan threat works, too.
How trojan works
A trojan is usually camouflaged as a harmless file and, because of that, often goes unnoticed even by threat detection tools. Its most common forms of infection are via weaponized files received by email or downloaded from suspicious sites.
Cybercriminals use the same logic as Odysseus. Using social engineering and other persuasive techniques, they induce users to run programs that appear to be legitimate and safe. In other words, it's the user himself who brings the threat into the device and executes it.
As we've already said, trojans are used for different purposes. It may not be so invasive, for example, just messing with your browser. But, in most cases, a trojan is used to gain access and control over your machine.
Think about a company. Imagine a trojan that may have been installed on someone's machine from the company's financial department, collecting bank information from the organization itself, from customers, and from partners. That’s bad, right?
Trojans are also used to create networks of zombies or botnets. A botnet is when a hacker uses a set of infected machines to promote other attacks. The infected devices are called zombies.
What are the types of trojan
There are many trojan categories and their names are connected to the main function they perform. Here are 4 examples:
1. Backdoor Trojan. They are those trojans that open backdoors for criminals to have full access to the machine.
2. Downloader Trojan. They are intended primarily to download and deploy other malicious code on the machine, such as ransomware.
3. DDoS Trojan. They are the trojans responsible for making the computer a zombie, which will later be used in other attacks.
4. Spy Trojan. They are the trojans responsible for reporting to the attacker all the actions and activities of the infected device.
How to protect from trojan
The best way to protect yourself against trojans are those old and good malware protection tips, such as not downloading suspicious files, not browsing suspicious websites, keeping the machine operating system up to date, using complex passwords and protection tools.
By the way, in the case of businesses, it's recommended the use of an email protection software, with anti-spam, anti-virus, sandbox and other security mechanisms. It's important because one of the main forms of trojan infections are email messages.
Now, if you think your computer is already infected with a trojan, the best way is to scan your system using anti-malware software. There are many of them on the internet, including trustworthy free versions.