Trojans are programs that offer, or appears to offer, an attractive function or feature, but then quietly perform harmful actions in the background.
Named after the Trojan Horse of Greek legend, trojans are designed to appear attractive to a user. They may look like games, screensavers, application updates or any other useful program or file. Some trojans will mimic or even copy popular or well-known programs to appear more trustworthy. The aim of the deception is to lure the user into installing the trojan.
Once installed, trojans can also use ‘decoys’ to maintain the illusion that they are legitimate. For example, a trojan disguised as a screensaver application or a document file will display an image or a document. While the user is distracted by these decoys, the trojan can quietly perform other actions in the background.
Trojans will usually either make harmful changes to the device (such as deleting or encrypting files, or changing program settings) or steal confidential data stored on it. Trojans can be grouped by the actions they perform:
- Trojan-downloader: connects to a remote site to download and install other programs
- Trojan-dropper: contains one or more extra programs, which it installs
- Trojan-pws: Steals passwords stored on the device or entered into a web browser
- Banking-trojan: A specialized trojan-pws that specifically looks for usernames and passwords for online banking portals
- Trojan-spy: Monitors activity on the device and forwards the details to a remote site