What are Trojans?

What are Trojans? Only the most insidious – and potentially damaging – form of malware

Monday, 21 October, 2024

If you’re not an expert on Greek mythology, allow us to begin this article with a very brief tale about the siege of Troy, three thousand years ago.

A giant wooden horse was mysteriously deposited outside the impregnable city gates, which the curious Trojans wheeled in, believing it was a gift to the goddess Athena.

Cue the disembarkation of numerous Greek soldiers, the opening of the gates from the inside, and (soon afterwards) a fire which burned Troy to the ground.

As reported in Homer’s Odyssey, a ten-year siege was ended with a single act of cunning and deception.

The Trojan horse is almost certainly mythical, but it has inspired an equally malevolent digital successor which shares its ancestor’s name and stealth tactics.

It’s worth taking a moment to understand what are Trojans, and how they might compromise both our devices and the safety of personal or corporate data.

Feeling a little horse

A Trojan is a piece of malware disguised as a legitimate program or file.

This supposed legitimacy helps gain the trust of potential victims, who go on to download and/or install it.

Much of the program code surrounding it is legitimate – the virus will be well-hidden, just as the Greek soldiers were.

It could also be contained in a banner or pop-up advert, a website link or another vector.

Once in situ, the Trojan will activate, facilitating one of several ulterior motives.

These might include spying on user activity (keystroke logging or data submission), stealing sensitive data or even gaining access to corporate systems.

Fittingly, Trojans are often used by criminals as gatekeepers – metaphorically prising open doors to private systems and back-office functionalities.

Just as the Greek soldiers were able to run amok once they’d been unleashed, so a Trojan malware attack could leave your device – or local network – vulnerable to other invaders.

A perfectly executed attack

While many viruses and worms are self-triggering, a Trojan needs someone to activate it.

Even then, the Trojan may bide its time before launching, displaying no visible signs of its presence on a compromised device.

This helps it to dodge antivirus software scans, only executing once circumstances are optimal.

This might be the first time a compromised device accesses a particular server, opens a sensitive file or logs onto a certain website.

The compromised device doesn’t have to be a Windows PC. Trojans also successfully target Linux and macOS computers, smartphones and tablets.

Trojans may achieve numerous different objectives, but are commonly used for:

  1. Distributed Denial of Service: DDoS attacks bombard servers with information requests to force them offline, often using networks of compromised ‘zombie’ computers.
  2. Remote control: so-called backdoor Trojans provide remote access to a device, after which a hacker can copy/delete/edit data to their heart’s content.
  3. Spyware: an unwitting user could hand a watching criminal huge volumes of sensitive data, from login credentials to confidential work documents and even live screenshots.
  4. Rootkit attacks: this prevents the Trojan and other malware from being identified by antivirus software, enabling it to remain embedded for longer.
  5. Ransomware: there’s a unique horror to being locked out of your own device. The (false) promise of reinstated access in exchange for a ransom fee may initially seem tempting.

What are Trojans prevented by?

As we’ve already seen, Trojans work hard to fool antivirus software, but installing the latter with automatic update privileges remains a key defence.

If you have concerns that your device is already compromised, advanced software tools like Spybot may be able to root out (pun intended) malware squatting in your operating system.

Automatic updates should also be permitted for your device’s OS (where Trojans love to hide) and web browsers (given the risks of drive-by downloads).

Avoid insecure URLs without HTTPS prefixes or padlock icons; don’t click on unsolicited links or open unexpected email attachments; avoid illegal streams or piracy sites.

Finally, if your device begins to run slowly or act strangely (new icons appearing on the desktop, for instance), don’t ignore these warning signs.

Neil Cumins author picture

By:

Neil is our resident tech expert. He's written guides on loads of broadband head-scratchers and is determined to solve all your technology problems!