What is a Trojan Horse?
The most common Malware in the world and in the United States, according to dataprot’s is the Trojan horse.
The Trojan is a type of malicious software Impersonating as a legitimate code or software.
Once the malware infects the target device, whether it is a corporate network or an individual’s, the attackers are able to perform actions that a legitimate user can perform, such as exporting files, modifying data, deleting files, stealing information, or otherwise altering the contents of the device.
Trojans may be found in downloads for games, tools, apps, or even software patches.
Trojan Horse Cultural History
The original story of the Trojan horse can be found in the well-known “Aeneid” in Greek mythology.
In the story, the enemies of the city of Troy managed to enter the city gates using the giant Trojan horse and pretended that it was a gift to the city of Troy. The soldiers hid inside the giant wooden horse and as soon as they got in, they climbed out and let the other soldiers in.
The term “Trojan horse” has been adopted by the cyber community in light of the many similarities between the original story of the Trojan soldiers and the operation of the Trojan horse software.
Mainly, the Trojan horse was a unique solution for the defense of the target. In the original story, the attackers besieged the city for 10 years and were unable to defeat it. The Trojan Horse gave them the access they wanted for a decade. A Trojan virus, similarly, can be a good way to get behind an otherwise dense defense system.
In addition, both in the original story and in the cyber world, you can’t judge a book by its cover. The Trojan horse looks like a legitimate gift and in a similar way, the malware also disguises itself as legitimate software.
The soldiers in the Trojan horse controlled the defense system of the city. With a Trojan virus, the malware takes over the computer, potentially leaving it vulnerable to other “soldiers”
So how does the Turjan horse work?
Unlike a computer virus, a Trojan cannot attack on its own,it needs the user to download the application to work.
This means that the executable file must be applied in order for the Trojan to attack the computer and network systems.
The software spreads through emails with a legitimate appearance and files attached to the emails, or by their professional and familiar name, phishing.
Phishing is an attempt to steal sensitive information by impersonating the Internet. It is a method of deception that aims to make the user perform an action that will endanger his computer, either by installing malware or stealing sensitive information. Sometimes these messages reach our spam box, but some succeed through the security filters that platforms like gmail or outlook activate in order to make sure that these emails do not reach our main box.
Phishing is one of the most popular methods of social engineering, where criminals try to obtain sensitive information or access to online accounts from others such as bank accounts, social networks, credit card information, etc. Many techniques involve convincing users to download malware or click on links to fake websites, including by making emails appear to come from an authorized source. In the body of the email, a malicious file is hidden in links, Excel or PDF files, banners and more.
When the email is opened and the malicious attachment is downloaded, the Trojan will install and run automatically every time the infected computer is turned on.
Trojan horses - a danger to mobile devices as well
Trojans aren’t just problems for laptops and desktops. They can also affect your mobile devices, including cell phones and tablets.
Generally, a Trojan is attached to what appears to be a legitimate program. In reality, it is a fake version of the app, loaded with malware. Cyber criminals will usually put them in unofficial and pirated app stores for users to download, but these apps sometimes manage to infiltrate official stores like the Google play store and the Apple store as well.
Downloading these apps means giving the ability for hackers to steal information from the device, sending selected SMS texts, and unauthorized access to the mobile.
Another form of Trojan malware specifically targets Android devices. Switcher Trojan infects the other Android devices connected to the same wireless network, and what has started as a single patient turns out to be a mass infection party.
Examples of a trojan horse attacks
Some of the most well-known examples of Trojan horse attacks in recent years:
In 2011, the computers in the Japanese Parliament building were infected with a Trojan horse allegedly created by the Chinese government. The Trojan was installed after a member of parliament opened an infected email, but the extent of the attack was never revealed.
In 2010, a Trojan horse also known as Zeus or Zabot was used by hackers from Eastern Europe to attack several businesses and municipal officials in the region and take over their bank accounts. The creators of this Trojan stole a total of 70 million dollars!
In 2007, a Trojan called the Storm Worm was distributed to millions of computers worldwide through emails about a fictional storm surge that killed people across Europe. Although it was created by Russian hackers, this Trojan was used to create attacks against popular websites and cyber security companies.
How to protect yourself from Trojan horse malware?
Here are some dos and don’ts to help protect against Trojan malware.
- Install reliable antivirus software, bought from a safe source and not illegally downloaded from hacked websites that usually inject malicious codes into the software
- Update your operating system software as soon as updates are available from the software company. Cyber criminals tend to exploit security holes in outdated software. In addition to the operating system updates, check if there are any updates in other software that are being used.
- Protect your accounts with complex and unique passwords. Create a unique password for each account using a complex combination of letters, numbers and symbols.
- Protect your home or corporate network with firewalls.
- Backup files regularly so that if your device is compromised by a Trojan horse, you can recover data.
- Be careful with email attachments. To stay safe, scan an email attachment first.
- Do not visit unsafe sites. Some Internet security software will alert you that you are about to visit an unsafe site, such as Norton Safe Web.
- Do not open a link in an email unless you are sure it is from a legitimate source.
- In general, avoid opening unwanted emails from senders you don’t know.
- Do not download or install programs if you do not fully trust the publisher.
- Do not click on pop-ups that promise free programs that perform useful tasks.
- Never open a link in an email unless you know exactly who its from