A Trojan horse is a destructive program that masquerades as a benign application.
Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. One of the most insidious types of Trojan horse is a program that claims to rid your computer of viruses but instead introduces viruses into your system.
The term comes from the Greek myth of the Trojan War, in which the Greeks give a giant wooden horse to their foes, the Trojans, ostensibly as a peace offering. But after the Trojans drag the horse inside their city walls, Greek soldiers sneak out of the horse's hollow belly and open the city gates, allowing their compatriots to pour in and capture Troy.
Trojan horses are broken down into categories based on how they breach systems and the damage they cause.
The seven main types of Trojan horses are:
Remote Access Trojans
Abbreviated as RATs, a Remote Access Trojan is designed to provide the attacker with complete control of the victim's system. Attackers usually hide these Trojan horses in games and other small programs that unsuspecting users then execute on their PCs.
Data Sending Trojans
This type of Trojan horses is designed to provide the attacker with sensitive data such as passwords, credit card information, log files, e-mail address or IM contact lists. These Trojans can look for specific pre-defined data (e.g., just credit card information or passwords), or they install a keylogger and send all recorded keystrokes back to the attacker
This Trojan horse is designed to destroy and delete files, and it’s more like a virus than any other Trojan. It can often go undetected by anti virus software.
This kind of Trojan horses is designed to use the victim's computer as a proxy server. This lets the attacker do anything from your computer, including credit card fraud and other illegal activities and even use your system to launch malicious attacks against other networks.
This Trojan horse opens port 21 (the port for FTP transfer) and lets the attacker connect to your computer using File Transfer Protocol (FTP).
Security software disabler Trojans
This nasty Trojan horse stops or kills computer security software such as antivirus programs or firewalls without the user knowing. It’s usually combined with another type of Trojan as a “payload”.
Denial-of-service attack (DoS) Trojans
A DoS Trojans is a type of attack that brings a network to its knees by flooding it with useless traffic. Many DoS attacks, such as the Ping of Death and Teardrop attacks, exploit limitations in the TCP/IP protocols. For all known DoS attacks, there are software fixes that system administrators can install to limit the damage caused by the attacks. But, like viruses, new DoS attacks are constantly dreamed up by hackers.
Quarterly reports confirm the high amounts of infections spreading across machines worldwide. It is a fact that the numbers of new threats are significantly increasing and submissions are up with 15% compared to the last quarter of 2010.
Trojans are known as the most widely spread infection type across computer systems accounting for approximately 70% of all detected malware, followed by traditional viruses and worms.
Although the number of new Trojans is increasing rapidly, not all Trojan types have followed the same trend. While rogue antiviruses (software posing as a legitimate antivirus with the purpose of extorting users in paying for the removal of false infections) have been slowly decreasing, downloader Trojans are becoming more popular due to their small print left on targeted machines. Once a downloader infects a computer system, it starts downloading additional infections.
Country reports show that China still holds the first place with infection rates of approximately 65% of which more than 75% are Trojans, closely followed by Thailand, Japan, Russia and Turkey as shown in the graph below.