As we become more reliant on technology and trust it with our sensitive data, cybercriminals are developing more sophisticated and diverse ways to get their hands on it. There are many types of dangerous malware, including Trojan horses. But this type of malware does not only come in one form. There are several types of Trojan horses, all designed for different uses. So what are the most common types of Trojans to be aware of?
What is a Trojan horse?
Before we get into the different variations of Trojan horses, let’s quickly go over what they are.
The term “Trojan horse” originates from the ancient Greek story, the Odyssey, written by Homer. In the story, a large wooden horse is given as a gift to the city of Troy, but the recipients are unaware that soldiers are hidden inside the horse. When the horse enters the city, the soldiers can invade.
A Trojan Horse program works in a similar way to the original, in that it hides in seemingly harmless software. For example, you may download an application assuming it is trustworthy, while the developer has packed the software with a Trojan. Once the program infects your device, it can perform a number of illicit activities, such as remote control, data theft, and activity monitoring.
The different types of Trojans
It is important to know the different types of Trojan horses so that you can protect yourself most effectively.
1. Download Trojans
Download Trojans rely on an Internet connection to function. When the Trojan infects a device, it remains dormant until an Internet connection is established, at which point it can download additional malware to aid the cybercriminal in his attack. This type of Trojan can also launch malicious software on the infected device. They are presented as a kind of first step in the attack, giving the hacker a strong buy into the target.
2. Backdoor Trojans
In cybersecurity terms, a backdoor is a method of entering a system through the use of malware. So instead of accessing the device or server through the legitimate, authenticated method (the front door), the attacker will use malware to get in another way (the back door).
Thus, backdoor Trojans are software programs that can provide an attacker with another route of entry, making unauthorized access possible from a remote location. With this, the attacker can perform remote functions, steal data, or spy on the victim’s activity.
3. DDoS Trojans
As you may have guessed, DDoS Trojans are associated with DDoS (Distributed-Denial-of-Service) attacks. This involves flooding a server with requests to cause technical problems. Sometimes a server will be so overloaded that it will crash.
DDoS Trojans give the threat actor the ability to carry out DDoS attacks. This is done by infecting multiple devices with the Trojan Horse program and then remotely controlling them to launch a DDoS attack on a specific IP address. Infected devices will flood the IP with requests, overloading the system and causing it to malfunction or crash altogether.
When a group of previously harmless devices is used to carry out attacks, they become what is known as a botnet. In short, they are “zombie” devices that work at the will of the attacker. Botnets are popular in cybercrime as they help malicious actors spread malware more effectively.
4. Trojan rootkit
Rootkits are software programs used for remote access at the administrative level. Often this remote access is unauthorized and acts as a vector for a cyber attack. With administrative access via a rootkit Trojan, the attacker can execute a variety of different functions to exploit the infected device. For example, a cybercriminal could steal sensitive login information, run another malicious program, or eavesdrop on private conversations.
5. Fake Antivirus Trojans
As the name suggests, rogue antivirus Trojans masquerade as antivirus programs. This way, the victim will trust the program and assume that it is keeping them safe when the exact opposite is true. While the program may trick you into simulating antivirus operations, the real goal is exploitation. Such software will scare the user into paying for more protection measures and thus scam them out of funds.
This type of strategy is particularly effective with the less tech-savvy, such as older people.
6. Banking Trojans
Banking Trojans target bank details. Banking credentials are a highly sought after type of information in the cybercrime arena, as they can give attackers direct access to a victim’s funds. This type of data is popular in dark web marketplaces, where other illicit actors pay hackers to access data they have stolen. Financial institution sites are often targeted by banking Trojans.
When a banking Trojan is downloaded to a victim’s device, it is possible for the attacker to obtain their banking credentials. In addition to login credentials, banking Trojans can also help an attacker bypass two-factor authentication barriers, which many people use as a security measure for their online banking accounts.
7. Game-stealing Trojans
Game stealing Trojans (or simply Gaming Trojans) are used to steal private information via gaming accounts. There are millions of gaming accounts online today, providing a niche for cybercriminals to steal data. When the Trojan accesses valuable information, it will pass that data on to the attacker. For example, a user’s Steam account may be intended to access payment information or steal virtual assets.
8. Spy Trojans
Spy Trojans are concerned with snooping on the victim’s activity. When the Trojan infects the target device, the attacker can remotely monitor the victim using spyware. Your keystrokes, app activity, online habits, and other actions can be monitored to steal data. For example, when a victim enters their login details on an infected device, the attacker can log their keystrokes to see what the credentials are.
Alternatively, a spy Trojan operator can eavesdrop on a private online conversation to extract valuable information that it shouldn’t have access to. Perhaps they want to collect intelligence on a financial institution or even a branch of the government.
Trojans are a danger to our devices
Trojan horses are so versatile that they put Internet users at risk in various ways, so much so that they can be difficult to avoid. But by knowing the risks and taking extra precautions when using your devices, you can more effectively steer clear of Trojan horses and keep yourself and your data safe.