Trojan Horse Computing

Dennis Faas's picture

In the context of computer software, a Trojan horse is a malicious program that is disguised as legitimate software.

The term is derived from the classical myth of the Trojan horse. In the siege of Troy, the Greeks left a large wooden horse outside the city. The Trojans were convinced that it was a gift, and moved the horse to a place within the city walls. It turned out that the horse was hollow, containing Greek soldiers who opened the city gates of Troy at night, making it possible for the Greek army to pillage the city. Trojan horse programs work in a similar way: they may look useful or interesting (or at the very least harmless) to an unsuspecting user, but are actually harmful when executed.

Often the term is shortened to simply Trojan, even though this turns the adjective into a noun, reversing the myth (Greeks were gaining malicious access, not Trojans). Trojan horse programs cannot replicate themselves, in contrast to some other types of malware, like viruses or worms. A Trojan horse can be deliberately attached to otherwise useful software by a cracker, or it can be spread by tricking users into believing that it is a useful program.

Types of Trojan horses

Trojan horses are almost always designed to do various harmful things, but could be harmless. Examples include:

  • erasing or overwriting data on a computer  
  • corrupting files in a subtle way  
  • spreading other malware, such as viruses or rogue Spyware such as SpyAxe; In this case the Trojan horse is called a 'dropper'.  
  • setting up networks of zombie computers in order to launch DDoS attacks or send spam.  
  • spying on the user of a computer and covertly reporting data like browsing habits to other people (see the article on spyware)  
  • logging keystrokes to steal information such as passwords and credit card numbers (also known as a keylogger)  
  • phish for bank or other account details, which can be used for criminal activities.  
  • installing a backdoor on a computer system.

Precautions against Trojan horses

Trojan horses can be protected against through end user awareness. If a user does not open unusual attachments that arrive unexpectedly, any unopened Trojan horses will not affect the computer. This is true even if you know the sender or recognize the source's address. Even if one expects an attachment, scanning it with updated antivirus software before opening it is prudent. Files downloaded from file-sharing services such as Kazaa or Gnutella are particularly suspicious, because (P2P) file-sharing services are regularly used to spread Trojan horse programs. Besides these sensible precautions, one can also install anti-trojan software, some of which are offered free.

Trojan Horse: Methods of Infection

Trojan Horses can spread through infected programs, websites and web links, emails (links / attachments), and open communication on a computer.

This article is adapted from:

Rate this article: 
No votes yet