A Trojan masks itself as a legitimate program or file so it can get inside your computer and perform malicious actions. While nobody wants to get hacked, millions of people fall prey to criminals every year. How does a Trojan virus work? And, more importantly, how can you protect yourself?
Carlos Martinez
Oct 07, 2021 · 5 min read
Let’s start with a story. During the Trojan war more than 3,000 years ago, the Greeks built a huge wooden horse and brought it to the gate of the city of Troy. The Trojans thought it was a gift and a war trophy symbolizing their victory.
What they didn’t know was that, inside that wooden horse, a bunch of Greek warriors were hiding. When the horse was dragged into the city, the Greeks got outside, opened the gate to the other troops, and destroyed the city.
Trojan horses in computing work exactly the same: they pretend to be what they’re not to get inside your system and put your computer under siege. Hackers use various social engineering techniques to trick people into downloading malware, and their methods are getting more and more sophisticated every year.
A Trojan is often called a virus, but that’s not entirely true. A virus can replicate itself and spread its copies further, whereas a Trojan horse can’t. Technically, a Trojan horse is a type of malware.
Trojan malware can steal your passwords, record your keystrokes, modify your data, and even download more malicious programs in the background. Some Trojans start their harmful actions the moment they get inside your computer, while others wait for instructions from a hacker. A hijacked computer can be used to create a botnet and execute DDoS attacks.
You can accidentally download a Trojan bundled with some program or click on a malicious email attachment. At first, you might not know that you have an invisible guest on your device, and, for some people, it can take a while to realize that something’s wrong.
There are different types of Trojan malware, depending on the goal a hacker is trying to achieve and the way a Trojan operates. Let’s discuss the most common ones.
Backdoor Trojan. This type of Trojan gives remote access to your computer so hackers can execute commands, spy on your data, and perform other malicious actions. A backdoor Trojan can invite more malware inside your computer and completely ruin your system.
Banking Trojan. Banking Trojans use keyloggers to steal your credit card details, passwords, and authentication details. Hackers can impersonate a well-known bank, create a fake website, and trick users into typing their credentials. Usually, these types of scams are conducted through a malicious link in an email or text message.
Downloader Trojan. These Trojans have only one mission: to get inside your system and then download more malware.
DDoS Trojan. In a DDoS attack, a target network, server, or service is flooded with a huge amount of traffic, which causes the system to crash. These attacks are usually executed by botnet armies, a bunch of infected devices that have no idea about the processes running in the background. DDoS Trojans are only interested in recruiting more “zombie” soldiers to the botnet army so a hacker could acquire enough resources to launch an attack.
Fake antivirus Trojan. As the name suggests, fake antivirus Trojans pretend to be legitimate antivirus software. They cause panic among users by claiming that their system is infected and push them to pay for additional features. If you decide to pay, things might get even worse.
Ransom Trojan. This type of Trojan encrypts your data and holds it to ransom. If you refuse to pay the criminals, you might not get your files back. However, there’s no guarantee that you will retrieve your data even after paying. Ransomware often targets healthcare institutions, because they are more likely to pay money for getting their systems to work again.
SMS Trojan. While SMS Trojans cause less trouble than some other types of Trojans, they can still cost you a lot. They can send text messages to premium rate numbers and intercept your communication.
GameThief Trojan. Online gaming accounts are in high demand on the dark web, so criminals launch Trojans that steal users’ credentials.
Mailfinder Trojan. Mailfinders extract email addresses from the victim’s device and then send them to a hacker, who can then use them to orchestrate other vicious attacks.
Trojan-spy. These Trojans are built to spy on victims for various purposes, such as stealing sensitive data or gathering intelligence.
It can be hard to tell if you have a Trojan on your device. But, if you’re experiencing any of the issues mentioned below, you might have an unwanted guest:
Nobody can be 100% safe from Trojan horses, and each of us could fall prey to criminals. However, with certain software and some common sense, you can minimize the risk of getting infected. Here are a few pieces of advice on how to protect yourself from Trojans and other malware:
Use a VPN. A virtual private network encrypts your internet traffic and hides your IP address, thus improving your security. It’s especially useful on public Wi-Fi, as hackers can set a fake hotspot and infect your device remotely.
With one NordVPN account, you can protect up to six devices: smartphones, laptops, tablets, routers, and more.