What Is Trojan Malware? The Ultimate Definition

Published by Adrian in Web Security

illustration of what is trojan malware

A Trojan is a malware in disguise. Pretending to be the good kind of software, it tricks you to download and install it. Problems begin as soon as you run it, though you might not notice, at first.

Now, you can stop asking yourself what is the best description of Trojan horse malware. This is it. Impostor software that convinces you to run it, and that gives hackers access to your system.

Starting from here, there are all kinds of variations. Trojan malware can take many forms. The strategies hackers use to convince you into downloading it, the same. The destructive effects? Sometimes unimaginable.

Trojan malware is rather an umbrella term that covers all Trojan programs. By its primary role, a Trojan can be a backdoor, a downloader, or an info-stealer. Some call it a virus, others call it a worm.

But it is none.

The Trojan malware definition makes it clear. It is not a virus because it cannot self-replicate. And it is not a worm, because it cannot spread by itself. At the same time, Trojan malware is file infector, like viruses are. And can spread very fast, as worms do.

What you need to know about malware Trojan virus

So, it’s Trojan, Trojan horse, Trojan virus, Trojan malware, and so on. It goes by many names and travels through social engineering. As soon as you activate it, the cyber-criminal behind it can spy you. Or steal your sensitive data. Or gain control to your system, through a backdoor, for later use.

  • Data removal
  • Data blockage
  • Data modification
  • Data copying
  • Computer-performance impairment
  • Computer-network impairment

All these are some of the negative effects of a Trojan. Imagine that a hacker can even turn on your webcam! And you might not be able to tell.

The only good news is that for the malicious code of a Trojan to have an effect, you must first run it. The bad news is that Trojans are usually so well disguised, that you will want to run it. Of course, you will tell yourself that you’re running legitimate, harmless software.

This kind of malware excels at posing as legitimate software. Users can get it when:

  • Accessing infected websites;
  • Downloading free programs from unknown developers;
  • Downloading illegal free copies of software (aka cracked apps);
  • Opening infected email attachments;
  • And through a myriad of other strategies.

In case you were wondering, the name comes from a famous legend on the war between Greeks and Trojans. Odysseus, a Greek war strategist, came with the idea of building this huge, wooden Trojan horse. They left it on the shores of Troy, claiming to be a peace gift, the sign of their surrender.

In reality, it was a mean to keep the Greek army hidden while the Trojans brought it inside the walls of their city. Once inside, the Trojans were completely off-guard and the Greeks captured the city.

So, a Trojan is a delivery strategy. Through this strategy, hackers and cyber-thieves can deliver all kinds of malicious software. At the surface, it’s always this Trojan horse, something that looks good. Underneath it, you can never know what it is and what it actually does.

The Trojan malware definition by the type of action

Can we agree on this perspective, that Trojans are a delivery strategy? If we do, we need to look into it. The ways hackers deliver malicious code in disguise and the effects it can have… All these types of action set the frame for so many types of Trojan horses. So, by the type of actions they perform, Trojans can be:

  • ArcBomb– will insert archives that, once you try accessing them, will slow down or even freeze your device;
  • Backdoor– will give hackers remote control on your device and the power to do ANYTHING on it;
  • Banker– will target data on: online banking/payments, debit/credit cards etc.;
  • Clicker– will involve your device in ad frauds, connecting it to websites with PPC campaigns;
  • DDoS– will use your device to send requests to a specific target, as part of a DoS attack on a web address;
  • Downloader– will ease the download and installation of other malicious programs;
  • Dropper– will ease the installation of Trojans/viruses and prevent their detection;
  • Exploit– will exploit the vulnerabilities of particular software running on your system;
  • FakeAV– will pretend your device has viruses and offer to clean it in exchange for money;
  • GameThief– will steal any data it can get on online gaming accounts;
  • IM– will steal any data associated with IM accounts (MSN or AOL Messenger, ICQ, Skype etc.);
  • Mailfinder– will collect as many email addresses as it can from your device;
  • Notifier– will notify cyber-thieves about your network connections and network connectivity details;
  • Proxy– will hijack your device and turn it into a proxy server, to use it for botnet attacks;
  • PSW– will steal user account information, as it stands for Password Stealing Ware.
  • Ransom– will change the content/data on your system to block you from accessing it until you pay to restore it;
  • Rootkit– will gain root or admin access and conceal the actions of other malicious software;
  • SMS– will charge your phone bill by texting to premium rate phone numbers from your smartphone;
  • Spy– will track your activities with keyboard strokes monitoring and screenshots.

Are you curious to know how all these started?

Illustration of malware trojan notification

A little bit of Trojan malware history

Don’t worry, this won’t take you back to ancient times. 1975 is the year when ANIMAL hit the stage as the world’s first Trojan malware. As scary as its name might sound, it was more of an innocent prank. It was a game of 20 questions with a little secret…

Players were taking the time to answer its questions. Whereas the game was copying itself onto other directories. From there, people were bumping into it, downloading it and contributing to its spread. This first misleading software playing as a… game was hitting entire computer networks for fun.

The first Trojan that jumped from playing pranks to doing actual damage?

It happened in 1989 and it was the world’s first Trojan ransomware. Several thousand people got a floppy disk with the AIDS Trojan in their mailboxes. The ransomware was waiting for 90 boot cycles before encrypting all filenames. After that, it was asking the victims to send $189 to a post office box in Panama. All that to get a decryption program in exchange.

During the 2000s, Trojans hit a nerve, especially after the ILOVEYOU malware.

That one alone caused damages close to $9 billion. And from there, illegal downloading was hackers’ favorite propagation environment for inserting malware. Pretending to be video codecs, movies, music files, Trojans were, at first, a mean for the hacker to prove its power.

Later on, it all became about the money.

New types of Trojan malware were spreading. And this time, the intent was to steal banking information. Then, they aimed higher and asked ransom payments instead of trying to hack bank accounts.

Stuxnet, Tinba, Emotet Trojan are some of the names that made headlines starting with 2010.

These days, Trojan malware is no longer a prank. Given its serious threat to entire networks worldwide, people cannot ignore it. Not anymore.

When Trojan malware isn’t interested in you…

Didn’t the entire above worry you? Not even a little bit? So, you think you have nothing interesting for malware Trojan viruses to target you. But what if the Trojan isn’t after your personal data in particular?

By now, we’ve given you plenty of clues on how different types of Trojans can act. But we should insist on a particular situation: the one where hackers want to turn your computer into a… zombie.

When you have nothing valuable for an attacker, the system itself may be worth the effort. It is not uncommon for hackers to want access to your computer for higher purposes. That’s right, a zombie computer can be a very high purpose for an attacker. And it has nothing to do with raising it from the dead.

It has to do with a network of systems controlled by cyber-criminals. The network – also known as a botnet – will have a main purpose. It can be anything from spamming email users to orchestrating a serious DoS attack. It can even use your system resources for crypto mining.

Why is all this so tempting? It’s not only the attack force they get from a network of zombies. Tracking botnet attacks is a strenuous process. Thus, for the hacker, hiding behind the many sources of the attack is very convenient. That’s even more reasons for you to stay away from Trojan malware, as much as you can.

What can you do if you have Trojan malware?

Worried, after all? You should be. As we’ve seen, Trojan malware viruses aren’t just dangerous. They are also difficult to spot. In most situations, there will be no obvious tell-tale sign. You won’t know you have a Trojan (or several) running on your computer. After all, it is their purpose to trick you into considering them harmless.

Especially if the Trojan aims to give a hacker control over your system, it will keep a low profile. Because of that, fighting Trojans is more effective when you try to prevent it than when you try to get rid of it. For this purpose…

  • Pay close attention to anything that enters your device.
  • Try, as much as you can, to install software from known developers only.
  • Using a firewall can make a difference.
  • Same goes for setting up complex passwords to protect your sensitive data.
  • If you like tweaking settings, make sure your apps have the smallest range of privileges.
  • Oh, and, don’t let the AutoPlay feature active. You don’t want executable files launch by default, do you?

On top of all that, keep a good antivirus software active on your computer. Active and up to date!