Trojan Horses Works
A Trojan or Trojan horse is much different malware that disguises itself as something you need so as to trick you into letting it through your defenses.
Like other kinds of malware, a Trojan is set up by attackers to damage or take control of your computer. Its title stems from the method where it infects your computer: it disguises itself as something you need so as to trick you into letting it through your defenses.
From the story of the Trojan War, the Greeks, not able to break through the walls of Troy to conquer the town, concealed inside a giant wooden horse that they left out the city gates; the Trojans, believing it was an offering to the gods, brought it inside, and the Greek soldiers, led by Odysseus, emerged during the night to destroy the city. Like Odysseus, cyber-attackers expect that you will be duped by a tempting bit of bait to allow malicious code within your network.
As they say, always beware Greeks strangers or — online — bearing presents.
Trojan vs. Virus
You will often see the term”Trojan virus” used to identify this sort of malware, but that is strictly speaking not correct: Trojan and virus name for various kinds like the Trojan horse, Trojan malware. By comparison, a virus, similar to its biological counterpart, embeds itself into the code of a host program and then uses that server to spread itself and replicate — (A worm is a third party malware kind: a program which does not require a host application to replicate and disperse.)
These distinctions are important if you would like to stay strictly right, and we’ll aim to use all three titles correctly here and everywhere on CSO. But be aware that lots of men and women utilize virus and malware interchangeably, so it is not uncommon to encounter the term Trojan virus from the wild. Individuals who do that are most likely talking about Trojans, viruses that are not.
How does a Trojan horse infect a computer?
Up to now, we have been talking in somewhat general terms. But how can a Trojan actually work in practice? How hackers trick you to download code? In a traditional way, as Malware bytes describes, sites might lure users with a free game or screensaver that turns out to contain malware. The majority of us probably believe we are not naive enough to fall for this, but somewhat more sophisticated Trojan websites might emulate a more reputable organization to convince us that we are downloading something we are not.
As an example, when everybody was in a panic over the revelation of the Spectre and Meltdown vulnerabilities within x86 chips, a site which looked very similar to the website for the official German government cybersecurity agency appeared and provided a Spectre/Meltdown patch for downloading; the”patch” turned out to be a Trojan, dubbed “Smoke Loader.”
Once downloaded, the Trojans frequently request administrator permissions — something that also many legitimate programs do, so many users will simply click”Agree” and sign their computer over for their attackers.
Another frequent way Trojans spread is through phishing — a cyberattack where you get an email that purports to be from someone it is not. These mails will frequently have malicious code the Trojan — attached, and will try to convince you that you ought to download and open the attachment. Phishing scams could be targeted with many degrees of precision.
At the low end, you’ve got mass spam email that claims to keep news of lottery winnings in an attachment; in the high end, you’ve mails individually tailored for a high-value targeted individual in an effort to get access to their particular computer.
In such phishing emails, the malicious code normally lives in an attachment. Since a lot of us are trained not to download and run arbitrary executable files, Trojans have learned to take advantage of holes in the macro scripting languages which in Microsoft Office.