What is a computer trojan virus and how do they work?July 30, 2021 | By Comodo
Computer Trojan Virus: Meaning
A computer Trojan refers to a program that appears to be harmless, but is in fact, malicious. It is a destructive program that acts as a benign application. You can confirm that a computer Trojan horse resides in your system if you come across strange activities and unexpected changes to your settings when the computer remains idle.
Key Types of Trojan Horse Viruses
- Destructive Trojans: Proxy Trojan horse viruses use the victim’s computer as a proxy server. This Trojans allows the attacker to do anything on your computer, including credit card fraud and several other illegal activities. The attacker will also be able to use your system to launch malicious attacks against other networks.
- FTP Trojans: FTP Trojan horse viruses open port 21 (the port for FTP transfer) and permits the attacker to connect to your computer using File Transfer Protocol (FTP).
- Denial-of-Service Attack (DoS) Trojans: A DoS Trojan horse executes a type of attack that brings a network to its knees by flooding it with useless traffic. Several DoS attacks, such as the Teardrop and Ping of Death attacks, exploit limitations in the TCP/IP protocols. For all the popular DoS attacks, there are software fixes that system administrators can install to limit the damage brought about by the attacks.
- Remote Access Trojans: A Remote Access Trojan (RAT) can provide the attacker with complete control of the victim’s system., this computer Trojan virus is usually hidden by attackers in games and several other small programs that unsuspecting users then execute on their PCs.
- Security Software Disabler Trojans: This Trojan horse virus stops or kills computer security software such as firewalls or antivirus programs without the user’s knowledge. It is usually incorporated with another type of Trojan as a “payload.”
- Data Sending Trojans: Data Sending Trojans supply the attacker with sensitive data, such as log files, passwords, e-mail address, credit card information or IM contact lists. These Trojans can look for pre-defined data, for example, only passwords or credit card information, or they can install a keylogger and send all recorded keystrokes back to the attacker.
How a Computer Trojan Virus Works
Below is an example of how a computer Trojan horse virus could be used for infecting a personal computer:
An official-looking email is received by the victim along with an attachment. This attachment contains a malicious code that gets executed immediately after the victim clicks on the attachment. Following this, the computer continues to work normally, hence the victim does not suspect that the attachment is in fact a computer Trojan that has infected his/her computing device.
The malicious code continues to be undetected until a specific date or until the time when the victim performs a particular action like visiting a banking website. When this takes place, the trigger activates the malicious code and the intended action finally gets executed. Based on how the computer Trojan virus has been developed, it may continue to be active, it may return to a dormant state or it may delete itself after it has successfully executed its intended function.
What is EDR?
Endpoint Protection Cloud
Endpoint Protection Definition