What Is a Trojan Horse? Trojan Virus and Malware Explained | Fortinet (2023)

Download EBook - Use AI to Detect Malware

What Is a Trojan Horse Virus?

A Trojan Horse Virus is a type of malware that downloads onto a computer disguised as a legitimate program. The delivery method typically sees an attacker use social engineering to hide malicious code within legitimate software to try and gain users' system access with their software.

A simple way to answer the question "what is Trojan" is it is a type of malware that typically gets hidden as an attachment in an email or a free-to-download file, then transfers onto the user’s device. Once downloaded, the malicious code will execute the task the attacker designed it for, such as gain backdoor access to corporate systems, spy on users’ online activity, or steal sensitive data.

Indications of a Trojan being active on a device include unusual activity such as computer settings being changed unexpectedly.

(Video) What is a Trojan Horse and How Does It Work?

History of the Trojan Horse

The original story of the Trojan horse can be found in the Aeneid by Virgil and the Odyssey by Homer. In the story, the enemies of the city of Troy were able to get inside the city gates using a horse they pretended was a gift. The soldiers hid inside the huge wooden horse and once inside, they climbed out and let the other soldiers in.

There are a few elements of the story that make the term “Trojan horse” an appropriate name for these types of cyber attacks:

  • The Trojan horse was a unique solution to the target’s defenses. In the original story, the attackers had laid siege to the city for 10 years and hadn’t succeeded in defeating it. The Trojan horse gave them the access they had been wanting for a decade. A Trojan virus, similarly, can be a good way to get behind an otherwise tight set of defenses.
  • The Trojan horse appeared to be a legitimate gift. In a similar vein, a Trojan virus looks like legitimate software.
  • The soldiers in the Trojan horse controlled the city’s defense system. With a Trojan virus, the malware takes control of your computer, potentially leaving it vulnerable to other “invaders.”

What Is a Trojan Horse? Trojan Virus and Malware Explained | Fortinet (1)

How Do Trojans Work?

Unlike computer viruses, aTrojan horsecannot manifest by itself, so it needs a user to download the server side of the application for it to work. This means the executable (.exe) file should be implemented and the program installed for the Trojan to attack a device’s system.

A Trojan virus spreads through legitimate-looking emails and files attached to emails, which are spammed to reach the inboxes of as many people as possible. When the email is opened and the malicious attachment is downloaded, the Trojan server will install and automatically run every time the infected device is turned on.

Devices can also be infected by a Trojan through social engineering tactics, which cyber criminals use to coerce users into downloading a malicious application. The malicious file could be hidden in banner advertisements, pop-up advertisements, or links on websites.

A computer infected by Trojan malware can also spread it to other computers. A cyber criminal turns the device into a zombie computer, which means they have remote control of it without the user knowing. Hackers can then use the zombie computer to continue sharing malware across a network of devices, known as a botnet.

For example, a user might receive an email from someone they know, which includes an attachment that also looks legitimate. However, the attachment contains malicious code that executes and installs the Trojan on their device. The user often will not know anything untoward has occurred, as their computer may continue to work normally with no signs of it having been infected.

(Video) What is a Trojan Horse Virus?

The malware will reside undetected until the user takes a certain action, such as visiting a certain website or banking app. This will activate the malicious code, and the Trojan will carry out the hacker’s desired action. Depending on the type of Trojan and how it was created, the malware may delete itself, return to being dormant, or remain active on the device.

Trojans can also attack and infect smartphones and tablets using a strand of mobile malware. This could occur through the attacker redirecting traffic to a device connected to a Wi-Fi network and then using it to launch cyberattacks.

Most Common Types of Trojan Malware

There are many types ofTrojan horse virusesthat cyber criminals use to carry out different actions and different attack methods. The most common types of Trojan used include:

  1. Backdoor Trojan:A backdoor Trojan enables an attacker to gain remote access to a computer and take control of it using a backdoor. This enables the malicious actor to do whatever they want on the device, such as deleting files, rebooting the computer, stealing data, or uploading malware. A backdoor Trojan is frequently used to create a botnet through a network of zombie computers.
  2. Banker Trojan:A banker Trojan is designed to target users’ banking accounts and financial information. It attempts to steal account data for credit and debit cards, e-payment systems, and online banking systems.
  3. Distributed denial-of-service (DDoS) Trojan:These Trojan programs carry out attacks that overload a network with traffic. It will send multiple requests from a computer or a group of computers to overwhelm a target web address and cause a denial of service.
  4. Downloader Trojan:A downloader Trojan targets a computer that has already been infected by malware, then downloads and installs more malicious programs to it. This could be additional Trojans or other types of malware like adware.
  5. Exploit Trojan:An exploit malware program contains code or data that takes advantage of specific vulnerabilities within an application or computer system. The cyber criminal will target users through a method like a phishing attack, then use the code in the program to exploit a known vulnerability.
  6. Fake antivirus Trojan:A fake antivirus Trojan simulates the actions of legitimate antivirus software. The Trojan is designed to detect and remove threats like a regular antivirus program, then extort money from users for removing threats that may be nonexistent.
  7. Game-thief Trojan:A game-thief Trojan is specifically designed to steal user account information from people playing online games.
  8. Instant messaging (IM) Trojan:This type of Trojan targets IM services to steal users’ logins and passwords. It targets popular messaging platforms such as AOL Instant Messenger, ICQ, MSN Messenger, Skype, and Yahoo Pager.
  9. Infostealer Trojan:This malware can either be used to install Trojans or prevent the user from detecting the existence of a malicious program. The components of infostealer Trojans can make it difficult for antivirus systems to discover them in scans.
  10. Mailfinder Trojan:A mailfinder Trojan aims to harvest and steal email addresses that have been stored on a computer.
  11. Ransom Trojan:Ransom Trojans seek to impair a computer’s performance or block data on the device so that the user can no longer access or use it. The attacker will then hold the user or organization ransom until they pay a ransom fee to undo the device damage or unlock the affected data.
  12. Remote access Trojan:Similar to a backdoor Trojan, this strand of malware gives the attacker full control of a user’s computer. The cyber criminal maintains access to the device through a remote network connection, which they use to steal information or spy on a user.
  13. Rootkit Trojan:A rootkit is a type of malware that conceals itself on a user’s computer. Its purpose is to stop malicious programs from being detected, which enables malware to remain active on an infected computer for a longer period.
  14. Short message service (SMS) Trojan:An SMS Trojan infects mobile devices and is capable of sending and intercepting text messages. This includes sending messages to premium-rate phone numbers, which increases the costs on a user’s phone bill.
  15. Spy Trojan:Spy Trojans are designed to sit on a user’s computer and spy on their activity. This includes logging their keyboard actions, taking screenshots, accessing the applications they use, and tracking login data.
  16. SUNBURST: The SUNBURST trojan virus was released on numerous SolarWinds Orion Platform. Victims were compromised by trojanized versions of a legitimateSolarWinds digitally signed file named: SolarWinds.Orion.Core.BusinessLayer.dll. The trojanized file is a backdoor. Once on a target machine, it remains dormant for a two-week period and will then retrieve commands that allow it to transfer, execute, perform reconnaissance, reboot and halt system services. Communication occurs over http to predetermined URI's.

How To Recognize a Trojan Virus

A Trojan horse virus can often remain on a device for months without the user knowing their computer has been infected. However, telltale signs of the presence of a Trojan include computer settings suddenly changing, a loss in computer performance, or unusual activity taking place. The best way to recognize a Trojan is to search a device using a Trojan scanner or malware-removal software.

How To Protect Yourself from Trojan Viruses

A Trojan horse virus can often remain on a device for months without the user knowing their computer has been infected. However, telltale signs of the presence of a Trojan include computer settings suddenly changing, a loss in computer performance, or unusual activity taking place. The best way to recognize a Trojan is to search a device using a Trojan scanner or malware-removal software.

(Video) Malware: Difference Between Computer Viruses, Worms and Trojans

Examples of Trojan Horse Virus Attacks

Trojan attacks have been responsible for causing major damage by infecting computers and stealing user data. Well-known examples of Trojans include:

  1. Rakhni Trojan:The Rakhni Trojan delivers ransomware or a cryptojacker tool—which enables an attacker to use a device to mine cryptocurrency—to infect devices.
  2. Tiny Banker:Tiny Banker enables hackers to steal users’ financial details. It was discovered when it infected at least 20 U.S. banks.
  3. Zeus or Zbot:Zeus is a toolkit that targets financial services and enables hackers to build their own Trojan malware. The source code uses techniques like form grabbing and keystroke logging to steal user credentials and financial details.

How Fortinet Can Help

TheFortinet antivirus services. leverage the power of the FortiGuard Labs Global Threat Intelligence system. In the span of a minute, FortiGuard eliminates, on average, 95,000malwareprograms. FortiGuard does this by incorporating knowledge of the different types of viruseswithin the global threat landscape. Countermeasures are engineered to neutralize each type of threat, and then they are automatically enacted by FortiGuard, thereby protecting the networks under the FortiGuard umbrella.

The FortiGuard antivirus protection system comes with FortiGate, FortiSandbox, FortiMail, FortiWeb, FortiCache, and FortiClient.

Quick Links

Free Product DemoExplore key features and capabilities, and experience user interfaces.
Resource CenterDownload from a wide range of educational material and documents.
Free TrialsTest our products and solutions.
Contact SalesHave a question? We're here to help.
(Video) What are Trojan virus?


What is virus malware and Trojan horse? ›

Malware is designed to cause damage to a stand-alone computer or a networked pc. So wherever a malware term is used it means a program which is designed to damage your computer it may be a virus, worm or Trojan. Virus. Virus is a program written to enter to your computer and damage/alter your files/data.

What is Trojan very short answer? ›

A Trojan, or Trojan horse, is a type of malware that conceals its true content to fool a user into thinking it's a harmless file. Like the wooden horse used to sack Troy, the "payload" carried by a Trojan is unknown to the user, but it can act as a delivery vehicle for a variety of threats.

What is the difference between a virus and Trojan horse malware? ›

1. A Virus is a malicious executable code attached to another executable file which can be harmless or can modify or delete data. Trojan Horse is a form of malware that capture some important information about a computer system or a computer network.

What is Trojan horse malware example? ›

Here is one example of how a Trojan horse might be used to infect a personal computer: The victim receives an official-looking email with an attachment. The attachment contains malicious code that is executed as soon as the victim clicks on the attachment.

What is Trojan horse virus in simple words? ›

A Trojan Horse (Trojan) is a type of malware that disguises itself as legitimate code or software. Once inside the network, attackers are able to carry out any action that a legitimate user could perform, such as exporting files, modifying data, deleting files or otherwise altering the contents of the device.

What is malware vs virus? ›

Malware is a catch-all term for any type of malicious software, regardless of how it works, its intent, or how it's distributed. A virus is a specific type of malware that self-replicates by inserting its code into other programs.

What does a Trojan actually do? ›

That said, most Trojans are designed to take control of a user's computer, steal data, spy on users, or insert more malware on to a victim's computer. Here are some common threats that come from Trojan attacks: Backdoors, which create remote access to your system.

Is the best description of Trojan horse malware? ›

The best description of Trojan horse malware, and what distinguishes it from viruses and worms, is that it appears as useful software but hides malicious code. Trojan horse malware may cause annoying computer problems, but can also cause fatal problems.

How does a Trojan horse virus infect a computer? ›

A common type of malware, a Trojan resembles a reputable, trusted application or file that convinces the user it is safe to download onto computers or laptops. When the user downloads and executes the malicious software onto a device, the malware contained within is activated.

Why Trojan horse is virus? ›

A Trojan horse is not a virus. It is a destructive program that looks as a genuine application. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive.

What is malware in simple words? ›

Malware (short for “malicious software”) is a file or code, typically delivered over a network, that infects, explores, steals or conducts virtually any behavior an attacker wants. And because malware comes in so many variants, there are numerous methods to infect computer systems.

What is malware example? ›

Malware, or malicious software, is any program or file that is intentionally harmful to a computer, network or server. Types of malware include computer viruses, worms, Trojan horses, ransomware and spyware.

Where did Trojan virus come from? ›

Called ANIMAL, the first Trojan (although there is some debate as to whether this was a Trojan, or simply another virus) was developed by computer programmer John Walker in 1975, according to Fourmilab.

Who created the Trojan horse virus? ›

Called ANIMAL, the first Trojan (although there is some debate as to whether this was a Trojan, or simply another virus) was developed by computer programmer John Walker in 1975, according to Fourmilab.

What are the effects of Trojan horse virus? ›

A Trojan is a type of virus that can have highly destructive effects: from deleting files to destroying all the contents of the hard disk. Trojans can also capture and resend confidential data to an external address or open communication ports, allowing an intruder to control the infected computer remotely.

Can a Trojan horse steal passwords? ›

There are a variety of types of Trojans, many of which can launch sophisticated and clever attacks. Here are some types to be aware of: Password-stealing Trojans—These look for saved passwords on your computer and email them to the hackers. Some can even steal passwords cached in your browser history.

What is difference between virus worm and Trojan horse? ›

Viruses use executable files to spread. Worms take use of system flaws to carry out their attacks. Trojan horse is a type of malware that runs through a program and is interpreted as utility software.

Can I delete Trojan horse virus? ›

Can Trojan viruses be removed? Trojan viruses can be removed in various ways. If you know which software contains the malware, you can simply uninstall it. However, the most effective way to remove all traces of a Trojan virus is to install antivirus software capable of detecting and removing Trojans.

Is virus and Trojan the same? ›

A virus is a program that spreads by attaching itself to other software, while a trojan spreads by pretending to be useful software or content. Many experts consider spyware programs, which track user activity and send logs or data back to the attacker, as a type of trojan.

How do I know if I have a Trojan virus on my iPhone? ›

The best way to know if your iPhone has a virus is to check for the following signs: unfamiliar or crashing apps, lots of Safari pop-ups, unusual charges or data usage, a rapidly draining battery, or a consistently hot phone.

Where does Trojan horse virus come from? ›

Many users install trojans from file-sharing websites and fake email attachments. You can also get attacked from spoofed chat messages, infected websites, hacked networks and more.

Can a Trojan virus control your computer? ›

That said, most Trojans are designed to take control of a user's computer, steal data, spy on users, or insert more malware on to a victim's computer. Here are some common threats that come from Trojan attacks: Backdoors, which create remote access to your system.

How do I know if I have a Trojan virus? ›

A common symptom of Trojan infection is the sudden appearance of apps you don't recall downloading or installing. If you notice an unfamiliar app from an unverified developer in your Windows Task Manager, there's a good chance that it is malicious software installed by a Trojan.

Can you get a Trojan horse virus on your phone? ›

What kind of malware can a phone get? Usually, smartphones get infected with adware, spyware, trojan horses, ransomware, and worms.

Is Trojan always a virus? ›

A Trojan is sometimes called a Trojan virus or a Trojan horse virus, but that's a misnomer. Viruses can execute and replicate themselves. A Trojan cannot.

What happens when you get a Trojan virus? ›

Trojans work by masquerading as legitimate files, with the goal of tricking victims into clicking, opening, or installing them. Once this happens, the Trojan begins installing malware on your device, spying on you, or causing other types of harm.


1. Trojan horse in cyber security | trojan in cyber security | Lecture 30
(Simply Made)
2. Security Awareness Video: Trojan Horse
(Kaduu - Cyber Security and Dark Web Monitoring)
3. Difference Between Viruses, Worms and Trojans
4. Trojan Horse Virus Ki Kahani? Greek Story Of Trojan War.
(The Fives)
5. Different Types of Malware Explained | How does Anti-malware Detects them?
6. How A Trojan horse Virus Works
(Brian Williamson-Multimedia Designer)
Top Articles
Latest Posts
Article information

Author: Frankie Dare

Last Updated: 11/22/2022

Views: 5839

Rating: 4.2 / 5 (73 voted)

Reviews: 80% of readers found this page helpful

Author information

Name: Frankie Dare

Birthday: 2000-01-27

Address: Suite 313 45115 Caridad Freeway, Port Barabaraville, MS 66713

Phone: +3769542039359

Job: Sales Manager

Hobby: Baton twirling, Stand-up comedy, Leather crafting, Rugby, tabletop games, Jigsaw puzzles, Air sports

Introduction: My name is Frankie Dare, I am a funny, beautiful, proud, fair, pleasant, cheerful, enthusiastic person who loves writing and wants to share my knowledge and understanding with you.