What is a Trojan horse virus? Detection, examples, and remedies.

2020-06-01 - 8 min read

A Trojan horse virus steals your sensitive data, deploys malware, and can crash your entire system. It’s so insidious it implants itself innocently in what appears to be a normal file. Here's how to tell if your downloads are harboring a secret trojan designed to wreak havoc on your device.

What is a Trojan horse virus?

Nicknamed after the wooden horse used by ancient Greeks to sneak soldiers into the city of Troy, the Trojan horse virus hides in a regular download file. For example, a user may download an email attachment, and unwittingly transfer the trojan into their system. From banker trojans to remote access trojans – each Trojan horse is stealthily designed to perform different crimes. Still, their chief goals are to take control of your device, weaken your system or network, and ultimately steal your information.

Types of Trojan horse viruses

Downloader trojan

After this trojan infects your computer, it rapidly multiplies itself, downloading and installing new versions of trojans and malware onto your system.

Backdoor trojan

This sneaky trojan creates a backdoor on your computer for an attacker to access and control your device. The aim is to steal your data or install more malware onto your device to weaken your system security even more.

Mailfinder trojan

This mail crunching trojan scours your device, hunting for email addresses you've stored on your device.

DDoS attack trojan

The distributed denial of service trojan crashes your network by flooding it with traffic from infected computers.

Game-thief trojan

The sore-losers’ favorite, this trojan seeks to steal the account information of online gamers.

Banker trojan

Hungry for numbers, the banker trojan is programmed to find and steal anything financial that you do online – including banking and credit card information.

SMS trojan

This trojan infects your phone, sending and intercepting text messages. A favored tactic is to text premium-rate numbers to skyrocket your phone bill.

Infostealer trojan

This general information-stealing trojan is not fussy. It'll infect and then scan your entire device for any information it can get its grubby hands on.

Ransom trojan

This trojan blocks or impairs your computer from functioning and then demands a ransom to undo it.

Examples of a Trojan horse attack

The suspicious email

Imagine that you receive an email that includes a message from 'Jessica.' You don't know Jessica, but the subject line reads: 'Urgent - I need to speak to you.' You decide to open the message only to find a hyperlink. You click on the hyperlink and, whether it's curiosity or panic that got a hold of you, you've now unintentionally installed a Trojan horse onto your device.

The money-grabbing miner

Banking trojans like Rakhni have been causing chaos as early as 2013. Rakhni delivers a cryptojacker that lets criminals use your device to mine for cryptocurrency before spreading to other computers on the network. Once your device is infected with the trojan, the malware looks for folders associated with bitcoin and then runs a piece of ransomware that encrypts and essentially freezes your files. The attacker then demands a ransom payment within three days.

For context, it's worth noting that in 2014, Tokyo-based MtGox exchange was closed after 850,000 bitcoins (worth half a billion US dollars at the time) disappeared from its virtual vaults. Last year, Binance confirmed the theft of $40 million in cryptocurrency from a single bitcoin hot wallet.

How to detect a Trojan horse virus

Attackers will go to great lengths to deploy the perfect social engineering scam to get you to install the Trojan horse virus onto your system. It may start as a malicious attachment in an innocent-looking email, or your machine may already have weak points that a hacker will exploit for entry.

Generally speaking, a trojan will cause your entire device to malfunction and go haywire. Here are some symptoms of a Trojan horse virus to look out for:

  • The desktop screen has changed, and your taskbar has vanished.

Changes to your computer's graphics are always a tell-tale sign of infection. Stay alert for random changes to your wallpaper, program icons, and desktop apps. Take notice if the screen color or resolution has changed; sometimes the entire screen will turn upside down and malfunction for no reason at all. A Trojan horse infection will also cause your taskbar to vanish altogether.

  • Your antivirus software becomes disabled.

A Trojan horse virus can disable your antivirus software and restrict access to it. That makes it harder for you to defend yourself against the trojan, which is already eating through your system.

  • Pop-ups keep popping up

If there are suddenly lots of annoying pop-up adverts, you can pretty much assume that you have some type of malware infection. The reason you're getting these is that they're loaded with malware. If you accidentally click on them, they could download even more malicious malware onto your device.

What to do if you get a Trojan horse virus

  1. Identify the trojan

    If you're vigilant enough to recognize the specific file infected with the trojan, you can quickly identify it. Your system may give you a DDL error, which is almost always associated with a trojan attack. You can then copy the error and find out about the affected .exe file online.

  2. Disable system restore

    Assuming you delete the infected files, you'll want to disable system restore, or the deleted files will automatically get restored.

  3. Restart your device in safe mode

    When you restart, press F8 and select safe mode to start your computer. Safe mode stops any third-party apps from running, and that includes malware. You can then open your application manager and delete infected apps or disable the procedures associated with the trojan virus.

Easy steps for prevention

  1. Never open an attachment in an email from someone you don’t know. If the subject reads: ‘bill overdue’ or ‘urgent action required’, and you recognize the sender – call them directly to confirm their identity.

  2. Install a Trojan antivirus on your computer, it’ll give you extra Trojan and phishing protection by scanning your email and incoming downloads. It will also block any malicious programs from accessing your crucial data.

  3. Keep all software and apps on your device up to date with the latest security patches.

  4. Avoid unofficial marketplaces for software, apps and media. Free versions of programs or the latest movies can be loaded with malware and adware. Instead, stick to paying or downloading from trusted sources like iTunes, Amazon and the Android store.

Chad Hammond
Chad Hammond
Verified author
Chad loves traveling and technology. His global view and open-mindedness add interesting angles to various security topics. He has already traveled to over 80 countries and is not planning to stop any time soon.
Subscribe to NordPass news