What is a Trojan virus? An impostor, a saboteur, and a master of disguise. But it isn\u2019t actually a virus. Find out how this masquerading malware operates, and keep your systems safe.<\/p>\n
The Trojan or Trojan Horse is a form of malware<\/a> that pretends to be something it isn\u2019t, such as legitimate software or a document attachment on an email. It\u2019s a digital wolf in sheep\u2019s clothing.<\/p>\n When a user tries to run the bogus software or open the malignant document, the Trojan delivers its payload. The payload might be a keystroke logger to track keystrokes. It might hunt for banking credentials on your computer. It might install a backdoor for the threat actors to allow them to access your computer remotely.<\/p>\n The malware gets its name from the fabled wooden horse built by the Greeks<\/a> as they lay siege to Troy, around 1190 BC. Packed with hidden warriors led by Odysseus, the horse was brought inside the city walls by the Trojans who mistook the horse as an offering made to Athena by the retreating Greeks.<\/p>\n Trojan malware works in the same way. It tries to trick you into taking the bait. Trojans are not viruses, though. A virus attaches itself to another file, program, or document and piggy-backs on them for transport. Viruses can replicate to spread their infection by attaching copies of themselves to other files. Trojans cannot replicate themselves and do not attach themselves to other files.<\/p>\n If Trojans can\u2019t replicate like viruses, how do they infect computers? They do so u<\/span>sing common <\/span>cyberattack methods like phishing campaigns.<\/span><\/p>\n Phishing campaigns send emails that look like they have come from a trusted source<\/a>. They may carry a malicious payload hidden in an attachment, or they may contain a link that takes you to a fraudulent website masquerading as a legitimate website.<\/span><\/p>\n Cybercriminals are quick to react to <\/span>current affairs<\/span>\u00a0<\/span>and to re-skin their existing cyber threats <\/span>to take advantage of news items. And the bigger the item the better<\/span>. The COVID-19 pandemic has provided a perfect cover story<\/a> for <\/span>threat actors to send out emails purporting to be from official medical or governmental channels. Opening the attachment—which might pretend to offer medical advice, <\/span>COVID-10 test kits, or<\/span> information regarding financial aid and furlough schemes—infects your computer. <\/span><\/p>\n Not all phishing emails have attachments. Others contain <\/span>links that take you to bogus websites. The <\/span>sole purpose of these sites is to <\/span>compel you to download <\/span>something. It might be dressed up as <\/span>information packs, software to help track and fight the virus, <\/span>or information on financial aid and furlough schemes<\/span>. <\/span>Whatever it says it is, it isn\u2019t. It\u2019s just a mechanism to get their software onto your computer.<\/span><\/p>\n Threat actors also place Trojans on download and file sharing sites. The victim might think they are downloading a film, a video game, or some music, but they\u2019re actually downloading malicious software. This doesn\u2019t just happen on illegal file sharing and torrent sites. <\/span>For example, <\/span>legitimate sites that share desktop wallpaper can have Trojans u<\/span>ploaded to <\/span>them pretending to be compressed files containing a wallpaper collection.<\/span><\/p>\n Trojans c<\/span>an be <\/span>grouped according to their behavior and activity. <\/span><\/p>\n A Trojan is a delivery mechanism, designed to get malware installed on your computer. They are <\/span>usually <\/span>a means to an end, not the end themselves. <\/span>The malware they install is usually one of the following:<\/span><\/p>\n S<\/span>ome advanced Trojans will inspect your computer before deciding what their<\/span>\u00a0best course of action <\/span>is<\/span>. Should it install ransomware and take a one-off payment, or should it install cryptojacking software and repeatedly make small amounts of money for an indefinite period of time? The Rakhni Trojan, for example, uses this approach. It can install two different threats and makes a decision about which to deploy on a per<\/em> machine basis.<\/span><\/p>\n The signs of infection by a Trojan are the same as for most malware<\/a>.<\/p>\n<\/a>How Trojans Spread<\/h2>\n
<\/a>Types of Trojan<\/h2>\n
\n
\n
<\/a>Examples of Trojans<\/h2>\n
\n
<\/a>Detecting Infection<\/h2>\n
\n
<\/a>Avoiding Infection<\/h2>\n