What is a Trojan?

Definition

A Trojan, or Trojan Horse, is defined as malware code that purports to serve a useful purpose but actually does harm to the host computer without the user's knowledge or consent. It differs from a virus in that. it does not seek to replicate itself.

Examples

Trojans can commonly be found on the Internet or in email attachments. Some of them are obvious, but others go to great lengths to conceal their real intentions from the unsuspecting computer user.

A current high profile example of a trojan is the massive increase in scareware software. These are malicious programs that masquerade as security software. The most common way to pick them up is by responding to fake security alert popups that appear on certain websites. They look like convincing alerts, telling you that your computer is infested with viruses or hat pornography has been detected. Clicking on the download offered is almost certain to install adware and spyware on your computer, as well as the false sense or security that comes with having fake security software.

Almost 2% of people affected go on to purchase a licence for this fake software - typically around $40! The only way to ensure that your computer is protected from security threats is to install genuine Internet Security or Antivirus software from one of the major companies.

A well known simple example of a Trojan is the waterfall.scr screensaver. This appeared to be a free screensaver but, when launched, began erasing files on users' computers.

More complicated examples use sophisticated techniques to masquerade as something interesting, or at least harmless. They are often attached to emails with accompanying text making the user more likely to click on them.

By default Windows hides extensions for common file types, including executable programs such as *.exe, *.com, *.scr, *.bat or *.pif. By naming the program with a double extension the author of the Trojan can make 'Readme.txt.exe' appear simply as 'Readme.txt'. This makes it look like a normal text file that can open with Windows Notepad, but it is actually an executable program file. Other possibilities are 'Photo1.jpg.exe', which will appear to be a picture file called 'Photo1.jpg'.

The author might further disguise the Trojan by giving it an icon associated with a common program type (text, picture, document, etc.). The more sophisticated ones will actually open a text file, or whatever file type the user is supposed to think it is, so that the user is still unaware of its real purpose even as the damage is being done.

Payloads

Like viruses, Trojan horses have a destructive payload designed to harm the user's computer. Some of them may be harmless, but annoying (open/ close CD Drawer, for example), but others can be extremely destructive. Examples of these are erasing/ modifying files, creating a back door giving a hacker access to the computer, forcing the computer to join a network of 'zombie' computers to send spam or carry out Denial of Service (DOS) attacks or logging keystrokes to steal passwords and credit card details and so on.

Conclusion

As with viruses, some protection is possible by common-sense means such as being careful not to open email attachments. These methods alone cannot offer 100% protection, so it is essential to install a good antivirus program and keep it up to date with the latest definitions. The greatest threat from any type of malware occurs just after a new one is launched, so not keeping your antivirus program up to date is as bad as not having any protection at all.

Antivirus programs are not all the same. See the section on Antivirus Programs for reviews, comparisons and recommendations. Get your computer protected today and download one right away.