Malware is malicious software that attacks the victim’s computer system without his knowledge. This broad definition of malware includes different types of malicious software such as ransomware, Trojan, spyware, etc. Many severe malware attacks end in mainstream news coverage and major reputational and financial loss. According to Verizon’s 2018 Breach Investigations report, 92% of malware is delivered by email. 
Malware is used by cybercriminals and is backed by popular objectives such as –
Stealing personal information such as bank account login credentials, credit card details, intellectual properties, etc. This objective of cybercriminals is termed as “identity theft” where they use the stolen data to impersonate or for money laundering.
Another objective is the extortion of money, which is achieved by encrypting user data by denying access. They often demand money to decrypt the data stolen.
In both cases, the malware could result in severe financial loss to the individual or to an enterprise.
Trojans are programs that perform a malicious activity, often found in the form of attachments, downloads, and fake programs.
Trojans are usually mistaken as a virus or a worm, whereas it is neither. A virus is infectious, it attaches itself to another program, self-replicates, and spreads. A worm is similar to a virus but it does not attach to other programs to spread.
On the other hand, a Trojan is a standalone malware or in simpler terms, a tool used to perform various outside activities like communicating with the cybercriminal, opening the system to attack, etc. Trojans are a type of delivery strategy that cybercriminals use to deliver a large number of threats to a system.
History of Trojans – Few Case Studies
The world’s first Trojan was discovered in a game called ‘Animal’ in the year 1975. Though it was a simple game, behind the scenes, the game could spread on the entire network by being copied in the shared directories so that others can also access it. It was created with no malicious intention.
The next Trojan called ‘AIDS’ was discovered in 1989, which is the first known ransomware attack. The AIDS Trojan would encrypt all filenames on the system, remain dormant for 90 boot cycles, and display a notice demanding that the user pays $189 to a post office box in Panama.
In 2000, a destructive Trojan called ‘I Love You’ was identified which almost resulted in a loss of $8.7 billion. This Trojan spread as an attachment that comes with an email and upon opening the program would launch a script that overwrites their files and send itself to other contacts in the list as an email.
During the 2000s, Trojan attacks continued to evolve and took leverage of illegal downloading, hidden malware as movies, music files, video files, etc. In 2002, ‘Beast’ emerged as a Windows-based backdoor Trojan horse. This Trojan could infect all versions of Windows. In 2006, the first malware Trojan for Mac OS X, OSX/Leap-A or OSX/Oompa-A was announced.
The rise in Bitcoin currency during 2010 led to the rise in ransomware attacks. In 2013, a Trojan called ‘Cryptolocker Trojan Horse’ was identified. This Trojan encrypted files on the computer and then demands a ransom payment in exchange of decryption key.
Also, in 2010, a worm Trojan which was designed to target Iranian nuclear facilities was detected. This worm Trojan, ‘Tiny Banker Trojan’ (Tinba), made the news in 2016 for infecting more than 25 banking institutions in the U.S. including Bank of America, HSBC, PNC, Wells Fargo, etc. A similar type of banking Trojan, ‘Emotet Trojan’, was also identified in 2018. 
Removing a Trojan
The easiest way to locate and remove a Trojan is to clean your system and restore it to a healthier state using an automated good quality anti-malware tool. This tool scans the system for hidden Trojans. There are many anti-malware programs available in the market which can be used for scanning. If you suspect the existence of a Trojan in your system, immediately disconnect it from other systems or the server on the backend. This isolates the Trojan and restricts the scope of it spreading to other systems.
Preventing a Trojan
Trojans can make space in our computer systems by fooling us and therefore being vigilant and implying hygiene security is the foremost key to preventing them. Here are a few measures to prevent Trojans from entering your system:
- Avoid downloading free programs from unauthorized mirror servers and instead download them from the producer’s site.
- Allow the real extensions in the Windows to be visible. This is to avoid selecting any infected icon.
- Install anti-malware in your system irrespective of your OS.
- Avoid accessing unsafe or suspicious websites.
- Use complicated or unpredictable passwords.
- Update security vulnerabilities whenever available.
- Allow automatic update of your operating system software with the latest security updates.
- Always have a firewall on the front-side.
- Do not open any unfamiliar or unverified links or documents in the email.
Trojans are losing their significance thanks to ransomware and fileless malware which are much advanced than traditional malware. In our next series, we shall be talking about Spyware, considered to be the most notorious malware for its ability to access information in a system covertly!
|Are you a cyber enthusiast scouring the net for other similar pieces of information? Why not begin your journey in cybersecurity by joining our degree programs – Bachelor of Science in Cyber Security (BSCS) and Master of Science in Cyber Security (MSCS). A degree in cybersecurity will help create a stronger foundation to your career. Read our other blog to know “5 Reasons that underscore why a cybersecurity degree is worth the effort”.|
Sources: https://enterprise.verizon.com/resources/reports/dbir/  https://www.malwarebytes.com/Trojan/