What is a Trojan horse?

You may have already heard of Trojan horses or seen your anti-virus notify you of the presence of malware in a downloaded file by attaching the description “trojan”. But what does this mean and what kind of threat do Trojans pose? We tell you everything.

What is a Trojan horse?

These malware take their name from Homer’s famous story of the Trojan War, where Ulysses decides to deceive the Trojans by making them believe in a surrender of the Greeks. In truth, they were hiding in a wooden horse, which they offered to their adversaries. The Trojans brought the horse into the city, which allowed the Greek soldiers to attack the city from the inside. This name perfectly describes the behavior of a Trojan horse in IT: the malware pretends to be something harmless (an email attachment, an application, software, or even an image) sometimes using social engineering and actually hides a threat that seeks to infect the computer or smartphone from the inside.

Trojan horses are very versatile malware that come in many forms. Sometimes, once installed on a device, Trojans contact a server for further instructions and download other malware, such as spyware or ransomware. Trojans tend to wait for particular user behavior, such as visiting a banking site for example, to activate. This way they can go unnoticed for as long as possible. All devices can be victims of a trojan, from computers to smartphones to tablets. It is therefore recommended to have a security suite or free antivirus.

The different uses of Trojan horses

Trojans can be used in multiple ways:

• Set up a backdoor on the device : Once installed, the Trojan contacts a command and control server, giving it access to the infected device. Used in this way, Trojans make it possible, for example, to set up botnet networks, subsequently used for malware distribution campaigns or DDoS attacks.
• Steal banking information : these trojans only aim to steal banking information. Typically, they wait until the victim goes to a site where a payment can take place or tries to access their banking application to activate and thus steal the information entered. Banking trojans are very common on mobile, where they can successfully trick victims into posing as a legitimate application and subsequently act in numerous ways: sending messages pretending to be a bank, adding a additional screen by overlay to retrieve connection data while the victim thinks about entering their information on their banking application, interception of messages used as part of two-factor authentication to bypass it, etc.
• Download and install additional malware : a Trojan horse can serve as a gateway for the subsequent installation of many other malware: spyware, keyloggers, cryptocurrency miners, rootkits, but also ransomware.
• Recovering money without the victims knowing : Trojans on smartphones can be used to send extremely expensive SMS messages internationally from the infected phone or make the victim subscribe to premium SMS services, thus recovering money. Others masquerade as antivirus software and use fear among users to trick them into signing up for expensive and unnecessary services, stealing their banking information in the process.
• Recover data : a trojan can record information about the user, such as the sites visited or what they typed, and send it to the hacker. Among this data, the Trojan may seek to recover passwords or browser history. Some specialize in retrieving account information for online games, so they can retrieve coveted virtual items to resell or directly resell the user’s account themselves.

How do you get infected by a Trojan horse?

As the origin of its name suggests, to infect its victims, a Trojan will pretend to be something harmless while it hides inside, waiting for the victim to bring it onto its device. The hackers behind the Trojan horse can use several social engineering techniques to achieve their goal, such as phishing, by sending emails or instant messaging messages to deceive their victims. Trojans also hide within software and applications that may appear legitimate, such as cracked versions of popular programs and video games. By downloading one of these programs or opening one of these attachments, you may find yourself infected with a Trojan horse.

How do we know if a Trojan is on our device?

Even though many Trojans try to be discreet in order to act at the appropriate time, several signs can indicate the presence of a Trojan on your computer or smartphone:

• You are not using your device and yet activity is detected in the consumption of the Internet connection, your processor or your hard drive and your device is slowed down
• You notice unusual behavior: your mouse moves strangely, programs open on their own, etc.
• Parameters have been changed without you being the originator of these changes
• Your identifiers and personal data appear to be used by other people (connection notifications, unwanted purchases, etc.)
• You notice the presence of new programs on your computer

How to remove a Trojan horse?

To remove a Trojan horse, it is necessary to use software specialized in the detection and removal of viruses and malware. To ensure that you prevent the Trojan from communicating with its command and control server using the Internet, you can restart your computer in safe mode and scan your device using security software at the same time. search for malware.

Since Trojans aim to masquerade as legitimate software and applications, it is difficult to find the origin of the problem yourself. Also, some are persistent and can be reinstalled remotely, even after removing the malware. It is therefore necessary to use an antivirus to ensure that you get rid of the threat.

How to protect yourself from Trojan horses?

As with the majority of malware infections, the best protection is prevention. Therefore, it is necessary to adopt good safety habits:

• Do not download cracked software
• Do not download applications from unofficial stores and carefully check the publishers and developers of applications on official stores to ensure that you are not facing a copy of a popular application
• Do not download and open attachments from a sender you do not know or which do not seem consistent with what a known sender might send us
• Do not click on suspicious links, especially when they are sent without explanation by a contact on instant messaging software
• Avoid sites that look shady and may hide malicious ads or display popups, which will try to infect you by tricking you into clicking
• Update your software and applications, your browser and your operating system
• Protect your accounts with strong passwords, using a password manager
• Make regular backups of your system

Of course, it is also imperative to add additional protection by downloading certain software and tools. For example, you can download an ad blocker, which not only blocks ads, but also prevents scripts from running on your machine. Finally, it is necessary to equip yourself with a good antivirus, which has a regularly updated database of the latest threats, which will recognize the malicious software and block it before it is installed on your device.