A Trojan horse virus is a phrase used to illustrate malware software that seems to execute a useful system process but, in reality, it serves illegal entry into the user’s computer system. In short, it makes the user believe that it is a legitimate computer application while, in the background, it helps the hacker to spy and steal valuable user information. A Trojan Horse virus functions by hiding inside an apparently useful software. The virus will begin infecting other files on execution of the infected software. Trojan horses do not reproduce themselves which differentiates them from other computers viruses and worms. Moreover, the Trojan horses should continuously communicate with their originator in order to accomplish their malicious task.
The term was phrased from the Trojan Horse tale in Greek myths. History says that King Odysseus constructed a Trojan Horse as a present to the city of Troy to symbolize Greek’s defeat. The ‘present’ was left outside the Troy gates when the Greeks withdrew their army. The Trojan Horse had more than 40 warriors concealed inside. When the ‘present’ was taken inside the city of Troy, the hidden warriors sneaked out and unlocked the Troy gates for other Greek warriors who barged in to attack the surprised city.
Working
Trojan horses are modeled to permit its originator remote secret entry into a target computer system. The originator can access the target computer remotely and execute different tasks on installation. The tasks that an originator can execute are restricted by set privileges on the target computer and the complexity of the Trojan horse. The originator can use the target computer as part of a Botnet (to carry out Distributed Denial-of-service (DDoS) attacks), steal data (bank details, personal information, passwords, etc), install other harmful applications, download/upload/delete dangerous files, record your keyboard strokes, examine the user’s screen in real-time, or destroy the internal memory.
There are numerous types of Trojan Horses; like Remote Access Trojans (RATs), Backdoor Trojans (backdoors), IRC Trojans (IRCbots), and keylogging Trojans. Several smart, complex Trojans include multiple types – a Trojan may install both a keylogger and a backdoor.
Recovery
An immediate action should be taken when your computer is infected with a Trojan Horse (your computer is showing signs of bizarre activities). If you identify which malicious program has infected your computer, you can download one of several available removal tools. Nonetheless, it is doubtful that you will not be able to recognize the malicious program. However, the below given measures, if applied, may constrain the damage.
1. Disconnect the computer from the Internet – Hacker may have access to confidential data and may even be using your computer to target new computers. The best measure is to turn off your Internet connection by manually disconnecting the broadband cable or telephone line or disabling the network connection.
2. Backup critical files and documents – It is advisable to accumulate all the critical documents and burn them onto a CD/DVD or save them to an external storage device. The backed up copy could also be infected, hence taking a regular backup is crucial.
3. Scan the computer – It is suitable to scan the computer from a live CD rather than an earlier installed antivirus program. An additional choice is to use an online virus scan to scan the computer.
4. Reinstall the operating system – If the preceding measures have failed to protect the computer, the very last choice is to format the hard drive and reinstall the operating system. However, this remedy will also result in the loss of all programs and files, but it is the only way to guarantee that the computer is uninfected. It is very important that you also reinstall your antivirus software and deploy any patches that may be available.
5. Consult an IT professional or computer expert – Consult a computer expert in case the infection is not controllable or curable.
Prevention Measures
To avoid potential Trojan Horse infections, you should implement the following safety measures:
- Avoid opening unwanted, illegitimate or doubtful attachments in email messages
- Do not follow unwanted or suspicious web links
- Always keep your antivirus software updated
- Make use of a powerful Internet firewall
- Use a secure, reliable and trusted web browser
- Keep the firewall and antivirus programs patched with latest available patches