In Virgil’s epic poem, The Aeneid, the Greek war strategist, Odysseus, wants to get men of the Greek army and himself into the city of Troy. He wants to do it without destroying or climbing over the wall of the city. He devises a deception plan and engineers it into a giant wooden horse.
While he and his men hide in the wooden horse, he gets some Greek men to take it to the city of Troy as their token of surrender. The men left the giant wooden horse in front of the city and appear to have sailed away. The Trojans, drunk in victory, bring the horse into the city so that Odysseus and his men are able to attack the city of Troy from inside. What a clever act of deception that gets the victim to act out a premeditated plan! Such attacks are now known as trojan horse attacks.
In cybersecurity, these embodiments of deception (known as Trojans) are a type of malware that use social engineering to delude unsuspecting users into installing and running apparently genial programs that embody malicious purposes. Although trojans are not viruses technically, they have come to be known as such.
Trojans are neither viruses nor worms: Viruses infect files, self-replicate and spread by appending themselves to another program—and worms are similar to viruses in the sense that they infect files, but they do not need to append themselves to another program in order to spread. Therefore, trojans are a class name for malware that employ deceit to lure the victim into acting out a plan. They are of different kinds, depending on the intention of the author—whether to deliver a payload (in the case of
In other words, trojans are nothing more than delivery tactics that cybercriminals employ to further execute any cybersecurity threats—ransomware attacks, spyware attacks, and so on.
After its release in 1975, the world’s first computer trojan (
By December 1989, floppy disks were getting affected by the
Then in 2000, victims of the
Through this time, trojans targeted computer users’ desire for illegal downloading and hence disguised themselves as music files, movies, or video codecs. For instance, in late 2005, a backdoor trojan (
These create remote access to victim computers by changing the system security—which will then allow cybercriminals to further execute threats on the system.
These do nothing but watch online accounts and credit card details, and transmits password and identified data back to the attack initiator.
It takes control of victim systems and makes them slaves in a network under the initiator’s command. (A good example is the
In the case of a trojan attack, the affected systems must be cleaned up thoroughly using good-quality anti-malware, to ensure a full system scan. The systems must be cut off from communication with any backend server or other unaffected system in the network and then be isolated. This will isolate the trojan for cleanup.
Trojans can come in various forms—software, music, browser advertisement, and even ostensibly legitimate applications. Hence here are ways to avoid landing a trojan on a computer system:
Since trojans parade themselves in deception, the best habit computer users should master is “vigilance”. Observing good cybersecurity procedures is advised. Healthy skepticism of websites offering “free” movies and music is recommended. Changing default windows settings—so that the real extensions of applications are visible—is recommended.
In addition, the following should be practiced to bolster security proactiveness:
Computer trojans, a deception engineering that started as a prank, have developed into a nefarious way of destroying networks, stealing information, making money, and sadly, seizing power.