A Trojan in the software world is a type of malware that is often the tool of choice for cyber criminals. Named for the tactics Greek warriors used to infiltrate Troy using an enormous wooden horse, a Trojan can be just as deceptive and destructive. In combating this type of computer security threat, just knowing what you’re up against is a start.

Difference Between a Virus, a Worm and a Trojan

A virus is a self-replicating program that can inject copies of itself into other programs and files. A worm is similar to a virus in that it can self-replicate. However, unlike a virus, a worm can spread itself to other computers usually by remote infection through the Internet. A Trojan is a non-threatening program at first glance, but quickly takes over your system once it is executed. Unlike viruses and worms, a Trojan is not self-replicating nor does it copy itself into other files. Infection usually involves opening an email attachment or downloading and running a file from the Internet.

Characteristics of a Trojan

Once a Trojan penetrates a computer’s security defenses, it can give control of the infected computer to the hacker. Since it usually runs as a background process, users of computers infected by a Trojan don’t even know their systems have been compromised. At this point additional malware can be installed and sensitive data can be stolen. On a more sophisticated level, an infected computer can be used as a launch point to attack other computers and networks, thus covering the cyber criminal’s tracks.

Types of Trojans

Trojans can be classified under many different types or composite classifications. A Backdoor Trojan is one that is designed to circumvent authentication, giving remote access to the hacker. A Trojan Ransom, also known as ransomware, can encrypt your data or lock up your system until you pay the criminal. The Trojan Spy can log your keystrokes, and the Trojan Mailfinder can acquire email addresses from your computer’s address book. A favorite of cyber criminals is the Trojan Banker, which is designed to steal online banking and credit card information.

Zeus Trojan

A good example of a Trojan Banker is Zeus, also called Zbot. The Zeus Trojan can add extra fields to a Web page with a form, like the pages one might visit when doing their online banking. Since it is the actual bank’s Web page and not some forged site, a few extra fields to fill might not seem as suspicious to the user. The fields may be disguised as added security questions that could give the criminal needed information to gain access to the account later on. On the underground market, Zeus was being sold as a malware toolkit enabling less experienced cyber criminals access to the technology. Until 2011 when the source code was made public, the Zeus toolkit could cost up to $10,000.