Although many people have heard of the term Trojan horse, many people may not know whether it is different from a general virus or malware. Also, I think many people would like to know what the risks are if they become infected.
Therefore, in this article, we will provide an overview of Trojan horses, how they differ from viruses, and the infection route. We will also explain cases of Trojan horse infection and countermeasures, so please refer to them.
What is a Trojan horse?
Trojan horse is a general term for various security attacks that are carried out without the user’s knowledge. The name “Trojan Horse” comes from the wooden horse used to conquer Troy in Greek mythology. During the Trojan War, it is said that Troy was conquered by soldiers mounted on wooden horses.
Trojan horses target a variety of things, including websites, personal information, screen images, and document files. There have been cases of Trojan horses masquerading as “useful apps,” so there is no doubt that we must be cautious in all situations in which we use the Internet.
Difference between Trojan horse and virus
Trojan horses are often considered similar to viruses. However, strictly speaking, Trojan horses are classified as malware and are different from viruses. Here we will explain the difference between Trojan horses and viruses.
- do not self-replicate
- Does not require files to infect
Let’s look at each in turn.
do not self-replicate
Worms, which are classified as viruses or malware, have the characteristic of self-replication. Therefore, there is a high possibility that the infection will spread to external computers as well. Trojan horses, on the other hand, generally do not replicate themselves. For this reason, Trojan horses are unique in that they do not spread from one infected computer to another.
Note that worms have caused large-scale infections in the past due to their ability to self-replicate. In this regard, because Trojan horses do not self-replicate, they have not caused large-scale infection. However, it is important to note that by not causing a large-scale infection, the infection is spread secretly and in a small way, so there is a high possibility that the infection will go unnoticed.
A characteristic of Trojan horses is that there is a high possibility that you will be infected and end up suffering damage before you know it.
Does not require files to infect
A Trojan horse has the characteristic that it functions as a standalone program. For example, just as viruses that infect people in the real world need the human body, viruses also need files to infect them. Trojan horses, on the other hand, function as standalone programs and do not require files to infect.
Trojan horse infection route
So far, we have provided an overview of Trojan horses. From here, we will explain the typical infection routes of Trojan horses.
- SNS
- Email/SMS
- Website
- download app
- cloud storage
Let’s look at each in turn.
SNS
Habbo, a popular American SNS, was targeted by a Trojan horse in 2008. It was designed to trick users into downloading illegal files under the guise of “become famous with Habbo,” and if they were entered to download, their computer key entry history would be leaked to the outside world. In fact, there have been cases where personal information has been leaked to external parties.
Email/SMS
Email and SMS are also possible infection routes for Trojan horses. An email is sent from the source of the Trojan horse attack, and if you open the email attachment, you will be infected. Please note that you may be infected simply by accessing the email, even if you do not open the email attachment. Therefore, it is important not to open emails from unknown senders carelessly.
The contents of the SMS Trojan horse are similar; a URL is sent to the SMS, and when the URL is clicked, the Trojan horse program is downloaded. This may cause damage such as leakage of personal information.
Website
The W Trojan horse targets vulnerable websites and alters information before downloading them. In particular, websites that have only created pages to acquire backlinks are likely to be targeted.
Additionally, frequently accessed websites and
owned media
are also likely to be targeted by Trojan horses.
download app
Google Play and the App Store conduct pre-listing screening to remove Trojan horses and other apps that are malicious to users. However, we are not able to completely review everything, including the source code within the app. Therefore, there is a risk of being infected by Trojan horses from apps in Google Play and the App Store.
Additionally, the majority of applications targeted as Trojan horses often appear to be useful applications for users. Examples include apps that help you manage your bank accounts and save energy.
To prevent infection from apps, be sure to check whether the developer is a trustworthy company or individual.
cloud storage
Cloud storage is often provided by reliable companies such as Dropbox and Google Drive. However, that doesn’t mean you can feel safe. This is because even if the cloud storage itself is safe, the files uploaded to the cloud storage may not be safe.
A third party may take over your cloud storage account and upload Trojan horse download files to the cloud storage files.
Trojan horse infection cases
Up to this point, we have explained the infection route of Trojan horses. From here, we will introduce cases of Trojan horse infection damage.
- bank deposit is gone
- Personal information is leaked
- Mass sending of spam emails
Let’s look at each in turn.
bank deposit is gone
There have been cases of people being infected with Trojan horses and losing their bank deposits. First, the Trojan horse infects the victim’s computer. The attacker or Trojan horse then silently monitors the computer and waits until the user accesses internet banking. After that, when accessed, personal information is extracted or the screen itself is tampered with to steal deposits from bank accounts.
Personal information is leaked
There have also been cases where computers have been infected with Trojan horses and personal information has been leaked without their knowledge. There are many sources of infection, including apps and websites, and when a Trojan horse is downloaded, personal information is leaked to external parties.
Mass sending of spam emails
If a bot-type Trojan horse is downloaded, the infected person’s computer is controlled by the attack source. As a result, they may be sending a large amount of spam email or attacking
servers
.
How to deal with Trojan horses
Finally, we will introduce methods to prevent Trojan horses.
- Use security software
- Don’t carelessly click on suspicious links
- Keep plugins and OS up to date
I will explain each in turn.
Use security software
Trojan horses can be detected by installing security software. There are also security software that eliminates (disinfects) detected Trojan horses. Additionally, there are cases in which double security software is installed on websites that are accessed frequently.
Don’t carelessly click on suspicious links
Avoid clicking on suspicious links that are suddenly sent to you via email or SMS. There have been cases where Trojan horses have been downloaded just by clicking, so it is best to avoid clicking carelessly.
Keep plugins and OS up to date
If
the plug-in
or OS version is outdated, there is a high possibility that Trojan horses will target vulnerabilities. Therefore, it is important to keep your plugins and OS up to date. Also, if you see or report a security hole, be sure to apply the security patch.
summary
In this article, we explained about Trojan horses. Trojan horses do not self-replicate or require files to infect. In addition, the infection routes are diverse, including websites, SNS, email, and SMS, so it is necessary to take measures such as using security software and not carelessly clicking on suspicious links.
Why not start by understanding what Trojan horses are and strengthen your security?