If you know your history, you will know that Trojan horses were wooden horses, used by the Greeks when they won the Trojan war. In the digital world however, Trojan horses have a completely different use.
A Trojan horse (also known simply as Trojan) is malicious software or code that can take control of your computer. Trojans can look like genuine software or code that can easily be executed by the user unknowingly through files that have been downloaded from the internet. Once a Trojan horse has been executed, it can disable any security software on your PC or cause it to not work correctly.
The Origin of Trojan Horses
All the way back in 1975, a computer programmer named John Walker created one of the first recorded Trojans called “Animal” for a series of 32-bit computer systems known as UNIVAC 1108. Animal was a simple game that tried to guess what animal a person was thinking of by asking them 20 simple questions. In the background, the game would find all the current directories on the user’s computer that they had access to and try to find up-to-date versions of the game. If the user did not have up-to-date versions of Animal, the game would copy itself into those directories and overwrite any older versions.
Unlike malicious Trojans, Animal did not contain any malicious code that could take advantage of any operating system vulnerabilities that could end up damaging the computer system.
What Are Some Types of Trojans Out There?
DDoS (Distributed Denial of Service)
A DDoS Trojan is designed to launch a denial-of-service attack from an infected computer to a victim’s website server or an IP address. It involves sending substantial amounts of traffic from infected computers to those servers or IP addresses until they are overloaded and forced offline. To pull this off, cybercriminals need to infect as many computers as possible with DDoS Trojans in order to send large amounts of traffic to the victim.
An ArcBomb Trojan is designed to slow down the performance or completely freeze a victim’s computer, making it unusable. This can be done when an archive RAR or ZIP file that contains large amounts of data (for example 8GB worth of files) is compressed into a small 800KB archive file. These archive files can also include identical and repeating data. When a victim tries unpacking the archive file, it can cause the computer’s unpacking algorithm to crash. This Trojan can cause damage to files or mail servers as these types of servers typically process incoming data.
These types of Trojan horses function as fake antivirus software. They usually work by displaying fake pop-ups asking the user to “upgrade” or run scans to detect and remove non-existent threats on the computer in exchange for money. FakeAV Trojans will usually spam these types of pop-ups to make the user worry about their computer’s security.
A ransom Trojan (also known as ransomware) encrypts files on a victim’s computer. When the files are encrypted, a pop-up screen is shown to the victim demanding they pay a ransom to the cybercriminal that made the Trojan. Payments are usually expected to be paid in Bitcoin or a similar cryptocurrency that is anonymous. If the victim fails to pay the ransom within the given time frame, their personal files remain encrypted and become useless.
These types of Trojans have become extremely popular over the last few years as it is an effortless way for cybercriminals to earn money. A notable case where this type of Trojan was used to infect computers, was the WannaCry ransomware attack back in 2017. It worked by exploiting a vulnerability in Microsoft’s Windows older operating systems. One of the largest entities hit by the attack was NHS England and Scotland. Up to 70,000 computers were infected by the Trojan and caused mass disruption to the NHS service.
How to Tell If Your Computer Has Been Infected by a Trojan Horse
When your computer has been infected by a Trojan horse, it can display these common signs:
- Your computer suddenly reboots randomly on its own.
- Your computer’s performance is very slow and programs often become unresponsive.
- Random programs are installed on your computer that you do not recognise.
- Pop-up windows appear when you boot up your computer asking for personal information or giving fake alerts about viruses.
- Your antivirus and/or firewall has been disabled.
Defending Against Trojan Horses
As Trojan horses are downloaded from the internet, you should always verify if what you are downloading is legitimate. Make sure that you only download files from genuine websites that you trust. Genuine websites are more likely to have a padlock (HTTPS://) next to the website address and do not have incorrect spellings in the address.
Other measures should also be taken when it comes to defending against Trojans. You should make sure that your computers operating system is up-to-date with security patches. It is important to do this because security patches fix vulnerabilities that a Trojan could exploit to damage your computer. You should also make sure that your internet browser is up-to-date as this can help prevent a drive-by download attack when visiting websites. Keeping your firewall on will help to keep internet connections secure by filtering traffic, preventing most Trojans from reaching your personal computer.
You should always watch out for spam emails that reach your inbox. Do not open any links or attachments unless you know it is from a legitimate sender. Always make sure to delete spam emails that you do not trust and block the sender’s email using the reporting tools provided by your email client.
Very good article. I didn’t really know what trojan horse were in terms of tech but now i have some understanding. good read.