365 Computer Security Training

A Trojan horse is type of malware (malicious software) like viruses, worms, rootkits, and spyware.  However, unlike viruses and worms a Trojan horse is not able to create copies of itself or in tech speak, self-replicate.

If you would like to know more about the other types of malware, read the following resources.  To find out more about viruses go HERE, worms HERE, rootkits HERE and finally for spyware go HERE.  Now, lets continue with Trojan horses.

What makes a Trojan unique from other types of malware is that it masquerades as a program that performs a useful function.  For example, the victim thinks that they are getting a screensaver of their favorite singer, free software, or music when in actuality it is also installing a backdoor to allow remote control of your computer system.

The term, Trojan horse, comes from the Greek story of the Trojan War, where the Greeks give a giant wooden horse as a gift to their besieged foes, the Trojans who are inside the city of Troy. After the Trojans drag the horse inside the city walls, Greek soldiers sneak out of the horse’s hollow belly and conquer the city.

Similarly, when an unsuspecting victim installs that useful new utility they may be literally opening a can of worms. The effects of a Trojan horse can be as benign as changing your background or installing silly icons on your desktop.  Unfortunately, it can be as dangerous as allowing complete or administrator level control of your system.

Trojan horses can be classified based on how they breach systems and the damage they cause. Some of the main types of Trojan horses include:

• Remote Access Trojans (RATs)
• Data Sending Trojans
• Proxy Trojans
• FTP Trojans

Remote access Trojans are arguably the most dangerous malicious code used by hackers.  They are designed to run invisibly on victim’s computers and give an intruder complete remote access and control.

Data sending Trojans can look for specific pre-defined data such as credit card numbers or passwords or they could simply install a keylogger and send all recorded keystrokes back to the attacker.

A proxy Trojan is a type of Trojan horse designed to use the victim’s computer as a proxy server that sits between the attacker’s computer and a real server.  This gives the attacker the ability to do everything from your computer, including the possibility of conducting illegal activities such as sending spam or use your system to launch attacks against other networks.

A FTP Trojan is designed to open port 21, the port for FTP transfer, and lets the attacker connect to your computer using File Transfer Protocol, FTP.

Due to the growing popularity of botnets among hackers, Trojan horses are becoming more common.   Recent surveys assert that Trojan horses account for 83% of the global malware detected in the world.

The best Trojan horse and anti-malware weapon is an up-to-date antivirus scanner.  Good antivirus software is designed to detect and delete Trojan horses, as well as prevent them from ever being installed.

Although it is possible to remove a Trojan horse manually, it requires a full understanding of how that particular Trojan horse operates. In addition, if it is possible that a hacker has used a Trojan horse to access a computer system, it will be difficult to know what damage has been done. In situations where the security of the computer system is critical, it is better to simply reformat the hard drive and reinstall the operating system and software.