wp header logo 832

What is a Trojan Horse? Definition from WhatIs.com. – TechTarget

Breaking News Trending

In computing, a Trojan horse is a program downloaded and installed on a computer that appears harmless, but is, in fact, malicious. Unexpected changes to computer settings and unusual activity, even when the computer should be idle, are strong indications that a Trojan is residing on a computer.
Typically, the Trojan horse is hidden in an innocent-looking email attachment or free download. When the user clicks on the email attachment or downloads the free program, the malware hidden inside is transferred to the user’s computing device. Once inside, the malicious code can execute whatever task the attacker designed it to carry out.
Before a Trojan horse can infect a machine, the user must download the server side of the malicious application. The Trojan horse cannot manifest by itself. The executable file (.exe file) must be implemented and the program must be installed in order for the attack to be unleashed on the system. Social engineering tactics are often used to convince end users to download the malicious application. The download trap may be found in banner ads, website links or pop-up advertisements.
However, the most popular tactic for spreading Trojan horses is through seemingly unthreatening emails and email attachments. Trojan horse developers frequently use spamming techniques to send their emails to hundreds or thousands of people. As soon as the email has been opened and the attachment has been downloaded, the Trojan server will be installed and will run automatically each time the computer turns on.
It is also possible for an infected computer to continue spreading the Trojan horse to other computers, creating a botnet. This is accomplished by turning an innocent computer into a zombie computer, meaning the person using the infected computer has no idea it is being controlled by somebody else. Hackers use these zombie computers to continue dispersing additional malware to create a whole network of zombie computers.
Laptop and desktop computer users are not the only ones who are at risk of a Trojan horse infection. Trojans can also attack mobile devices, such as smartphones and tablets with mobile malware. This form of infection could result in an attacker redirecting traffic on these Wi-Fi connected devices and using them to commit cybercrimes.
Here is one example of how a Trojan horse might be used to infect a personal computer:
The victim receives an official-looking email with an attachment. The attachment contains malicious code that is executed as soon as the victim clicks on the attachment. Because nothing bad happens and the computer continues to work as expected, the victim does not suspect that the attachment is actually a Trojan horse, and his computing device is now infected.
The malicious code resides undetected until a specific date or until the victim carries out a specific action, such as visiting a banking website. At that time, the trigger activates the malicious code and carries out its intended action. Depending upon how the Trojan has been created, it may delete itself after it has carried out its intended function, it may return to a dormant state or it may continue to be active.
When a Trojan horse becomes active, it puts sensitive user data at risk and can negatively impact performance. Once a Trojan has been transferred, it can:
Over the years, Trojan horses have been discovered by antimalware vendors, security researchers and private individuals. Some of the most famous discoveries include:
Other common types of Trojan horses include:
Some additional Trojan types include Trojan-ArcBomb, Trojan-Clicker, Trojan-Proxy and Trojan-Notifier.
A Trojan horse may also be referred to as a Trojan horse virus, but is technically incorrect. Unlike a computer virus, a Trojan horse is not able to replicate itself, nor can it propagate without an end user’s assistance. Attackers must use social engineering tactics to trick the end user into executing the Trojan.
Since there are so many kinds of Trojan horses, the term can be used as a general umbrella for malware delivery. Depending on the attacker’s intent and application structure, the Trojan can work in a multitude of ways — sometimes behaving as standalone malware, other times serving as a tool for other activities like delivering payloads, opening the system up to attacks or communicating with the attacker.
Since Trojan horses frequently appear disguised as legitimate system files, they are often very hard to find and destroy with conventional virus and malware scanners. Specialized software tools are often necessary for the identification and removal of discrete Trojan horses.
However, it’s possible to identify the presence a Trojan horse through unusual behaviors displayed by a computer. The quirks could include:
It is necessary to note that safe, legitimate software applications can also cause some of the uncommon behaviors listed above. Furthermore, adware and potentially unwanted programs (PUPs) are sometimes confused with Trojan horses due to their similar delivery methods. For example, adware can sneak onto a computer while hiding inside a bundle of software. However, unlike Trojan horses, adware and PUPs do not try to conceal themselves once installed on the computer.
The easiest way to protect a system from a Trojan horse is by never opening or downloading emails or attachments from unknown sources. Deleting these messages before opening will prevent the Trojan horse threat.
However, computer security begins with and depends on the installation and implementation of an internet security suite. Because the user is often unaware that a Trojan horse has been installed, antimalware software must be used to recognize malicious code, isolate it and remove it. To avoid being infected by a Trojan horse, users should keep their antivirus and antimalware software up to date and practice running periodic diagnostic scans.
Other tips for protecting a system include:
If a Trojan horse is identified on a computer, the system should immediately be disconnected from the Internet and the questionable files should be removed using an antivirus or antimalware program or by reinstalling the operating system.
The hardest part of the removal process is recognizing which files are infected. Once the Trojan has been identified, the rest of the process becomes simpler. Users can sometimes find the infected files using the dynamic link library (DLL) error which is frequently presented by the computer to signify the presence of a Trojan horse. This error can be copied and searched online to find information about the affected .exe file.
Once the files are identified, the System Restore function must be disabled. If this function is not disabled, then all the malicious files that are deleted will be restored and will infect the computer once again.
Next, users must restart their computer. While restarting, users should press the F8 key and select safe mode. Once the computer has successfully started up, users should access Add or Remove programs in the control panel. From here, the infected programs can be removed and deleted. In order to ensure all extensions associated with the Trojan application are removed, all of the program files should be deleted from the system.
Once this is complete, the system should be restarted once again, but this time in the normal start-up mode. This should complete the Trojan horse removal process.
The term Trojan horse stems from Greek mythology. According to legend, the Greeks built a large wooden horse that the people of Troy pulled into the city. During the night, soldiers who had been hiding inside the horse emerged, opened the city’s gates to let their fellow soldiers in and overran the city.
In computing, the term was first named in a 1974 U.S. Air Force report that discussed vulnerability in computer systems. It was later made popular by Ken Thompson when he received the Turing Award in 1983 — an award given by the Association for Computing Machinery (ACM) to an individual of technical importance in the computer field.
During the 1980s, an increase in bulletin board systems (BBS) contributed to the accelerated spread of Trojan horse attacks. A BBS was a computer system that ran software that permitted users to penetrate the system using a phone line. Once a user was logged into the BBS, they could proceed with actions like uploading, downloading and sharing potentially malicious data.
The first Trojan horse virus was called the pest trap or Spy Sheriff. This early Trojan horse was able to reach and infect about one million computers around the world. It appears as a mass amount of pop-up ads that mostly looked like warnings, alerting users to the necessity of an obscure software application. Once the Spy Sheriff Trojan horse is successfully installed on a computer, it becomes extremely difficult to remove. Antivirus and antimalware software are usually unable to detect Spy Sheriff and cannot remove it with a system restore. Furthermore, if a user tries to erase the Spy Sheriff software, the Trojan horse reinstalls itself using hidden infected files on the computer.
In October 2002, a man was arrested after 172 images of child pornography were found on his computer’s hard drive. It took almost a year for the court to finally acquit him of charges and accept his defense declaring that the files had been downloaded without his knowledge by a Trojan horse. This is one of the first cases in which the Trojan horse defense was successful.
Editor’s note: This article was republished in December 2022 to improve the reader experience.
When planning wireless network capacity needs, tally your total endpoints, monitor application bandwidth usage and consider …
Private wireless networks enable more control over networks, but they aren’t right for every organization. Here’s what to …
Arista’s new switches provide more options for enterprises and higher speeds for bandwidth-hungry hyperscalers. The latest …
Yes, the economy is a large factor in how CIOs will do their jobs next year. Insiders point to nine other factors that will …
Major antitrust cases are expected to play out in 2023 while federal regulators consider new interpretations of existing …
Digital technologies have a hidden environmental cost that too-few leaders have on their radar. Learn which technologies have a …
Modern enterprise organizations have numerous options to choose from on the endpoint market. Learn about some of the main …
Monitoring files on Windows systems is critical to detect suspicious activities, but there are so many files and folders to keep …
While Microsoft Loop is not yet generally available, Microsoft has released details about how Loop can connect users and projects…
Open source PaaS is a good option for developers who want control over application hosting and simplified app deployment, but not…
PaaS is a good option for developers who want control over application hosting and simplified app deployment, but not all PaaS …
It is challenging to find the right balance between performance, availability and cost. Learn how to enable and apply AWS Compute…
Here are Computer Weekly’s top 10 financial services IT articles of 2022, looking back at the moves and changes over the past year
Computer Weekly talks to more IT leaders than any other publication, so we can share insights into the latest in strategy and …
Here are Computer Weekly’s top 10 Benelux articles of 2022
All Rights Reserved, Copyright 2000 – 2022, TechTarget

Privacy Policy
Cookie Preferences
Do Not Sell or Share My Personal Information


Leave a Reply

Your email address will not be published. Required fields are marked *