What Is Trojan Horse Malware?

Trojan Horse explanation and examples, plus links to Anti-Trojan programs

Computer Trojan, artwork
Laguna Design / Getty Images

A Trojan is a program that appears to be legitimate but in reality, does something malicious. This quite often involves gaining remote, secret access to a user's system.

Not only do Trojans contain malware but they might actually work properly alongside the malware, meaning that you could be using a program that functions as you'd expect but it's working in the background doing unwanted things (more on that below).

Unlike viruses, Trojans do not replicate and infect other files, nor do they make copies of themselves like worms do.

It's important to know the difference between a virus, worm, and Trojan. Because a virus infects legitimate files, if antivirus software detects a virus, that file should be cleaned. Conversely, if antivirus software detects a worm or a Trojan, there is no legitimate file involved and so the action should be to delete the file.

It's also important to note that Trojans are commonly called Trojan viruses or Trojan Horse viruses, but as was just stated, a Trojan is not the same as a virus.

Types of Trojans

There are several different types of Trojans that might do things like creating backdoors into the computer so that the hacker can access the system remotely, send non-free texts if it's a phone that has the Trojan, use the computer as a slave in a DDoS attack, and more.

Some common names for these kinds of Trojans include remote access Trojans (RATs), backdoor Trojans (backdoors), IRC Trojans (IRC bots), and keylogging Trojans.

Many Trojan encompasses multiple types. For example, a Trojan may install both a keylogger and a backdoor. IRC Trojans are often combined with backdoors and RATs to create collections of infected computers known as botnets.

However, one thing you probably won't find a Trojan doing is scouring your hard drive for personal details. Contextually, that would be a bit of a trick for a Trojan. Instead, this is where the keylogging functionality most often comes into play — capturing the user's keystrokes as they type and sending the logs to the attackers. Some of these keyloggers can be very sophisticated, targeting only certain websites, for example, and capturing any keystrokes involved with that particular session.

Trojan Horse Facts

The term Trojan Horse comes from the story of the Trojan War where the Greeks used a wooden horse disguised as a trophy to enter the city of Troy. In reality, there were men inside waiting to take over Troy; at night, they let the rest of the Greek forces through the city's gates.

Trojans are dangerous because they can look like just about anything that you would consider normal and non-malicious. Here are some examples:

  • Fake antivirus program: The program pops up several windows saying that it found dozens if not hundreds or even thousands of viruses on your computer that you can remove right now if you pay for the program. It might be a small fee that seems manageable or it might be a large sum of money that still seems doable if doing so would remove all of these (fake) viruses.
  • MP3 downloader: The tool lets you download MP3s for free and it actually does work, but it's also always running even when you close it, constantly gathering all the keys you type into your bank website and sending that information (including your username and password) back to the hacker at some remote location.
  • Screensaver tool: The program helps you find and install fun, new screensavers to your computer but secretly installed backdoor entrance so that when the screensaver has been on for a while (indicating that you're gone), the hacker remotes in and has full access to your computer.

How to Remove Trojans

Most antivirus programs and on-demand virus scanners can also find and delete Trojans. Always-on antivirus tools can usually spot a Trojan the first time it tries to run, but you can also do a manual search to clean the computer of the malware.

Some programs good for on-demand scanning include SUPERAntiSpyware and Malwarebytes, while programs like AVG and Avast are ideal when it comes to catching the Trojan automatically and as quickly as possible.

Make sure that you keep your antivirus program up to date with the latest definitions and software from the developer so that you can be sure that new Trojans and other malware can be found with the program you're using.

Check out how to properly scan your computer for malware for more information on deleting Trojans and to find download links to additional tools you can use to scan a computer for malware.