A trojan horse is a malicious computer program that disguises itself as a useful or routine file in order to trick a user to install it.
Trojan horses, sometimes simply referred to as Trojans, derive their name from the story of the wooden horse that allowed Greek troops to invade the city of Troy undetected. Just like the wooden horse in the story, Trojans deceive users into lowering their defenses and voluntarily welcoming and installing the invading malicious code onto their system. Once the malicious code has been installed damage may be done to the hard disk, information and data may be stolen, or the Trojan author may be able to gain unauthorized access to the infected system.
Frequently Asked Questions
What do malware authors hope to gain by spreading a Trojan?
Trojans are often used to create a backdoor into a computer system with the author can use for a variety of nefarious purposes including screen scraping, webcam hijacking, ID and data theft, installation of ransomware, adding the infected machine to a botnet, or general mayhem and destruction of hard drive contents.
Is a Trojan horse a type of virus?
The three primary categories of malware are viruses, worms, and Trojan horses. What all three have in common is that they are malicious programs that can damage your computer and may use your computer for unauthorized activities. One of the things that differentiate Trojans from the other types of malware is that Trojans exist as a standalone application that attempts to trick users into thinking it is a useful application of system utility and authorize installation knowingly or unknowingly. In addition, Trojans do not self-replicate, while both worms and viruses do.
How are computers infected by Trojans?
In most cases, Trojans are spread through social engineering: manipulating users into allowing a file to be downloaded and installed onto a computer system. There are two primary techniques Trojan authors use to spread their wares:
- E-mail: Trojans are often attached to e-mail messages and named things that would make you think they are not suspicious. If the attachment is opened the Trojan will be executed, and the system will be infected.
- Drive-by download: Websites that cause a file to download to a computer without the visitors knowledge are called drive-by downloads. Websites that are involved in this type of activity may cause a pop-up to appear, designed to look like a system notification, stating that the system is infected. If the user follows the instructions in the window the Trojan will be downloaded and installed on the system.
How can Trojans be avoided?
First, never open any e-mail attachment that comes from a source you don't know or trust. Second, keep antivirus software installed on your computer, updated, and run regular system scans. Third, install updates to your operating system as soon as they are released. These updates often include patches to fix vulnerabilities. Fourth, use a firewall; there's one built into modern versions of most operating systems, just make sure it's activated. Fifth, if you do encounter a problem, run multiple antivirus program scans to ensure the infection is cleaned up, and consider reinstalling your operating system to remove every trace of malware.