What is Trojan horse malware?

Trojan is any malicious computer program which is used to hack into a computer by misleading users of its true intent. The term is derived from the Ancient Greek story of the wooden horse that was used to help Greek troops invade the city of Troy by stealth.

Trojans are generally spread by some form of social engineering, for example where a user is duped into executing an e-mail attachment disguised to be unsuspicious, (e.g., a routine form to be filled in), or by drive-by download. Although their payload can be anything, many modern forms act as a backdoor, contacting a controller which can then have unauthorized access to the affected computer. This infection allows an attacker to access users’ personal information such as banking information, passwords, or personal identity (IP address). 

Unlike computer viruses and worms, Trojans generally do not attempt to inject themselves into other files or otherwise propagate themselves. 

If trojan horse is installed or run with elevated privileges a Trojan will generally have unlimited access. What it does with this power depends on the motives of the attacker.

What Trojan horse malware can do to your computer or device?

  • Crashing the computer or device.
  • Modification or deletion of files.
  • Data corruption. 
  • Block any anti-virus program.
  • Formatting disks, destroying all contents.
  • Spreading malware across the network.
  • Spying on user activities and access sensitive information.
  • Use of the machine as part of a botnet (e.g. to perform automated spamming or to distribute Denial-of-service attacks)
  • Using computer resources for mining cryptocurrencies.
  • Using the infected computer as proxy for illegal activities and/or attacks on other computers.
  • Infecting other connected devices on the network.
  • Electronic money theft.
  • Installing ransomware such as CryptoLocker.
  • Data theft, including for industrial espionage.
  • User passwords or payment card information.
  • User personally identifiable information.
  • Trade secrets.
  • Keystroke logging.
  • Watching the user’s screen.
  • Viewing the user’s webcam.
  • Controlling the computer system remotely.