What is a Trojan?

We've all been told the tale of the Trojan Horse, the enormous wooden horse built by the invading Greek army to bring an end to the siege of Troy. What appeared to be a parting gift left by a defeated army, the hollow structure concealed a unit of Greek soldiers that lept forth under the cover of darkness and attacked the defenders when their guard was down.

The war was one of the most famous events in Greek mythology, and, despite being over 2,500 years old, still has plenty to teach us about misdirection and subterfuge – especially when it comes to cybersecurity.

Today, hackers are using their own wooden horses to bypass network security. A Trojan, as the name suggests, is a variant of the malware family that attempts to masquerade as legitimate software in order to sneak past a network's defences and, when the time is right, deliver a nasty payload.

The immediate effect of a Trojan is not always immediately obvious. The malware can be used to spy on user activity without their knowledge or modify or copy data stored on a system. However, it can be far more disruptive, draining a system of its computing power or blocking access to data.

Types of Trojan

Trojans are labelled differently depending on the purpose for which they're designed and the methods they use to access a system.

Backdoor Trojans, once downloaded and executed, allow hackers to access and control a user's computer remotely. There are various reasons a malicious actor may wish to use a backdoor, for example, it allows them to snoop around inside the system for useful data, modify files or monitor the device while in use. If this type of Trojan goes undetected and the vulnerability that allowed it to be downloaded unpatched, it also means the attacker can come back at any time.

Downloader Trojans act as a dropship for other malware. Once the Trojan has been opened and executes, it starts downloading other malware onto the computer. These could be anything from keyloggers to cryptocurrency miners to ransomware.

Banking Trojans specifically target users' financial data and transactions. Once downloaded, they go looking for cookies related to financial services that will have been stored by the computer when the user visited the website of their bank, for example.

Using this information, the Trojan can redirect the user away from a legitimate banking site to a scam one in order to steal login credentials. Historically, banking Trojans like Zeus, Dridex and Kronos were very popular with cybercriminals, however, financial institutions have implemented greater security measures in recent years, rendering them less effective.

While Trojans can cause significant damage if loaded on someone’s system, there are ways to prevent malware from causing problems.

Simple steps such as avoiding unsafe websites and keeping accounts safe with secure passwords and firewalls can help prevent malware attacks. Updating a device’s operating system as soon as possible will also help prevent Trojans from causing damage as malware tends to exploit the problems in outdated software.

However, perhaps the most effective way of preventing this kind of malware attack is by installing anti-malware software on devices and by running diagnostic scans with this software periodically.