What is a Trojan or Trojan Horse?
A Trojan is also known as Trojan horse. It is a type of malicious software developed by hackers to disguise as legitimate software to gain access to target users' systems. Users are typically tricked by some attractive social media adds who then directed to malicious website thereby loading and executing Trojans on their systems. Cyber-criminals use Trojans to spy on the victim user, gain illegal access to the system to extract sensitive data.
These actions can include:
- Deletes Data
- Copies data
- Modifies Data
- Blocks Data
- Disrupts the performance of the target computers or networks
Types of Trojan Virus (Updated Aug 2018)
- Trojan-Downloader: is a type of virus that downloads and installs other malware.
- Trojan-Droppers are complex programs used by cyber criminals to install malware. Most antivirus programs do not detect droppers as malicious, and hence it is used to install viruses.
- Ransomware - It is a type of Trojan (Trojan - ransom) that can encrypt the data on your computer/device. The cyber criminals who control this ransomware would demand a ransom for providing the decryption key. It is very difficult to recover the data without the decryption key. The WannaCry and Petya were recent ransomware attacks. Cyber security experts recommend users to follow a robust and systematic backup and recovery policy
- Trojan-Banker malware programs steal account-related information related to card payments and online banking.
- Trojan-Rootkits prevent detection of malware and malicious activities on the computer. These are sophisticated malware that provides control of the victim's device. Rootkits are also used to enroll the victim's device as part of a botnet.
- Trojan-Backdoor is a popular type of Trojan. It creates a backdoor to allow cyber criminals to access the computer later on from remote using a remote access tool (RAT). As this Trojan provides complete control over the computer, it is a dangerous but commonly used Trojan.
There are many more types of trojans - some can send premium SMS, steal your instant messaging credentials, spy on system activities to capture keystroke data, steal email addresses and gaming credentials.
How Do Trojans Horse Virus infect the system?
A backdoor Trojan gives the hackers malicious access to take remote control over the infected computer. They entitle the malicious hacker to work on the infected computer as per the malicious intentions. They can send, receive, delete and launch files, display data and reboot the computer. Backdoor Trojans are mostly used by hackers to exploit a group of infected computers to form a zombie network or malicious botnet that can be used for criminal purposes.
Exploit is a type of Trojan that contains a malicious code or data to attack a vulnerable software or application that runs on an infected computer.
Rootkits are developed by malware authors to gain access to the victim’s system, while they conceal their presence or their malicious activities from being detected to extend their presence to run and execute on the infected computer.
This is a type of trojan developed to extract user's account data, debit or credit card data through online banking systems, e-payment gateway.
These programs are developed to perform Denial of Service (DOS) attacks so as to infect the victim's web address. the malware program sends multiple from the victim's infected computer and forms a network with several other infected computers –to strongly enforce an attack against the target address causing a denial of service.
Trojan-Downloaders as the name suggests, it is developed by hackers to download and install new versions of malicious programs onto the target victim's computer.
These programs are developed by malware authors to install Trojans/viruses and escape the detection of malicious programs. Most of the traditional antivirus programs are inefficient to scan all the components this Trojan.
Trojan-FakeAV programs pretend to operate like an antivirus software. They are developed by cyber thieves to obtain money from the target user – in return, in order to detect and remove threats, despite the threats that they report are non-existent in real-time.
The main targets for Trojan-Game Thief are online gamers and their prime motive is to steal the user account information.
Trojan-IM programs primarily extract users' logins and passwords of Skype, Facebook Messenger, ICQ, MSN Messenger, Yahoo Pager, AOL, and many more.
Trojan-Ransom is developed to alter data on the victim's computer – so that the system doesn’t perform its function correctly and also it does not let the user, use certain data. The criminal would demand a ransom to be paid by the victim to unblock the restricted access to the data and restore the computer’s performance.
Trojan-SMS programs send text messages from the victim's mobile device to other phone numbers.
Trojan-Spy programs, as the name suggests, can spy on how the victim is using the computer – for example, tracking data, taking screen shots or extracting a list of running applications.
These programs are developed by hackers to extract email addresses from the victim's computer.
Easy Steps for How to protect against Trojan Horse Attacks?
Cyber criminals send emails with malicious links or attachments. Users get tricked by attractive advertisements and offers and when they open the attachment or click on the links, get their device infected with a Trojan Virus.
Installing the right endpoint protection software is critical and it would help users to stay ahead of trojan attacks. Comodo Endpoint protection integrates unparalleled antivirus, robust firewall, anti-spyware, application control featuring host intrusion prevention techniques - all in one single console to deliver comprehensive protection. The Endpoint protection platform from Comodo also features a future proof technology called the containment technology that creates an isolated virtual environment, hard drive, registry, and virtual COM interface. If any unknown files try to enter the system, it will continue its malicious activity, however, the malicious activity is restricted only in the virtual environment. This ensures that your systems' original document and files are not infected. With all Comodo's Containment technology, all kinds of infection are at bay.