A Trojan horse, or Trojan, is software that appears to perform a desirable function for the user prior to run or install, but (perhaps in addition to the expected function) steals information or harms the system. The term is derived from the Trojan Horse

Trojan Horse

The Trojan Horse is a tale from the Trojan War about the stratagem that allowed the Greeks finally to enter the city of Troy and end the conflict. In the canonical version, after a fruitless 10-year siege, the Greeks constructed a huge wooden horse, and hid a select force of men inside...

 story in Greek mythology

Greek mythology

Greek mythology is the body of myths and legends belonging to the ancient Greeks, concerning their gods and heroes, the nature of the world, and the origins and significance of their own cult and ritual practices. They were a part of religion in ancient Greece...

.

Malware

A destructive program that masquerades as a benign application. Unlike viruses, Trojan horses do not replicate themselves, but they can be just as destructive. One of the most insidious types of Trojan horse is a program that claims to get rid of viruses but instead introduces viruses onto the computer.

The term comes from the Greek story of the Trojan War, in which the Greeks give a giant wooden horse to their foes, the Trojans, ostensibly as a peace offering. But after the Trojans drag the horse inside their city walls, Greek soldiers sneak out of the horse's hollow belly and open the city gates, allowing their compatriots to pour in and capture Troy.

Security

Trojan may allow a hacker

Hacker (computer security)

In computer security and everyday language, a hacker is someone who breaks into computers and computer networks. Hackers may be motivated by a multitude of reasons, including profit, protest, or because of the challenge...

 remote access to a target computer system. Once a Trojan has been installed on a target computer system, a hacker may have access to the computer remotely and perform various operations, limited by user privileges on the target computer system and the design of the Trojan.

Operations that could be performed by a hacker on a target computer system include:

• Use of the machine as part of a botnet
  Botnet
  A botnet is a collection of compromised computers connected to the Internet. Termed "bots," they are generally used for malicious purposes. When a computer becomes compromised, it becomes a part of a botnet...
  
   (e.g. to perform automated spamming
  Spam (electronic)
  Spam is the use of electronic messaging systems to send unsolicited bulk messages indiscriminately...
  
   or to distribute Denial-of-service attacks)
• Data theft
  Data theft
  Data theft is a growing problem primarily perpetrated by office workers with access to technology such as desktop computers and hand-held devices capable of storing digital information such as USB flash drives, iPods and even digital cameras...
  
   (e.g. retrieving passwords or credit card information)
• Installation of software, including third-party malware
• Downloading or uploading
  Uploading and downloading
  In computer networks, to download means to receive data to a local system from a remote system, or to initiate such a data transfer. Examples of a remote system from which a download might be performed include a webserver, FTP server, email server, or other similar systems...
  
   of files on the user's computer
• Modification or deletion of files
  File deletion
  File deletion is a way of removing a file from a computer's file system.The reasons for deleting files are#Freeing the disk space#Removing duplicate or unnecessary data to avoid confusion#Making sensitive information unavailable to others...
  
  
• Keystroke logging
  Keystroke logging
  Keystroke logging is the action of tracking the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored...
  
  
• Watching the user's screen
• Crashing the computer
• Anonymizing internet viewing

Trojan horses in this way require interaction with a hacker

Hacker (computer security)

In computer security and everyday language, a hacker is someone who breaks into computers and computer networks. Hackers may be motivated by a multitude of reasons, including profit, protest, or because of the challenge...

 to fulfill their purpose, though the hacker need not be the individual responsible for distributing the Trojan horse. It is possible for individual hackers to scan computers on a network using a port scanner

Port scanner

A port scanner is a software application designed to probe a server or host for open ports. This is often used by administrators to verify security policies of their networks and by attackers to identify running services on a host with the view to compromise it.A port scan or portscan is "An attack...

 in the hope of finding one with a malicious Trojan horse installed, which the hacker can then use to control the target computer.

A recent innovation in Trojan horse code takes advantage of a security flaw in older versions of IE explorer and Google Chrome to use the host computer as an anonymizer proxy

Anonymizer

An anonymizer or an anonymous proxy is a tool that attempts to make activity on the Internet untraceable.It is a proxy server computer that acts as an intermediary and privacy shield between a client computer and the rest of the Internet...

 to effectively hide internet usage. The hacker

Hacker (computer security)

In computer security and everyday language, a hacker is someone who breaks into computers and computer networks. Hackers may be motivated by a multitude of reasons, including profit, protest, or because of the challenge...

 is able to view internet sites while the tracking cookies, internet history, and any IP logging are maintained on the host computer. The host computer may or may not show the internet history of the sites viewed using the computer as a proxy. The first generation of anonymizer Trojan horses tended to leave their tracks in the page view histories of the host computer. Newer generations of the Trojan horse tend to "cover" their tracks more efficiently. Several versions of Slavebot have been widely circulated in the US and Europe and are the most widely distributed examples of this type of Trojan horse.

Current use

Due to the popularity of botnets among hackers and the availability of advertising services that permit authors to violate their users' privacy, Trojan horses are becoming more common. According to a survey conducted by BitDefender

BitDefender

BitDefender is an antivirus software suite developed by Romania-based software company Softwin. It was launched in November 2001, and is currently in its 15 build version...

 from January to June 2009, "Trojan-type malware is on the rise, accounting for 83-percent of the global malware detected in the world". This virus has a relationship with worms as it spreads with the help given by worms and travel across the internet with them.

See also

• Cyber spying
  Cyber spying
  Cyber spying or Cyber espionage is the act or practice of obtaining secrets without the permission of the holder of the information , from individuals, competitors, rivals, groups, governments and enemies for personal, economic, political or military advantage using illegal exploitation methods on...
  
  
• Dancing pigs
• Exploit (computer security)
  Exploit (computer security)
  An exploit is a piece of software, a chunk of data, or sequence of commands that takes advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic...
  
  
• Industrial espionage
  Industrial espionage
  Industrial espionage, economic espionage or corporate espionage is a form of espionage conducted for commercial purposes instead of purely national security purposes...
  
  
• Malware
  Malware
  Malware, short for malicious software, consists of programming that is designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, or gain unauthorized access to system resources, or that otherwise exhibits abusive behavior...
  
  
• Principle of least privilege
  Principle of least privilege
  In information security, computer science, and other fields, the principle of least privilege, also known as the principle of minimal privilege or just least privilege, requires that in a particular abstraction layer of a computing environment, every module must be able to access only the...
  
  
• Privacy-invasive software
  Privacy-invasive software
  Privacy-invasive software is a category of computer software that ignores users’ privacy and that is distributed with a specific intent, often of a commercial nature. Three typical examples of privacy-invasive software are adware, spyware and content hijacking programs.- Background :In a...
  
  
• Reverse connection
  Reverse connection
  A reverse connection is usually used to bypass firewall restrictions on open ports. A firewall usually blocks open ports,but does not block outgoing traffic...
  
  
• Rogue security software
• Secure computing
  Secure Computing
  Secure Computing Corporation, or SCC, was a public company that developed and sold computer security appliances and hosted services to protect users and data...
  
  
• Social engineering (security)
  Social engineering (security)
  Social engineering is commonly understood to mean the art of manipulating people into performing actions or divulging confidential information...
  
  
• Spam
  Spam (electronic)
  Spam is the use of electronic messaging systems to send unsolicited bulk messages indiscriminately...
  
  
• Spyware
  Spyware
  Spyware is a type of malware that can be installed on computers, and which collects small pieces of information about users without their knowledge. The presence of spyware is typically hidden from the user, and can be difficult to detect. Typically, spyware is secretly installed on the user's...
  
  
• Timeline of computer viruses and worms
• Bundestrojaner