What is a Trojan Virus
A Trojan Virus is a computer program that hides malware in a normal looking file. It appears as legitimate software to fool the user into opening or installing the file/program. A Trojan virus does not replicate itself. Though it does not spread to other systems on the network, it can cause destruction.
Why is it called as a Trojan Virus?
In Greek mythology, during the Trojan War, the Greeks had laid siege to the city of Troy. When they found that they were not able to break into its defenses, they built a large wooden horse and left it at the gates of the city and left. The people of Troy pulled the large wooden horse into the city gates and closed the gates. During that night, soldiers who had hidden within the horse came out, opened the gates and allowed their army to come inside. Troy lost the war due to the Trojan horse.
Since the deceptive behavior of this computer virus is similar to the Trojan horse, it got the name of Trojan horse virus.
Trojan Virus Types
Trojan-Downloader is a type of virus that downloads and installs other malware.
Trojan-Droppers are complex programs used by cyber criminals to install malware. Most antivirus programs do not detect droppers as malicious, and hence it is used to install viruses.
Ransomware - It is a type of Trojan (Trojan - ransom) that can encrypt the data on your computer/device. The cyber criminals who control this ransomware would demand a ransom for providing the decryption key. It is very difficult to recover the data without the decryption key. The WannaCry and Petya were recent ransomware attacks. Cyber security experts recommend users to follow a robust and systematic backup and recovery policy.
Trojan-Banker malware programs steal account-related information related to card payments and online banking.
Trojan-Rootkits prevent detection of malware and malicious activities on the computer. These are sophisticated malware that provides control of the victim's device. Rootkits are also used to enroll the victim's device as part of a botnet.
Trojan-Backdoor is a popular type of Trojan. It creates a backdoor to allow cyber criminals to access the computer later on from remote using a remote access tool (RAT). As this Trojan provides complete control over the computer, it is a dangerous but commonly used Trojan.
There are many more types of trojans - some can send premium SMS, steal your instant messaging credentials, spy on system activities to capture keystroke data, steal email addresses and gaming credentials.
How Do Computers Get Infected
Cyber criminals spread emails with malicious attachments. Clicking open the harmless looking attachment would infect the device with a Trojan Virus. Sophisticated Trojan Viruses maintain a low-profile that cannot be detected by most antivirus solutions. Drive-by downloads is another popular method of spreading Trojan viruses.
Comodo Advanced Endpoint Protection (AEP)
Comodo AEP is the only Endpoint Protection solution that follows a unique default-deny policy to block all known bad files, allow the known good files and automatically contain unknown, possibly malicious Trojan viruses within a sophisticated virtual container. The behavior of the unknown file is observed and based on the verdict received from its cloud-based Valkyrie engine, the unknown file is either allowed to access actual system resources or deleted. Comodo AEP provides effective protection against zero-day Trojan viruses.