What is a Trojan?

Historically known as the wooden structure used by Greek soldiers to capture the ancient city of Troy, the Trojan horse, also referred to simply as a Trojan, is now most often associated with malware.

The term is used to describe malicious software disguised as a legitimate programme or application capable of damaging or intercepting a user’s device. 

Similarly to the Greek soldiers hiding inside the gifted wooden horse, the malware prefers to sneak its way into a device and lay low while it gathers information necessary to perform malicious functions. As it remains undetected, the Trojan can copy info to send back to its creator, block access to data, and even drain the machine of resources.

From stealing financial information to attacking with DDoS software, Trojans are capable of performing an array of malicious tasks on your computer, whether it involves embedding a backdoor or injecting rootkits which conceal certain objects or activities in your system.

Trojans are also thought to be relatively inexpensive and widely-available. According to a high-profile NCA investigation conducted in 2019, remote access Trojans (RATs) were found to be purchasable from a seized website for as little as $25 (£19). The  internationally-coordinated effort, which involved search warrants issued across nine countries, resulted in nine arrests made in the UK, 14 globally, and more than 400 items were seized in total. However, criminals still succeeded in infecting thousands of devices.

Apart from its low price and wide availability, Trojans are also considered some of the most effective tools for hackers. Unfortunately, once the malware finds its way into a machine, it’s often too late to prevent malicious functions from initiating.

Types of Trojan

What is important to remember is that the term “Trojan” is actually just an umbrella term for a wide variety of malware types, from RATs to cryptocurrency miners. In fact, Trojans are usually named after the way they behave once they gain access to a system.

Backdoor Trojans, sometimes referred to as remote access Trojans (RATs), are built with the intention to allow cyber criminals to grasp full control over a system. They achieve this by creating a so-called backdoor that lets them come and go as they please for as long as the Trojan goes undetected, and can be used for an array of illegal activities, from spying on users to implementing larger cyber attacks.

Download Trojans, as their name suggests, are capable of downloading other malicious programmes once they gain access to a system. The most common tools are keyloggers, which harvest any usernames and passwords entered into the system, or cryptocurrency miners, which take advantage of a system’s processing power in order to subtly mine for Bitcoin as well as other digital tokens.

Banking Trojans, otherwise known as ‘Trojan bankers’, focus primarily on financial gain. They are able to conceal themselves within a system, waiting for the moment when the user decides to access a financial service such as an online bank account. They then intercept this traffic and redirect their victim to a fraudulent website which usually contains data capture forms used to steal the victim’s information.

Banking Trojans have enjoyed considerable success in the past, with some famous examples including Zeus, Dridex, and Kronos. However, with today’s heightened security measures as well as proactive efforts to prevent this style of attacks, banking Trojans aren’t as common as they used to be.

How to protect against Trojans

While Trojans can cause significant damage if loaded on someone’s system, there are ways to prevent malware from causing problems.

Simple steps such as avoiding unsafe websites and keeping accounts safe with secure passwords and firewalls can help prevent malware attacks. Updating a device’s operating system as soon as possible will also help prevent Trojans from causing damage as malware tends to exploit the problems in outdated software.

It’s also advisable to back up your files regularly, as if a Trojan infects your computer, this will help you to easily restore your data.

However, perhaps the most effective way of preventing this kind of malware attack is by installing anti-malware software on devices and running diagnostic scans with this software periodically.