• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

SWC

South West ComputAble ... the trusted name in technology

  • News
  • About Us
    • What We Do
    • Where We Stand
    • Our Team
    • What Our Clients Say
    • Jobs with Us
  • Products
    • Apple Models and Prices
    • Apple
    • Windows
    • Accessories
  • Services
    • Repairs and Upgrades
    • Wireless Solutions
    • Preventive Maintenance
    • Emsisoft Anti-Malware
    • Consulting
    • Equipment Hire
  • Internet
    • Internet Services
    • Office 365 & Exchange Online
    • Domains & Hosting
    • Websites
  • Contact
  • Remote Support

All About Trojan Horses

Trojan horse removal: Protecting Troy

Courtesy EMSIsoft on September 29, 2017

trojan-horse-virus-removal-blog

After a ten-year siege against the seemingly impenetrable city of Troy, the Greeks decided to try something a little more crafty than brute force. Concealing themselves within a trophy offering in the shape of a giant wooden horse, Greek soldiers were able to breach the city walls, capture Troy and win the entire war.

Modern Trojan horses are similarly deceptive. In computer terms, a Trojan horse is any malicious software that disguises itself in order to deceive users of its true intent. Trojans can take the form of just about anything: an innocuous download link, an email attachment sent from a work colleague or an image sent via social media.

Despite being one of the oldest forms of malware, Trojans have proven to be persistent pests and remain the leading cause of malware infection. In fact, they account for about 8 in 10 of all new malware infections.

Nevertheless, it is possible to defend your system against this type of cybercrime. In this article, we’re going to show you exactly how the different types of Trojans work and what you can do to reduce your risk of infection.

How do Trojan horses work?

Even often referred to as trojan horse virus, there are some subtle but important differences between Trojans, viruses and worms. In contrast to the latter two, Trojans are not able to replicate themselves, nor are they able to autonomously infect other files or spread to other devices. Instead, they require input from an external source: you.

Why would you ever interact with a Trojan?

trojan-horse-ccleaner-malware

Well, as we touched on earlier, Trojans are deceptive creatures that can disguise themselves as regular, everyday, benign files – the types of files you click on without even thinking about it. Whether it’s an email attachment sent from a trusted source or a program you’ve downloaded from an ordinarily reputable website, malware authors go to great lengths to ensure their Trojan looks like the real deal.

The most recent and widely publicized Trojan example is that of Piriform’s CCleaner, a highly popular utility that was recently acquired by Avast. The cyber criminals managed to compromise the update infrastructure and injected malicious code into the installer, which was available for almost a month with a valid security certificate from Symantec until it was discovered by security researchers.

Opening a Trojan is the equivalent of opening the gate and wheeling a large wooden horse into your city. When you double click that seemingly innocent and legit file, you’re effectively allowing the attackers to bypass your defenses – in fact, you’re actually triggering the malware yourself!

The different types of Trojan horses

Trojans come in all shapes and sizes and can affect your system in a variety of ways ranging from ‘annoying’ all the way through to ‘financially crippling’. We’ve rounded up the most common types of Trojans you’re likely to encounter:

Backdoor Trojan

Backdoor Trojans create a hidden link through which hackers can remotely access and control the infected device. In many cases, the criminals can gain almost full control of the computer and use it to do more or less anything they want. In the past, this might have involved random disruption such as deleting files, messing with settings and collecting personal information, but increasingly hackers are using backdoor Trojans to recruit devices into a botnet, which can, in turn, be used to carry out powerful cyber attacks.

Backdoor.Nitol is one example of a backdoor trojan that has gained a lot of attention in recent months. The trojan makes use of the same NSA exploit as WannaCry, ransomware that infected more than 350,000 computers around the world earlier this year.

Banker Trojan

This particular type is incredibly common and can have dire financial consequences for businesses and users alike. As the name implies, the primary objective of a banker trojan is to obtain banking data stored on your system that will give the hackers access to your bank accounts, credit and debit cards and e-payment systems.

Zeus, otherwise known as Zbot, continues to be the most prolific banking Trojan of 2017. After the author of the original Trojan released the source code back in 2011, a number of variants built on the original Zbot codehave sprung up (including Atmos, Citadel and more), though none have proven to be as profitable as the original. The Trojan spreads mostly through phishing and drive-by-downloads.

trojan-horse-types

Exploit

Exploit trojans are usually concealed with programs. When executed, they exploit security weaknesses within your operating system or other software installed on your computer, giving hackers access to your data or control over your system.

In 2012, the Blackhole exploit compromised a huge chunk of the internet and was widely regarded as the biggest threat at the time. Blackhole exploited vulnerabilities in commonly used browsers and plugins to deliver a malicious payload.

Rootkit

A rootkit is a particularly devious type of trojan that is designed to prevent both you and your antivirus solution from identifying the presence of other malicious software. This gives the malware a bigger window of opportunity to wreak havoc on the infected system.

SmartService is a good example of a rootkit. The trojan is typically distributed via adware bundles that many users inadvertently install when acquiring free software. After installation, SmartService creates a Windows service that prevents you from running security software and can even stop you disabling certain processes and deleting particular files. This protective behavior makes it substantially more difficult to remove the other adware that was installed alongside SmartService.

DDoS

Distributed Denial of Service (DDoS) attacks have become increasingly common and disruptive in recent years, with some experts estimating that the average DDoS attack costs businesses around $2.5 million. DDoS Trojans enable cyber criminals to harness your computer’s resources to send requests to an address, flooding and eventually overwhelming the target network.

Downloader

Trojan downloaders are exceptionally common among home users, who may inadvertently install one after downloading a file from an unverified or disreputable source. The payload varies, but often takes the form of adware and potentially unwanted programs, which can drastically slow your computer down. Downloaders are often less complex than other types of trojans, but still pose a significant risk.

Dropper

Cybercriminals use droppers as a means of deploying additional trojans and other types of malware. Many droppers have a secondary goal of preventing your system from detecting malicious software.

Many of the new ransomware breeds make use of dropper Trojans to devastating effect. Spora uses a Jscript dropper component to execute a malicious file that encrypts data on the infected machine. A dropper Trojan also played a role in the WannaCry ransomware outbreak, which successfully infected 350,000 machines around the world in May 2017.

FakeAV

Perhaps the greatest example of malware camouflage, FakeAV Trojans are designed to simulate helpful antivirus software. The program creates fake alerts about suspicious files that don’t exist and demands money in order to remove the non-existent threat.

ThinkPoint is a classic example of a FakeAV. Billed as an anti-spyware program that’s part of Microsoft Security Essentials, the program detects a fake infection, reboots your computer and prevents you from using your device until you pay for the full ThinkPoint program which, it promises, will restore your computer to its former state. (Hint: don’t buy it!).

What are the most common trojan infection points?

Because trojans are not capable of replicating or spreading themselves independently, they require user input to be successful. Of course, few users are willingly going to play a role in downloading and installing malicious software on their own system, so hackers have to use disguises and deceit to coerce you into running their software. Trojans generally camouflage themselves as harmless software or hide among the lines of code written within real, legitimate software.

Generally speaking, there are three main ways that Trojans are distributed online:

1. Downloaded software

Trojan horses are frequently uploaded to websites that provide free software both legally (such as shareware applications) and illegally (such as pirated software). Due to the sheer number of programs that are uploaded to these sites, it’s not always possible for site owners to check that every piece of software is safe and secure, and as a result many Trojan-containing applications slip through the cracks. When you, the user, download and install the software – even if it’s from an otherwise reputable site such as the CCleaner example we mentioned above – there’s a risk that you could be unleashing a Trojan on your system.

2. Email attachment

Your emails are another common source of Trojan infections. Cyber criminals send out convincing messagesthat appear to be from widely known, trustworthy companies (say, Microsoft, Amazon or similar) and attach Trojans disguised as an ordinary file such as an image, video, mp3, or download link. After you execute the file, the malware is free to run rampant.

3. Instant messaging

Instant messaging services are home to their fair share of Trojans. In August, we saw a resurgence of the classic fake Facebook video trojan, a malware disguised as a video sent via Facebook Messenger to other people on the infected machine’s friend list. When users click the fake video, they’re prompted to download a file which, when executed, releases the Trojan.

Instant messaging is particularly effective as a distribution channel because the chat is so casual and fast paced. In this sort of environment, it’s easy to let your guard down and may make you more liable to click harmful links and download files without the same precautions as you would elsewhere on the web.

Trojan virus removal and protection

Unsurprisingly, you are the first and most effective line of defense when it comes to Trojan protection. Adopting safe browsing habits and exercising a high level of caution online can go a long way toward reducing your risk of infection and should be an important part of every IT security plan.

Safe browsing habits might include:

  • Avoiding pirated software and piracy-related websites.
  • Only downloading software from reputable sources.
  • Triple checking email attachments before opening.
  • Being wary of unsolicited messages on social media and instant messaging services.
  • Checking file extensions before opening any file (no image should end in .exe!).
  • Being conscious of what you click on when browsing the web.

While you might be leading the charge, the good news is that there are a number of tools that can help you in the battle against Trojans. For example, reputable IT security solutions can prevent them from penetrating your defenses and remove any malicious software that may have crept in while another antivirus product was supposed to be keeping watch.

In addition, ensuring the Windows Firewall (or a comparably comprehensive product) is active and configured correctly to block unsolicited connections can further reduce the chances of a Trojan breaching the wall. Finally, keeping your operating system, web browser and other software up to date is vital for reducing potential security vulnerabilities and minimizing the risk of becoming the victim of a zero-day exploit.

Leaving the horse outside

The ancient people of Troy lost their city when their defense system failed to see through their enemy’s disguise and recognize the Trojan horse for the threat it really was.

Don’t let history repeat itself. With the information in this blog post, your citadel guards (you!) will be better equipped to identify potential threats, bolster your computer’s defenses and keep your system safe from the ongoing Trojan threat.

Have a brilliant (Trojan-free) day!

Filed Under: Internet, Virus

Welcome to South West ComputAble!

South West ComputAble is the premium trusted supplier of technical support, hardware, software and computer services, to business, education, primary industries and homes throughout the region since 1994.

We provide the highest standards of professional, experienced, friendly, local sales, service and support for all your IT needs.

We offer Windows and Apple solutions.

News

  • Five tips for keeping passwords safe
  • Access invoices on Mac Mail
  • Tax time 2021
  • Tech boss steps down after 27 years of local trade
  • Protecting Yourself From Malware Infections in 2021
  • We’re Hiring – Have You Got What It Takes?

Please Contact Us:

South West ComputAble
54A Bussell Highway,
Cowaramup
WA 6284
08 9755 5406

Contact
Opening Hours

Monday

8:30 am – 5:00 pm
Tuesday

8:30 am – 5:00 pm
Wednesday

8:30 am – 5:00 pm
Thursday

8:30 am – 5:00 pm
Friday

8:30 am – 5:00 pm
Saturday

Closed
Sunday

Closed


We love it when people take time to tell us they're happy!

Click here to see a selection of what our wonderful clients think of our service ...

Find Us

Get Directions

Legals

  • Privacy Statement
  • Terms and Conditions

Recent Posts

  • Five tips for keeping passwords safe
  • Access invoices on Mac Mail
  • Tax time 2021
  • Tech boss steps down after 27 years of local trade
  • Protecting Yourself From Malware Infections in 2021

Archives

  • 2022
    • May 2022
    • March 2022
  • 2021
    • May 2021
    • March 2021
    • January 2021
  • 2020
    • October 2020
    • March 2020
    • January 2020
  • 2019
    • December 2019
    • June 2019
    • February 2019
  • 2018
    • September 2018
  • 2017
    • November 2017
    • October 2017
    • May 2017
    • April 2017
    • March 2017
  • 2016
    • December 2016
    • November 2016
    • April 2016
    • February 2016
  • 2015
    • February 2015
  • 2014
    • December 2014
    • November 2014
    • June 2014
  • 2013
    • December 2013
    • October 2013
    • July 2013
    • January 2013
  • 2012
    • November 2012
    • August 2012
    • January 2012
  • 2011
    • December 2011
    • November 2011
    • October 2011
    • September 2011
    • June 2011
    • March 2011

© 2025 · SWC | South West ComputAble · Built by Aguawebs