On the Internet, there is no shortage of evildoers. Unlike a criminal in real life, which coerce their victims through means of violence, cybercriminals rely primarily on deception. This can come in the form of ransomware or phishing scams, both of which we have covered previously, but one of the most subtle of cyberattacks is the Trojan horse.
What is a Trojan Horse?
Much like the famous, wooden horse that the Greeks supposedly used to hide their troops in during the Trojan War, the Trojan horse malware (or just “Trojan”) operates almost identically. Instead of a wooden horse, the virus may appear as something harmless, such as an email attachment or a link to a website, and instead of soldiers hiding inside it, there’s malware. According to Comodo Cybersecurity, there are few different kinds of malware that can be inside a Trojan:
- Backdoor Trojan – Creates a “backdoor” into your computer, allowing the attacker to access and control it. Your data can be downloaded and stolen.
- Distributed Denial of Service (DDoS) Trojan – Performs DDoS attacks against your network.
- Downloader Trojan – Continuously adds malware to your computer, such as other Trojans and adware.
- Fake AV Trojan – Disguises itself as antivirus software and demands money to remove threats that may not exist.
- Game-thief Trojan – Steals account information (usernames and passwords).
- Infostealer Trojan – Steals data from your computer.
- Mailfinder Trojan – Steals email addresses on your device.
- Ransom Trojan – Similar to ransomware; demands a ransom to undo damage to your computer or device.
- Remote Access Trojan – Provides the attacker full control over your computer through a remote network connection.
- Rootkit Trojan – Makes it difficult to locate an object on your infected device; extends time for a malicious program to run on your device.
- SMS Trojan – Infects your mobile device; texts numbers with premium-rates to raise phone costs.
- Trojan Banker – Specifically targets financial account information, such as your bank or credit card account.
- Trojan IM – Targets Instant Messaging (IM); steals your account information on IM platforms.
How to Prevent a Trojan Horse Attack
Like with many other cyberattacks, avoiding a Trojan is very simple and breaks down to a few key concepts that the Cybersecurity and Infrastructure Security Agency has made public:
- Run Windows Defender regularly to check for viruses
- Do not open suspicious-looking emails
- Do not click on suspicious-looking links
- Do not download any suspicious-looking software
- Back up your personal data and files to an external drive or cloud
While the possibility of a malware attack still exists, the likelihood of an attack has been greatly decreasing over the past couple of years. In fact, SonicWall reported a 43% decrease in the number of malware attacks that occurred in 2020 from the previous year. Additionally, you, the average consumer, are becoming less-and-less of a target for cybercriminals. Instead, corporations and big businesses are the main focus, with Symantec noting a 12% increase in malware attacks against enterprises.