What Is a Trojan Horse? Trojan Virus and Malware ...

A Trojan Horse Virus is a type of malware that downloads onto a computer disguised as a legitimate program. The delivery method typically sees an attacker ... Skiptocontent Skiptonavigation Skiptofooter TrojanHorseVirus ContactUs WhatIsaTrojanHorseVirus? ATrojanHorseVirusisatypeofmalwarethatdownloadsontoacomputerdisguisedasalegitimateprogram.Thedeliverymethodtypicallyseesanattackerusesocialengineeringtohidemaliciouscodewithinlegitimatesoftwaretotryandgainusers'systemaccesswiththeirsoftware. Asimplewaytoanswerthequestion"whatisTrojan"isitisatypeofmalwarethattypicallygetshiddenasanattachmentinanemailorafree-to-downloadfile,thentransfersontotheuser’sdevice.Oncedownloaded,themaliciouscodewillexecutethetasktheattackerdesigneditfor,suchasgainbackdooraccesstocorporatesystems,spyonusers’onlineactivity,orstealsensitivedata. IndicationsofaTrojanbeingactiveonadeviceincludeunusualactivitysuchascomputersettingsbeingchangedunexpectedly. HistoryoftheTrojanHorse TheoriginalstoryoftheTrojanhorsecanbefoundintheAeneidbyVirgilandtheOdysseybyHomer.Inthestory,theenemiesofthecityofTroywereabletogetinsidethecitygatesusingahorsetheypretendedwasagift.Thesoldiershidinsidethehugewoodenhorseandonceinside,theyclimbedoutandlettheothersoldiersin. Thereareafewelementsofthestorythatmaketheterm“Trojanhorse”anappropriatenameforthesetypesofcyberattacks: TheTrojanhorsewasauniquesolutiontothetarget’sdefenses.Intheoriginalstory,theattackershadlaidsiegetothecityfor10yearsandhadn’tsucceededindefeatingit.TheTrojanhorsegavethemtheaccesstheyhadbeenwantingforadecade.ATrojanvirus,similarly,canbeagoodwaytogetbehindanotherwisetightsetofdefenses. TheTrojanhorseappearedtobealegitimategift.Inasimilarvein,aTrojanviruslookslikelegitimatesoftware. ThesoldiersintheTrojanhorsecontrolledthecity’sdefensesystem.WithaTrojanvirus,themalwaretakescontrolofyourcomputer,potentiallyleavingitvulnerabletoother“invaders.” HowDoTrojansWork? Unlikecomputerviruses,a Trojanhorse cannotmanifestbyitself,soitneedsausertodownloadtheserversideoftheapplicationforittowork.Thismeanstheexecutable(.exe)fileshouldbeimplementedandtheprograminstalledfortheTrojantoattackadevice’ssystem.  ATrojanvirusspreadsthroughlegitimate-lookingemailsandfilesattachedtoemails,whicharespammedtoreachtheinboxesofasmanypeopleaspossible.Whentheemailisopenedandthemaliciousattachmentisdownloaded,theTrojanserverwillinstallandautomaticallyruneverytimetheinfecteddeviceisturnedon.  DevicescanalsobeinfectedbyaTrojanthroughsocialengineeringtactics,whichcybercriminalsusetocoerceusersintodownloadingamaliciousapplication.Themaliciousfilecouldbehiddeninbanneradvertisements,pop-upadvertisements,orlinksonwebsites.  AcomputerinfectedbyTrojanmalwarecanalsospreadittoothercomputers.Acybercriminalturnsthedeviceintoazombiecomputer,whichmeanstheyhaveremotecontrolofitwithouttheuserknowing.Hackerscanthenusethezombiecomputertocontinuesharingmalwareacrossanetworkofdevices,knownasabotnet. Forexample,ausermightreceiveanemailfromsomeonetheyknow,whichincludesanattachmentthatalsolookslegitimate.However,theattachmentcontainsmaliciouscodethatexecutesandinstallstheTrojanontheirdevice.Theuseroftenwillnotknowanythinguntowardhasoccurred,astheircomputermaycontinuetoworknormallywithnosignsofithavingbeeninfected.  Themalwarewillresideundetecteduntiltheusertakesacertainaction,suchasvisitingacertainwebsiteorbankingapp.Thiswillactivatethemaliciouscode,andtheTrojanwillcarryoutthehacker’sdesiredaction.DependingonthetypeofTrojanandhowitwascreated,themalwaremaydeleteitself,returntobeingdormant,orremainactiveonthedevice. Trojanscanalsoattackandinfectsmartphonesandtabletsusingastrandofmobilemalware.ThiscouldoccurthroughtheattackerredirectingtraffictoadeviceconnectedtoaWi-Finetworkandthenusingittolaunchcyberattacks. MostCommonTypesofTrojanMalware Therearemanytypesof Trojanhorseviruses thatcybercriminalsusetocarryoutdifferentactionsanddifferentattackmethods.ThemostcommontypesofTrojanusedinclude: BackdoorTrojan: AbackdoorTrojanenablesanattackertogainremoteaccesstoacomputerandtakecontrolofitusingabackdoor.Thisenablesthemaliciousactortodowhatevertheywantonthedevice,suchasdeletingfiles,rebootingthecomputer,stealingdata,oruploadingmalware.AbackdoorTrojanisfrequentlyusedtocreateabotnetthroughanetworkofzombiecomputers. BankerTrojan: AbankerTrojanisdesignedtotargetusers’bankingaccountsandfinancialinformation.Itattemptstostealaccountdataforcreditanddebitcards,e-paymentsystems,andonlinebankingsystems. Distributeddenial-of-service(DDoS)Trojan: TheseTrojanprogramscarryoutattacksthatoverloadanetworkwithtraffic.Itwillsendmultiplerequestsfromacomputeroragroupofcomputerstooverwhelmatargetwebaddressandcauseadenialofservice. DownloaderTrojan: AdownloaderTrojantargetsacomputerthathasalreadybeeninfectedbymalware,thendownloadsandinstallsmoremaliciousprogramstoit.ThiscouldbeadditionalTrojansorothertypesofmalwarelikeadware. ExploitTrojan: Anexploitmalwareprogramcontainscodeordatathattakesadvantageofspecificvulnerabilitieswithinanapplicationorcomputersystem.Thecybercriminalwilltargetusersthroughamethodlikeaphishingattack,thenusethecodeintheprogramtoexploitaknownvulnerability. FakeantivirusTrojan: AfakeantivirusTrojansimulatestheactionsoflegitimateantivirussoftware.TheTrojanisdesignedtodetectandremovethreatslikearegularantivirusprogram,thenextortmoneyfromusersforremovingthreatsthatmaybenonexistent. Game-thiefTrojan: Agame-thiefTrojanisspecificallydesignedtostealuseraccountinformationfrompeopleplayingonlinegames. Instantmessaging(IM)Trojan: ThistypeofTrojantargetsIMservicestostealusers’loginsandpasswords.IttargetspopularmessagingplatformssuchasAOLInstantMessenger,ICQ,MSNMessenger,Skype,andYahooPager. InfostealerTrojan: ThismalwarecaneitherbeusedtoinstallTrojansorpreventtheuserfromdetectingtheexistenceofamaliciousprogram.ThecomponentsofinfostealerTrojanscanmakeitdifficultforantivirussystemstodiscovertheminscans. MailfinderTrojan: AmailfinderTrojanaimstoharvestandstealemailaddressesthathavebeenstoredonacomputer. RansomTrojan: RansomTrojansseektoimpairacomputer’sperformanceorblockdataonthedevicesothattheusercannolongeraccessoruseit.Theattackerwillthenholdtheuserororganizationransomuntiltheypayaransomfeetoundothedevicedamageorunlocktheaffecteddata. RemoteaccessTrojan: SimilartoabackdoorTrojan,thisstrandofmalwaregivestheattackerfullcontrolofauser’scomputer.Thecybercriminalmaintainsaccesstothedevicethrougharemotenetworkconnection,whichtheyusetostealinformationorspyonauser. RootkitTrojan: Arootkitisatypeofmalwarethatconcealsitselfonauser’scomputer.Itspurposeistostopmaliciousprogramsfrombeingdetected,whichenablesmalwaretoremainactiveonaninfectedcomputerforalongerperiod. Shortmessageservice(SMS)Trojan: AnSMSTrojaninfectsmobiledevicesandiscapableofsendingandinterceptingtextmessages.Thisincludessendingmessagestopremium-ratephonenumbers,whichincreasesthecostsonauser’sphonebill. SpyTrojan: SpyTrojansaredesignedtositonauser’scomputerandspyontheiractivity.Thisincludesloggingtheirkeyboardactions,takingscreenshots,accessingtheapplicationstheyuse,andtrackinglogindata. SUNBURST:TheSUNBURSTtrojanviruswasreleasedonnumerousSolarWindsOrionPlatform.Victimswerecompromisedbytrojanizedversionsofalegitimate SolarWindsdigitallysignedfilenamed:SolarWinds.Orion.Core.BusinessLayer.dll.Thetrojanizedfileisabackdoor.Onceonatargetmachine,itremainsdormantforatwo-weekperiodandwillthenretrievecommandsthatallowittotransfer,execute,performreconnaissance,rebootandhaltsystemservices.CommunicationoccursoverhttptopredeterminedURI's. HowToRecognizeaTrojanVirus ATrojanhorseviruscanoftenremainonadeviceformonthswithouttheuserknowingtheircomputerhasbeeninfected.However,telltalesignsofthepresenceofaTrojanincludecomputersettingssuddenlychanging,alossincomputerperformance,orunusualactivitytakingplace.ThebestwaytorecognizeaTrojanistosearchadeviceusingaTrojanscannerormalware-removalsoftware. HowToProtectYourselffromTrojanViruses ATrojanhorseviruscanoftenremainonadeviceformonthswithouttheuserknowingtheircomputerhasbeeninfected.However,telltalesignsofthepresenceofaTrojanincludecomputersettingssuddenlychanging,alossincomputerperformance,orunusualactivitytakingplace.ThebestwaytorecognizeaTrojanistosearchadeviceusingaTrojanscannerormalware-removalsoftware. ExamplesofTrojanHorseVirusAttacks Trojanattackshavebeenresponsibleforcausingmajordamagebyinfectingcomputersandstealinguserdata.Well-knownexamplesofTrojansinclude: RakhniTrojan: TheRakhniTrojandeliversransomwareoracryptojackertool—whichenablesanattackertouseadevicetominecryptocurrency—toinfectdevices.  TinyBanker: TinyBankerenableshackerstostealusers’financialdetails.Itwasdiscoveredwhenitinfectedatleast20U.S.banks. ZeusorZbot: ZeusisatoolkitthattargetsfinancialservicesandenableshackerstobuildtheirownTrojanmalware.Thesourcecodeusestechniqueslikeformgrabbingandkeystrokeloggingtostealusercredentialsandfinancialdetails.  HowFortinetCanHelp? The Fortinetantivirusservices.leveragethepoweroftheFortiGuardLabsGlobalThreatIntelligencesystem.Inthespanofaminute,FortiGuardeliminates,onaverage,95,000 malware programs.FortiGuarddoesthisbyincorporatingknowledgeofthedifferenttypesofviruses withintheglobalthreatlandscape.Countermeasuresareengineeredtoneutralizeeachtypeofthreat,andthentheyareautomaticallyenactedbyFortiGuard,therebyprotectingthenetworksundertheFortiGuardumbrella. TheFortiGuardantivirusprotectionsystemcomeswithFortiGate,FortiSandbox,FortiMail,FortiWeb,FortiCache,andFortiClient.  QuickLinks FreeProductDemo Explorekeyfeaturesandcapabilities,andexperienceuserinterfaces. ResourceCenter Downloadfromawiderangeofeducationalmaterialanddocuments. FreeTrials Testourproductsandsolutions. ContactSales Haveaquestion?We'reheretohelp. AlsoofInterestWhatisaKeylogger?WhatIsaWormVirus?Malwarevs.Virusvs.Worm:AnOverview ×