When you hear the term "Trojan Horse", you'll likely think of the ancient Greek myth, in which the city of Troy is invaded via an elusive trick using a large statue of a wooden horse. But this term also has relevance in the cybersecurity realm. So, what is a Trojan Horse in this sense, and how does it work?

What Is a Trojan Horse?

graphic of horse in front of green matrix background

A Trojan Horse (also known as just a Trojan) is a kind of malware. It gets its name from Homer's ancient Greek myth, The Odyssey, because like the original Trojan Horse that was used to invade Troy, cybersecurity Trojans are also designed to deceive.

Trojan Horse malware is able to appear as a seemingly harmless application, therefore tricking the victim into keeping it on their device. Given how prevalent cybercrime is, people are more on the lookout for malware than ever before. So it's no surprise that malicious actors are looking for ways to sneak onto a device without being noticed.

Trojans stretch back a lot further than many kinds of malware out there today. The first Trojan Horse was developed in 1975 and, fittingly, was called ANIMAL. But this name didn't refer to the infamous Trojan Horse. Rather, it was a reference to "animal programs", a simple kind of game that guesses what kind of animal the player is thinking of. However, there is some debate surrounding whether this truly was a Trojan or a kind of virus.

Since then, many kinds of Trojans have been developed, some of which gained fame through the exploits they were used in. Take Zeus, or Zbot, for example. This Trojan Horse was used to steal precious financial data. Zeus was most notably used to hack the US Department of Transportation.

Attackers use Trojans to exploit a user's device by exfiltrating files, performing harmful actions, or deleting data.

Many refer to Trojans as viruses, but this isn't actually the case, because Trojans do not self-replicate or automatically execute. Therefore Trojans are strictly a kind of malware. This means that the target user must willingly download the application for the Trojan to be deployed. But Trojans can be very deceptive and are not all one and the same.

The Types of Trojans

green matrix background

Since their creation, Trojans have developed into various different types: backdoor, exploit, rootkit, DDoS, downloader, ransom, banking... The list goes on. But let's focus on the most common kinds of Trojan Horses so that you're aware of the riskiest variations.

A backdoor Trojan can give malicious attackers remote access to a victim's device so that they can control it for their own benefit.

An exploit Trojan is designed to sniff out vulnerabilities on a device so that it can be more easily attacked. Security vulnerabilities are incredibly common, so this kind of Trojan can take advantage of such flaws and bugs to access the target computer. If a computer isn't using any kind of antivirus software, it's also more vulnerable to being targeted by exploit Trojans.

A rootkit Trojan can give attackers access to the target device by hiding its presence from malware detection tools. This allows the threat actor to extend the period over which the Trojan is present on a given device.

A Distributed Denial of Service, or DDoS Trojan, also has a very telling name. You may have heard of DDoS attacks before, as they're pretty common. In such an attack, hackers will work to ensure that an online platform or service becomes unusable to its customer base. Using DDoS Trojans, a botnet can be created, which then facilitates the interruption of site traffic, therefore allowing for a DDoS attack.

Next up are downloader Trojans. These programs can download themselves onto a target device and remain dormant until an internet connection is established. Once this happens, the downloader Trojan can install additional malicious programs onto the infected device to facilitate other cyberattacks.

Ransom Trojans, as the name suggests, are used to deploy ransomware. In ransomware attacks, a threat actor will encrypt all the data on the infected device and demand a ransom in exchange for the decryption key. Ransomware attacks are hugely prevalent, with various kinds of malware being used for infection, including Trojans.

Finally, you've got banker Trojans. Banking information, such as payment details, account numbers, and other precious data, is highly valuable in the cybercrime space. Such information can either be used directly by the attacker to steal funds or can be sold for hundreds or even thousands of dollars on dark web marketplaces. It's no surprise that banking details are so sought-after.

Enter banking Trojans. These programs are used to steal financial data from online accounts so that they can be exploited for monetary gain.

But how do you go about avoiding Trojans? Can these malicious programs be fended off, or are they impervious to cybersecurity measures?

How to Avoid Trojans

Image of blue digital lock in front of a circuit board

Unfortunately, there's no kind of security tool out there that will absolutely guarantee you protection from malware. However, you can use programs that are very effective at keeping you safe. Of course, the first option here is a trusted antivirus program. An antivirus tool should be an absolute must on any of your internet-connected devices. These programs can scan for and tackle malicious programs, and even give you suggestions on how to increase your device's security levels even further.

Additionally, you should always make sure that an app is trusted and legitimate before you download it. You can download apps from thousands of different sites, not just the Apple, Google Play, or the Microsoft Store. While such popular platforms do their best to ward off malicious apps, they're not airtight, and some illicit products still make their way through. On top of this, there are countless sites that you can download any number of apps from, but such sites may have a more sinister goal.

So, if you're looking to download any given app, the most important things to do are: check reviews, download numbers, and the official platform from which you want to install.

But some programs are designed to automatically download apps onto your computer if you interact with them even slightly. For example, some attachments may automatically download to your device when you click on them, which gives the Trojan a very easy way in. This is why you should be cautious when you're sent any kind of link or attachment. You can use a link-checking site to see if a link is malicious or learn about the most common signs of malicious attachments if you want to protect yourself in this area.

Trojan Horses Are Far From a Myth

While the term "Trojan Horse" originated in ancient Greek mythology, Trojan programs are very much a reality today. So, if you're concerned about these malicious programs, consider some of the suggestions above to protect yourself and your device from Trojan attackers.