stock-vector-trojan-computer-virus-alert-sign-vector-illustration-166548911

What is a Trojan?

A trojan is a type of malware that, unlike viruses and worms, does not self-replicate. Named after the mythological wooden horse used to sneak Greek warriors through the gates of Troy, trojans are often disguised as legitimate software in order to avoid detection or trick users into installing the trojan onto their system. Users can be exposed to trojans through numerous vectors, such as clicking on links or opening attachments in phishing emails, other forms of social engineering, malicious advertising (malvertisting), or by visiting compromised websites, known as drive-by downloads. Once a trojan executes, it often downloads other malware onto the system or provides an attacker with a backdoor to gain access and conduct further malicious activity, such as stealing, deleting, or modifying data.

Image Credit: Palantir

Objectives:

Trojans typically seek to perform one or more of the following activities:

  • Damage: Trojans can wreak havoc on a computer system by forcing it to slow down or completely crash, corrupting data, reformatting discs, or encrypting data (see ransomware).
  • Control: Trojans used to enlist a computer or server into a botnet.
  • Spying: Trojans are used to access files, log keystrokes, watch the user’s screen, access and enable the webcam or microphone.
  • Theft: Trojans are used to steal personal, medical, or financial information that is then sold on the dark web or used to commit identity theft or fraud. Attackers can also use compromised financial information to transfer funds electronically.
  • Ransom: Trojans can serve as ransomware, encrypting files or locking down a system until a ransom is paid by the victim.

How Do Trojans Work?

  1. Installation: A trojan is typically introduced onto a system after a user-initiated action, either through social engineering, web-browsing, or use of file-sharing or peer-to-peer networks.
  2. Command and Control: Once a victim unknowingly allows a trojan onto their machine, it connects to the malicious server to receive instructions from the attacker.
  3. Download: Trojans will often load additional malware onto the compromised system, such as keyloggers, remote administration tools, or ransomware.
  4. Objective: Once the attacker has installed the right tools or established the access they need, they can copy, delete, and modify data, cause damage to the compromised device, or maintain control over the system for other malicious purposes.

Known trojan Variants

The below list is not exhaustive and is meant to provide an overview of the most prevalent trojans impacting world victims. This page is updated regularly with new information.

Adwind

AthenaGo

Bachosens

Baijiu

Bayrob

Bedep

Beta Bot

BlackEnergy

Blackmoon

Bolek

Carberp

Carbon

Cardinal

CertLock

China Chopper

Citadel

Cobian

Corebot

CowerSnail

DarkComet

Delilah

DevilRobber

Dimnie

DNSMessenger

Dok

Dreambot

Dridex

DroidJack

DualToy

Dyre

Emotet

Fareit

 

Fireball

Fleercivet

Floki Bot

Gatak

Gazer

GCat

GM Bot

GovRAT

HawkEye

GootKit

Gozi

GozNym

Hancitor

H-W0rm

Infy

Irc

Kazuar

KHRAT

Komplex

Konni

Kovter

Kronos

Kryptik

Linux.DDoS.93

Lost Door RAT

LuaBot

LuminosityLink

Lurk

MacSpy

Magala

Mangit

Matrix Banker

 

 

 

 

Micropsia

Mirai

MM Core

MoonWind

MulDrop

NanoCore

Nemucod

NetWire RAT

Neverquest

NJRat

Nymaim

OceanLotus

Odinaff

OmniRAT

Ovidiy Stealer

Padodor

Panda Banker

Petya

PlugX

PNscan

Poison Ivy

Powmet

Proxy

Pony

Poweliks

PowerDuke

Proton

Pupy

Qadars

QBot

Quimitchin

 

 

 

RATAttack

Retefe

Ramnit

REMCOS

Rex

ROKRAT

Sakula

Sathurbot

Scylex

Seaduke

Shakti

Shifu

Skipper

SlemBunk

Slicer

Spy-Agent

SpyNote

Stantinko

StoneDrill

Sysscan

Taidoor

Ticno

Tinba

TrickBot

Trochilus

Wali

Windows Mirai

Winnti

X-Agent

ZBot/Zeus

ZeroT

Defending against Trojans

Following basic best practices will decrease your chances of being compromised by a trojan:

  • Use a reputable antivirus program and set to update automatically
  • Run antivirus scans as frequent as possible
  • Ensure your firewall is enabled
  • Only download software and files from legitimate sources
  • Scan all files and programs before installing them
  • Update your operating system and all software as soon as updates become available
  • Require administrative permission to install new apps and programs
  • Never open email attachments or links in suspicious emails
  • Avoid clicking online ads or pop-ups
  • Avoid illegitimate or suspicious websites and file-sharing services

REPORTING

If your organization is the victim of a trojan attack, or would like to learn more about the NJCCIC, please contact a Cyber Security Expert at john@john.ng.


Comments

comments

SHARE
Previous articleGoogle Dorks – Google Hacking – Manipulating Google search strings
Next articleoptimizing images for search engines
John Onyejegbu

John Loves to code!!! He loves engaging in challenging tasks, identifying problems in our society and using technology to solve those problems!!!
I am a strong software developer with an extensive background in all part of the software development lifecycle. My unique career has given me Experience in not only development, but project management, database design and management, software testing, quality assurance, and disaster recovery planning.