A Trojan horse—also called a Trojan virus or simply a Trojan—is a type of malware that disguises itself as legitimate software. They appear innocent or beneficial from the outside, but these files execute harmful actions, from installing spyware to encrypting critical files once users interact with them.
Trojan horses accounted for at least six of the 11 most common malware strains in 2021, according to the Cybersecurity and Infrastructure Security Agency (CISA). In light of this threat, businesses should learn all they can about Trojans to stay safe.
Table of Contents
What does a Trojan horse virus do?
Trojan horses deceive people into thinking they’re harmless. Once a user installs or runs the application, it executes the hidden malware.
Despite the moniker “Trojan virus,” these programs aren’t technically viruses. Whereas a virus can execute and replicate itself, a Trojan requires action from the users to run and spread. That’s why they disguise themselves as legitimate programs people want to download and install.
Once inside a system, Trojans can perform a wide range of attacks. Because of their deceiving nature, many cybercriminals use them to quietly spread spyware or ransomware behind the scenes. However, some Trojan strains immediately carry out more noticeable attacks when users run them.
5 types of Trojan horses
Trojans are a remarkably popular type of malware and can appear in forms as varied as backdoor Trojans, DDoS Trojans, downloaders, ransom Trojans, and rootkit Trojans.
1. Backdoor Trojans
A backdoor Trojan installs a backdoor on your computer once inside, granting cybercriminals remote access. Attackers often use them to create botnets, which carried out hundreds of thousands of attacks in 2022 alone.
2. DDoS Trojans
Distributed denial of service (DDoS) Trojans often overlap with backdoor Trojans. These malware strains take control of an infected computer to overload a website or network with requests as part of a DDoS attack.
3. Downloader Trojans
Downloader Trojans serve as the first step to larger attacks. Once users install these programs, the Trojan downloads other malicious software, much like how malvertising installs malware through seemingly innocuous ads. Some of these attacks just download adware, but cybercriminals also use them to spread more damaging software.
4. Ransom Trojans
Ransom Trojans are some of the most disruptive types. These slowly spread across users’ devices, hindering performance or blocking critical data, demanding a ransom in return for undoing the damage.
5. Rootkit Trojans
A rootkit Trojan conceals itself or other malware so it can run malicious programs undetected for longer. They buy cybercriminals more time, enabling much larger, potentially damaging attacks.
Best practices to prevent Trojan horse viruses
Trojans can cause considerable damage, so businesses should try to prevent them as much as possible. Prevention starts with better credential management, as 90% of all cyberattacks originate from compromised usernames or passwords. Use multifactor authentication (MFA) and vary passwords between accounts to stop an attacker from infiltrating your account and installing a Trojan.
User education is also important, as Trojans try to trick people into thinking they’re harmless. Employees should know to never click on unsolicited links, download software from unverified sources, or open attachments from people they don’t know.
Scanning email attachments before clicking on them can also help identify Trojans before accidentally installing them. Users should avoid visiting potentially unsafe websites; stricter network administrator policies and security software can help with this by establishing blocklists and allowlists of certain sites.. Ad blockers are another useful tool, as they can prevent Trojan attacks originating from malvertising.
How to detect and recover from Trojan attacks
Even with these preventive measures, businesses should never assume they won’t experience a successful attack. Almost half of all small businesses have fallen victim to cyberattacks in the past year. A plan to detect and recover from successful Trojan attacks will mitigate their impact.
Because Trojans operate behind the scenes, they’re difficult to spot manually. Sudden performance changes or changing settings are telltale signs, but at that point, most of the damage is already done. The best way to detect Trojans is with anti-malware or antivirus software.
Regular security scans can detect malicious code hidden within seemingly harmless files and alert you to the issue. You can then use this software to remove the infected programs safely. Be sure to keep anti-malware solutions updated to ensure they can detect changing attack vectors and new Trojan strains.
Trojans on phones and mobile devices
It’s important to recognize that Trojans can impact mobile devices, too. Laptop and desktop computers are still the most common targets, but malware strains are also starting to affect phones and tablets.
Trojans are the most common type of mobile malware, with downloader Trojans alone accounting for 26.28% of all threats. Many of these are apps, often pretending to be legitimate. Cybercriminals can also install Trojans on a mobile device through malicious links in text messages or emails.
Users should only download apps from first-party stores to avoid downloading mobile Trojan horses. Similarly, you should avoid clicking links on unsolicited texts, emails, or messages from unknown sources. Using an anti-malware solution with support for mobile operating systems will also help.
Real-world examples of Trojan viruses
Whether mobile or otherwise, these threats are more than just theoretical. Trojan attacks have affected thousands, if not millions, of users, including several high-profile organizations.
Emotet
One of the most infamous Trojan examples is Emotet, which first emerged in 2014 as a banking Trojan, targeting users’ accounts. It evolved to carry a wide range of different malware strains, leading to 16,000 alerts in 2020 as more cybercriminals embraced it.
Zeus
Zeus—also called Zbot—is another infamous Trojan. This malware strain gained notoriety in 2007 when it stole information from more than 1,000 computers belonging to the U.S. Department of Transportation. After infecting devices, the Trojan would log keystrokes to learn users’ passwords, banking info, and more.
Rakhni
The Rakhni Trojan first appeared in 2013 and became popular again in 2018 as its use cases expanded. Rakhni lets cybercriminals either infect targets’ devices with ransomware or take control of them to mine cryptocurrency.
5 antivirus tools that prevent and detect Trojan horses
Reliable anti-malware tools are your best defense against Trojans. These five solutions represent some of the leading options for preventing, detecting, and removing Trojan viruses today.
1. Bitdefender Total Security
Bitdefender Total Security offers a comprehensive security platform, including a cloud-based malware scanner, phishing protection, and support for virtually all operating systems. This coverage helps prevent Trojan infections on any device. It’s available both as a stripped-down free version, and a subscription starting at $39.99 per year for coverage for five devices.
2. Avast One
Avast One offers advanced malware scanning on all device types, including mobile endpoints. It also has anti-phishing and ransomware prevention features and has a free tier for users with smaller budgets, as well as individual and family plans starting at $4.19 per month for five devices.
3. Norton 360 Deluxe
Norton is the most popular provider of paid antivirus, and its 360 Deluxe platform is ideal for stopping Trojans. It uses machine learning to detect suspicious activity, helping it spot Trojans faster and more accurately. They have a variety of subscription tiers, starting at $19.99 per year for a single device, or $49.99 per year for five devices.
4. McAfee Total Protection
McAfee Total Protection also uses AI to detect malware like Trojans. It has useful restoration features to recover stolen data and manage accounts in the event of a successful Trojan attack. It offers a basic, single-device subscription for $29.99 per year, or more advanced security starting at $39.99 per year for five devices.
5. Malwarebytes
Malwarebytes deserves mention as a free alternative to these paid anti-Trojan solutions. However, it requires you to manually start a scan instead of monitoring devices automatically. Since 85% of data breaches stem from human error, reliance on manual processes isn’t ideal, but it is better than nothing. Malwarebytes does also offer paid enterprise-level protection plans starting at $69.99 per device, per year—but you have to enroll at least 10 devices.
Bottom line: Protecting your organization from Trojan horses
Trojan horse viruses are some of the most pervasive and potentially difficult-to-spot threats facing companies today. However, the right approach can prevent and remove them effectively. You can stay safe when you know what these programs do, how they infect devices, and how you can address them.
Here are the top enterprise networking security companies to know about. You can also get to know the ins and outs of network security with our complete guide.
FAQs
What Is a Trojan Horse Virus? Definition, Prevention, and Detection | ENP? ›
A Trojan horse—also called a Trojan virus or simply a Trojan—is a type of malware that disguises itself as legitimate software. They appear innocent or beneficial from the outside, but these files execute harmful actions, from installing spyware to encrypting critical files once users interact with them.
What is a Trojan horse virus simple definition? ›What Is a Trojan Horse Virus? A Trojan Horse Virus is a type of malware that downloads onto a computer disguised as a legitimate program. The delivery method typically sees an attacker use social engineering to hide malicious code within legitimate software to try and gain users' system access with their software.
What is Trojan and how do you prevent it? ›Never download or install software from a source you don't trust completely. Never open an attachment or run a program sent to you in an email from someone you don't know. Keep all software on your computer up to date with the latest patches. Make sure a Trojan antivirus is installed and running on your computer.
What is a Trojan horse in your own words? ›A Trojan Horse (Trojan) is a type of malware that disguises itself as legitimate code or software. Once inside the network, attackers are able to carry out any action that a legitimate user could perform, such as exporting files, modifying data, deleting files or otherwise altering the contents of the device.
How are Trojans detected? ›To find it, the user must initiate a full computer scan with an anti-virus scanner. This should be able to identify all threats and inform the user of the name of the malware. In addition, the scanner usually recommends the necessary measures to completely remove the Trojan and the installed malware from the system.
What is Trojan horse virus in real life example? ›Trojans generally spread by some form of social engineering. For example, where a user is duped into executing an email attachment disguised to appear innocuous (e.g., a routine form to be filled in), or by clicking on some fake advertisement on social media or anywhere else.
Why is a Trojan horse not a virus quizlet? ›A Trojan horse is not a virus. It is a destructive program that looks as a genuine application. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive.
What is the best description of Trojan horse malware? ›In computing, a Trojan horse is a program downloaded and installed on a computer that appears harmless, but is, in fact, malicious. Unexpected changes to computer settings and unusual activity, even when the computer should be idle, are strong indications that a Trojan is residing on a computer.
What causes Trojan horse virus? ›Many users install trojans from file-sharing websites and fake email attachments. You can also get attacked from spoofed chat messages, infected websites, hacked networks and more.
How did the Trojans protect themselves? ›Around the city, the Trojans had built a strong wall so no enemy could attack them from the sea. During wars, the gates would be closed and the city would be like a strong fortress, safe from all attacks. It was protected by the walls surrounding it and the hills behind it.
What is a Trojan horse quizlet? ›
Trojan Horse ( or Trojan) A malware program that appears to perform some useful task, but which also does something with negative consequences (e.g., launches a keylogger) Trojan Horse Characteristics. -Often concealed as a utility program that is advertised to do a routine task easier or give additional functionality.
What is a Trojan horse in a sentence? ›Meaning of Trojan horse in English
a person or thing that joins and deceives a group or organization in order to attack it from the inside: Older supporters have accused the new leadership of being a Trojan horse that will try to destroy the party from the inside.
Inside the Trojan Horse was enough space for 40 warriors. Assuming that the Greeks had left, the Trojans brought the horse inside. While they slept, the Greeks climbed out of the Trojan Horse and took Troy by siege, ending the Trojan War.
Are Trojans hard to detect? ›Check your startup programs.
Trojans can also hide in your computer's startup process. These Trojans are harder to detect because they're in the system memory. That's why you should check your device's startup programs as well.
Trojan viruses are a formidable threat to businesses and individuals. They're subtle, often go undetected, and can lead to a range of adverse effects from malware. They can grant access to sensitive data and credentials or be used to conduct special attacks and extort businesses.
Can a Trojan virus track you? ›Trojan-Spy programs can spy on how you're using your computer – for example, by tracking the data you enter via your keyboard, taking screenshots or getting a list of running applications.
What are the effects of Trojan horse virus? ›What does a Trojan do? The effects of Trojans can be highly dangerous. Like viruses, they can destroy files or information on hard disks. They can also capture and resend confidential data to an external address or open communication ports, allowing an intruder to control the infected computer remotely.
Is Trojan horse a virus or antivirus? ›A Trojan horse is not a virus. It is a destructive program that looks as a genuine application. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive.
How do you get rid of a Trojan horse? ›- Go to your PC settings.
- Go to Apps and Features.
- Click on the Trojan-infected program.
- Click Uninstall.
A Trojan is sometimes called a Trojan virus or a Trojan horse virus, but that's a misnomer. Viruses can execute and replicate themselves. A Trojan cannot. A user has to execute Trojans.
How is Trojan horse different from other virus? ›
Unlike viruses, Trojan Horses do not replicate themselves, but they can be just as destructive. Trojans also open a backdoor entry to your computer, giving command to malicious actor or allowing malicious users/programs access to your system.
What is the best description of Trojan horse malware quizlet? ›(The best description of Trojan horse malware, and what distinguishes it from viruses and worms, is that it appears as useful software but hides malicious code. Trojan horse malware may cause annoying computer problems, but can also cause fatal problems.
How do you know if you have a Trojan horse virus? ›- Your computer is running slower than usual. ...
- Unauthorized apps are appearing on your device. ...
- You experience constant operating system crashes and freezes. ...
- You experience an increasing number of internet redirects. ...
- You experience frequent pop-ups. ...
- Applications won't start.
Describe trojan malware. More than one answer may be correct. - It is often found attached to free downloads and apps. - It is often used to find passwords, destroy data, or to bypass firewalls.
What is Trojan and how is it harmful? ›A Trojan horse (or Trojan) is one of the most common and dangerous types of threats that can infect your computer or mobile device. Trojans are usually disguised as benign or useful software that you download from the Internet, but they actually carry malicious code designed to do harm—thus their name.
What is a Trojan horse and how it is spread out? ›A virus is a program that spreads by attaching itself to other software, while a trojan spreads by pretending to be useful software or content. Many experts consider spyware programs, which track user activity and send logs or data back to the attacker, as a type of trojan.
What killed the Trojans? ›According to the Roman epic poet Virgil, the Trojans were defeated after the Greeks left behind a large wooden horse and pretended to sail for home. Unbeknown to the Trojans, the wooden horse was filled with Greek warriors. They sacked Troy after the Trojans brought the horse inside the city walls.
When was the Trojan Horse used? ›1184 B.C.: During the Trojan War, the Greeks depart in ships, leaving behind a large wooden horse as a victory offering. It is hauled inside the walls of Troy, and Greek soldiers descend from the horse's belly after dark to slay the guards and commence destruction of the city.
Why are Trojans important? ›Final Thoughts. The Trojan War was a huge and important war in Greek mythology. It was important because it's the earliest recorded myth that we have that was written down, and it set the stage for the Odyssey and the Illiad.
Where is a Trojan horse? ›A replica of the Trojan Horse stands today in Turkey, the modern day location of the city of Troy.
Do viruses worms and Trojan horses replicate themselves to other computers or devices? ›
Can Trojan Horses Replicate Themselves? Even though viruses, Trojans, and worms are all malware, they act differently in how they execute themselves on a system. While viruses and worms self-replicate to establish their presence, Trojans do not.
How does a Trojan horse infect a computer system quizlet? ›A Trojan does not replicate (i.e. infect other files), nor does it make copies of itself as worms do. A Worm scans the network for other security loopholes and then copies itself to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it.
What's another word for Trojan horse? ›On this page you'll find 4 synonyms, antonyms, and words related to Trojan horse, such as: decoy, and subversive device.
Which software tracks your Internet browsing habits and sends you Pops? ›Spyware collects your personal information and passes it on to interested third parties without your knowledge or consent. Spyware is also known for installing Trojan viruses. Adware displays pop-up advertisements when you are online.
Did Trojan Horse happen? ›At the center of it all was the Greek siege of Troy, and we all know how that ended — with a giant wooden horse and a bunch of gullible Trojans. Or did it? Actually, historians are pretty much unanimous: the Trojan Horse was just a myth, but Troy was certainly a real place.
Was the Trojan Horse a trick? ›The Trojan Horse is one of history's most famous tricks. The Greeks were laying siege to the city of Troy, and the war had dragged on for ten years. They built a wooden horse, which they left outside the city. The Trojans believed the horse was a peace offering and dragged it inside their city.
What did the Trojan Horse invade? ›Thinking that after 10 years the Greeks must surely have lifted their siege of the city and departed, the Trojans decided that it was safe to bring the horse into the city. However, that night the Greek soldiers who had hidden themselves inside the horse opened the gates for their compatriots and invaded Troy.
How common is Trojan? ›Trojans account for 58% of all computer malware.
The most common malware programs – both globally and in the United States – are Trojans.
Download Avast One to run a free trojan scan on your device. Prevent future attacks from trojans, viruses, and other types of malware. Plus, it's 100% free and easy to use.
Can a Trojan virus be detected on iPhone? ›Malicious software includes Trojan horses, viruses, and spyware programs. Although viruses are uncommon on the iPhone, it's possible to get infected with an iPhone Trojan or spyware that can expose your phone's activity to a third party. Keeping your iOS up to date can greatly reduce the chances of this happening.
What do trojans do? ›
Trojans work by masquerading as legitimate files, with the goal of tricking victims into clicking, opening, or installing them. Once this happens, the Trojan begins installing malware on your device, spying on you, or causing other types of harm.
What is Trojan horse virus for kids? ›A trojan may act as a "backdoor" to the computer, contacting a controller which can then have unauthorized access to the affected computer. Trojans may also access users' personal information such as banking information, passwords, or personal identity. It can infect other devices connected to their networks.
How does a Trojan horse infect a computer? ›How does a Trojan virus work? Trojans infect a device by tricking its user into downloading seemingly harmless software that contains malicious codes. Once downloaded, installed, and launched, the malicious code executes.
Is a Trojan horse virus bad? ›A Trojan horse (or Trojan) is one of the most common and dangerous types of threats that can infect your computer or mobile device. Trojans are usually disguised as benign or useful software that you download from the Internet, but they actually carry malicious code designed to do harm—thus their name.
What is the Trojan horse effect? ›Hydrophobic organic pollutants in the environment are known to sorb onto the hydrophobic surfaces of plastics. Therefore, plastics can function as a vector for the uptake of contaminants to aquatic organisms (termed the “Trojan Horse” effect).
When was the Trojan horse virus? ›Trojans and other malware were developed alongside the personal computer, with the first trojans theorized in the early 1980s and developed in the 1990s. Malware development has kept pace with increasingly sophisticated malware detection and prevention software.
Can you get a Trojan virus on your phone? ›Trojan horse: A trojan horse on your cell phone may appear as a text message. From there, trojans will send messages at a premium, often increasing your phone bill. These types of viruses can also connect themselves to legitimate-looking apps.
How to get rid of Trojan? ›The best way to clean up a Trojan infection is to use Malwarebytes' free trojan scanner, and then consider Malwarebytes Premium for proactive protection against future Trojan infections. Malwarebytes Premium will initiate a scan for Trojans and then remove Trojans so they can't cause further damage.
What happens when you get a Trojan virus? ›Once installed, a Trojan can perform the action it was designed for. A Trojan horse, or Trojan, is a type of malicious code or software that looks legitimate but can take control of your computer. A Trojan is designed to damage, disrupt, steal, or in general inflict some other harmful action on your data or network.