Trojan Malware

During the ancient Greek battle, the Trojan War, a unique attack tactic called Trojan Horse was used to trigger the invasion against the city of Troy. The attack was conducted by constructing a huge wooden horse to hide a fleet of soldiers inside and persuaded the city to take the horse as an offer. That night the soldiers got out from the horse to trigger the invasion.

In the computing world, Trojan is known as a program that brings harm to the computer. What makes Trojan different from other threats is the way this malicious program gets through the device security by hiding within an ordinary-looking software, similar to the Trojan story.

Trojan Definition

Trojan, or Trojan Horse, is a type of malware that specializes in disguising as trustworthy software. Common Trojan disguise techniques are either camouflage as an ordinary application, hide within a legitimate third-party software, or bundle the installation with a misleading user approval dialog.

The typical infection route is through email attachment with a social engineering message that tricks the receiver to insist on the installation. Many users also often download Trojan included unofficial applications, such as VIP/modified edition or key generator software.

What Can Trojan Do to You?

Since Trojan applies to the disguise infection strategy, the actual threat depends on the design of the contained malware. According to the security reports Trojan attacks can cause a variety of inconveniences to the target host computer, anywhere between performance exploit to unrecoverable damage.

  • More specifically, Trojan may harm computers in the following ways.
  • Access restriction to files and storage devices.
  • Partially overwrite data.
  • Multiply data to overwhelm memory and storage space.
  • Destroy account by hard drive distortion.

However, unlike viruses and computer worms, Trojan is not capable of replicating itself to further spread out.

Top 5 Trojan Infection Ways

Software Download through P2P and Torrent

P2P network is filled with popular products and game software that can be downloaded for free. One of the reasons these products are shared free is because criminal group often bundles malware to them with the intention of a random attack. This method has a much higher successful infection rate since files shared over P2P get constantly downloaded for a very long period.

Application Download from Unofficial Site

When downloading an application online, make sure the link is provided from a legitimate source. An application shared from an unofficial website could be a Trojan uploaded by a hacker. Be aware of free programs with taglines such as unlocked, MOD, and VIP version programs as these are most likely a Trojan.

Social Engineering

Social engineering is a popular way for hackers to lure in victims to believe the situation is official and legitimate. Once the doubt is removed, most victims will click links, download files, and execute programs on their own accord. An efficient way to prevent social engineering Trojan attacks is by running an Antimalware software to auto-scan Trojan programs before installation.

Phishing Attacks

Phishing is a specific technique that utilizes social engineering to trick the victim to install the Trojan. Usually, an email is used to attach a Trojan or send a link where Trojan can be downloaded. Trojan attached to the email can immediately infect the computer when the receiver opens the file.

Browser Vulnerability

Many types of Trojans are designed to trigger the infection through browser security loopholes. Common approaches are through advertisement links and generic authentication grant dialogs, which does not seem threatening at first look. Always keep the browser's version up to date so that all security patches are applied for full protection.

Common Types of Trojan Attacks

As mentioned earlier, the definition Trojan applies to the infection method instead the type of harm caused by infection. This means many malware can be categorized as Trojan regardless of its attack tactics. Although some attacks tend to favor being injected as Trojan.

Remote Access Trojans

Once infected, the device will be modified to allow hackers to remotely control the system. Remote activities are performed under the surface and cannot be detected easily even for individual computer users.

Ransom Trojans

Injects ransomware to collect payment in exchange for releasing applied locks. Access limitation may be applied to a file, storage drive, or an entire system. If Crypto Ransomware is used, data could be encrypted deeply where only a password can decrypt.

Data Sending Trojans

The device will start sending sensitive files and performance information to an external network where hackers have access. It usually targets business environment where valuable data worth of selling such as financial status and government documents are available.

Destructive Trojans

Designed to destroy data by running hard deletion and storage distortion. Deleted files are often unrecoverable without a backup. Highly recommend having Antimalware running for preventing Trojan and performing auto-backup.

Proxy Trojans

Manipulates the victim's system to be used as a proxy server. A proxy allows a hacker to perform untraceable criminal activities through the proxied system. Common illegal actions involve credit card fraud, DDoS attacks, and unauthorized access attempts.

FTP Trojans

Installs a File Transfer Protocol host and opens port 21 on the system so that hackers can connect through FTP. Any files on the device become remotely accessible.

How to Prevent Trojan Infection

The most effective way to prevent Trojan infection is to keep the gate close. For Trojan to enter your computer it first requires your permission, which can be in a form of executing a disguised file or grant trigger action from a dialog. To apply this to our protection, we must develop a practice to fully check the file and make sure it is safe before opening an email or running a program. However, validating the safety of a file is harder than it seems in this modern data-oriented world.

To check if a file is Trojan or not is nearly impossible for normal users. Therefore, using an Antimalware is a must method to protect against Trojan attacks. Antimalware is designed to analyze target files by referencing with numerous malware related metatags stored in the database. Furthermore, it can scan the program's internal code to a certain degree to discover if any malicious program is bundled to the file execution.

Keeping the Antimalware version up to date is also important so that publicly known vulnerabilities are patched as soon as possible. Make sure your OS and browser is using the latest version for protecting security holes that hackers might know. Hackers and cybersecurity are always on a race, you must be on the lead by running a proper Antimalware protection.

References