Phishing simulation Awareness training Data breach detection Pricing About Blog Resources Contact
Get started Log in

What is a Trojan?

Trojans are one of the most common types of malware. Learn more about the types of Trojans there are and how to protect yourself against them.

10-05-2022 - 10 minute read. Posted in: malware.

What is a Trojan?

What is a Trojan?

Most of us know the story of how Greek soldiers got past the city gate of Troy by giving the Trojans the Great Wooden Horse. What they thought was a gift was in fact a war trap. Trojan horses are named after this sinister trap - and for good reason.

The Greeks used the horse to capture the city of Troy, and the digital Trojan horse is used by cybercriminals to capture your personal devices.

The definition of a Trojan horse

A Trojan horse or a Trojan is a type of malware. Like other types of malware, Trojans infect your computer and damage either your computer system, your data or your files. A trojan horse virus is particularly deceptive, as it disguises itself as legitimate software to trick users into installing it, similar to the Greek army's Trojan horse.

There are many different types of Trojans and they can have many different functions. Trojans can therefore damage your computer, files, sensitive data or personal information in several ways.

Trojans can:

  • Steal your login details and passwords

  • Read your keyboard entries

  • Modify, delete or encrypt your data

  • Download even more malicious software to your system.

If you’d like to learn more about malware and its effects, check out our guide on what is malware.

The difference between Trojans and Trojan horse viruses

Many people think that Trojans are a form of computer virus, but that’s not true. A Trojan attack involves specific threats such as data theft, financial loss, and identity theft, making it crucial to understand these dangers. Computer viruses can replicate themselves and spread to other systems, but a Trojan horse cannot. Depending on the type of Trojan, it is targeted and targets something specific in or through the computer.

Many websites use the term “Trojan virus” when it should have read “Trojan malware”.

How are Trojans installed?

The most common ways Trojans are installed on a device are:

  • Through phishing. A user downloads an infected attachment or clicks on a link to the phishing website.

  • A user visits a fake website. Either the Trojan horse is downloaded through a drive-by download or through a program the user downloads from the website.

  • A user visits a legitimate website that is infected with malware code, e.g. cross-site scripting.

For tips on staying safe, learn more about what phishing is and how to avoid it.

Activation and impact

Trojan horses are designed to run silently in the background while they perform their malicious tasks, without the user’s knowledge or consent. Once activated, these malicious programs can capture keystrokes (keyloggers), take screenshots, record video and audio from webcams and microphones, and even install other types of malware. They can corrupt files, reformat hard drives, or cause your computer to crash. In short, once a Trojan has infiltrated your system, it has the potential to create a myriad of disruptions and damage. The stealthy nature of Trojan horses makes them particularly dangerous, as they can operate undetected for extended periods, wreaking havoc on your system and compromising your sensitive data.

If you’re curious about keyloggers and their role in cybersecurity breaches, discover more in our article on what is a keylogger.

Types of known Trojans, including backdoor Trojans

Bank Trojans: Bank Trojans are some of the most common Trojans. They target victims' bank account credentials and thus credit card information. Banking Trojans often reside on fake phishing websites where you can be tricked into entering your online banking password.

DDoS Trojans: A DDoS attack bombards a website, server or network with so much fake traffic that it crashes. The attacks are carried out through botnets, which are networks of many computers infected with malware. This malware can consist of Trojans that reside on the computers. When the attack is about to happen, the cybercriminals activate the Trojans. These are the ones that send millions of fake requests to, for example, a website until the website's systems become overloaded and shut down. Learn more about DDoS attacks in our guide on what is a DDoS attack.

Backdoor Trojans: A backdoor Trojan allows an attacker to gain remote access to a computer and take control of its operating system using a "backdoor". The hacker can then, for example, delete files, reboot the computer or steal data.

Downloader Trojans: A downloader Trojan targets computers that have already been infected with malware. It then downloads and installs multiple malware programs to the computer.

Exploit Trojans: Exploit Trojans contain code or data that exploits specific vulnerabilities in a program or computer system. The hacker can get his victim to download the Trojan through phishing and then use the Trojan to exploit a known vulnerability.

Fake antivirus Trojans: A fake antivirus Trojan masquerades as a legitimate antivirus software program. This type of Trojan is designed to detect and remove threats like a regular antivirus program and then extort victims for money to remove threats that often do not exist.

Infostealer Trojans: This is a type of malware that is either used to install Trojans or prevent the user from detecting the existence of a malware program. Infostealer Trojans are often difficult for antivirus programs to detect.

E-mail Trojans: These Trojans aim to steal e-mail addresses that have been stored on a computer.

Ransomware Trojans: Ransomware Trojans attempt to degrade a computer's performance or encrypt data on the computer so that the user can no longer access or use it. The hacker will then demand a ransom to unlock the computer or decrypt the data.

Rootkit Trojans: A rootkit is a type of malware, hiding on a user's computer. Its purpose is to prevent malicious programs from being detected, allowing malware to remain active on an infected computer for an extended period of time. For more details on rootkits, check out what is a rootkit.

SMS Trojans: An SMS Trojan infects mobile devices and is capable of sending and or blocking SMS messages.

Spy Trojans: Spy Trojans are designed to reside on a user's computer and monitor a user's activity. This includes monitoring keystrokes, taking screenshots, accessing the apps being used and tracking login credentials.

Famous examples of Trojan horse attacks

Throughout the years, several Trojan malware have gained notoriety for their devastating impacts. Notable examples include Zeus, Conficker, Stuxnet, Duqu, Gameover Zeus, Dyre, Locky, TeslaCrypt, and WannaCry. These types of Trojan malware have been used to steal sensitive data, infect other programs, and inflict significant harm. For instance, Zeus was infamous for stealing banking information, while Stuxnet targeted industrial control systems. These Trojans can also be used to spread other malware or stage additional online attacks, demonstrating the extensive capabilities and dangers posed by Trojan viruses.

How to detect Trojans?

A Trojan horse can often reside on a device for months without the user knowing that their computer has been infected. However, there are a number of signs that your computer is infected with a Trojan horse:

  • Pop-up ads appear on your computer, often warning you that there is a virus on your computer.

  • Some programs have difficulty running or cannot run at all.

  • Your computer slows down and shuts down spontaneously.

  • There are suddenly programs on your device that you didn't install yourself.

  • When you try to access a website, you are redirected to a suspicious website.

  • Your default browser is replaced without you having changed it.

How to remove a Trojan horse using antivirus software

  • Start by disconnecting from the Internet.

  • Restart your computer.

  • Review the programs and apps running in the background and remove any you don’t know about or haven’t installed yourself. Removing Trojans is crucial to prevent data theft, as these malware can lead to unauthorized access to vital system information.

  • Do a full scan of your computer with an antivirus program.

Consequences of a Trojan horse attack

The consequences of a Trojan horse attack can be severe and far-reaching. Trojan horses can steal sensitive data, including personal and financial information, leading to identity theft and financial loss. They can also disrupt system operations, causing data loss and compromising the integrity of your files. The impact of a Trojan horse attack can be minimized by having a robust security system in place. However, if a Trojan horse attack is successful, it can result in significant data loss, financial loss, and reputational damage, underscoring the importance of proactive cybersecurity measures.

Protect yourself from Trojans

All the Trojans mentioned in this blog post have in common that they can only be downloaded onto a device with the user's help. Therefore, you can avoid Trojans if you pay attention to your behaviour when using the web.

You can protect your personal devices from Trojans by following these tips:

  • Update your computer regularly. Always make sure to download the latest security updates for your device as soon as they are available. Hackers are constantly trying to find security holes in undated software.

  • Never click on suspicious links or attachments in emails or text messages. Phishing attacks are one of the most common ways to get Trojans installed in your device's system. So never click on anything you don't know or find suspicious.

  • Avoid third-party downloads. All downloads are a potential threat. Websites, ads and messages that contain automatic downloads sometimes contain Trojans. Avoid clicking on banners and think carefully before allowing any downloads.

  • Use antivirus software. Although security software is often included in most programs today, always use additional antivirus and anti-malware software.

  • Don't visit unsafe websites. If you're on a website that suddenly pops up a bunch of pop-up ads, it might be a fake website created by hackers.

  • Scan external devices before connecting them to your device. Trojans can reside on external devices such as USB sticks or hard drives. Always scan external devices before connecting them to your device. It's also a good rule to never use external devices that you don't know the origin of.

The importance of antivirus software

Antivirus software is essential in preventing Trojan horse attacks. These programs can detect and remove malware, including Trojan horses, before they can cause harm. Antivirus software helps prevent Trojan horse attacks by blocking malicious websites and email attachments, providing a critical line of defense against these threats. Additionally, antivirus software offers real-time protection against malware, alerting users to potential threats and preventing them from installing malicious software. By installing and regularly updating antivirus software, users can significantly reduce the risk of falling victim to a Trojan horse attack, ensuring their systems and sensitive data remain secure.

This post has been updated on 24-01-2025 by Sarah Krarup.

Author Sarah Krarup

Sarah Krarup

Sarah studies innovation and entrepreneurship with a deep interest in IT and how cybersecurity impacts businesses and individuals. She has extensive experience in copywriting and is dedicated to making cybersecurity information accessible and engaging for everyone.

View all posts by Sarah Krarup

Similar posts

50 quiz questions about cyber security
tips

50 quiz questions about cyber security

We have created 50 quiz questions to test your cyber security knowledge. The questions range from best practices, hacking, GDPR and whistleblowing.

09-08-2023 · 8 min.
Malware as a service (MaaS)
malware

Malware as a service (MaaS)

MaaS is the hacker's answer to SaaS. Read on to learn what this means and how you can best protect yourself from the cyber attacks associated with MaaS.

24-07-2023 · 9 min.
Ethical hacking on the right side of the law
hacking

Ethical hacking on the right side of the law

How do you get inside the head of a hacker so you can understand their mindset? You hire an ethical hacker who is on the right side of the law.

27-07-2023 · 6 min.