Trojan viruses: Detecting and removing
A highly sophisticated online threat, Trojan viruses are malicious programs that disguise themselves as legitimate files, which makes them difficult to detect. Learn more about Trojan viruses, how to identify them, and steps to remove them. Then, get Norton AntiVirus Plus to help defend against Trojan viruses and other online threats.
What is a Trojan virus?
Try Norton 360 FREE 7-Day Trial* - Includes Norton Secure VPN
7 days of FREE* comprehensive antivirus, device security and online privacy with Norton Secure VPN.
Join today. Cancel anytime.
*Terms Apply
A Trojan (often referred to as a Trojan virus) is a type of malware that hides within a legitimate file or program to gain access to your device. Because Trojan malware is delivered inside a legitimate app or file, it’s very difficult to detect. Trojans are used to spy on victims, steal data, infect other programs, and inflict other harm.
Trojans are typically sent by scammers or hackers who use social engineering tactics, like the ones used in phishing attacks. Trojan horse malware appears as a harmless or even helpful file, leading users to install the malware unwittingly on their computers or phones.
Are Trojan viruses dangerous?
Yes, Trojan viruses are quite dangerous, and while they may not replicate or spread like traditional viruses, the potential for causing harm is significant. Trojan malware is particularly harmful because users unknowingly install it, which enables cybercriminals to covertly exploit vulnerabilities and have the malware go unnoticed for a while.
Ultimately, cybercriminals use Trojans to secretly infiltrate and compromise a user's system to execute various malicious actions, from data theft and financial fraud to file destruction and unauthorized surveillance.
What is the difference between a virus and a Trojan?
Viruses and Trojans are both types of malware. And even though Trojans are often called “Trojan viruses,” that name can be misleading. Trojans and viruses differ most in how they infect devices and spread.
Here's a brief comparison of the differences between a virus and a Trojan:
- Viruses: Viruses are self-replicating and spread from one system to another by attaching themselves to legitimate files or programs. They can infect multiple files and are designed to propagate, making it critical to know how to determine if your computer has a virus.
- Trojans: Unlike viruses, Trojans do not replicate on their own. Instead, they rely on deception to be manually installed by unsuspecting users. They often disguise themselves as harmless or even beneficial applications. But once a Trojan is executed, it can perform various nefarious actions without the user's knowledge.
What types of Trojan viruses exist, and how are they harmful?
Trojans are incredibly dangerous due to the wide range of malicious tasks they can perform once installed on a computer. Here are some common types of Trojan horse malware:
- Backdoor Trojan: These Trojans create a "backdoor" on the victim's computer, granting attackers unauthorized access. This backdoor allows them to control the system, steal data, and introduce more malware.
- Downloader Trojan: The primary purpose of a downloader Trojan is to download additional content, such as more malware, onto the infected computer.
- Infostealer Trojan: As the name suggests, this type of Trojan steals sensitive data from the victim's computer, like passwords, credit card information, or personal files.
- Remote Access Trojan (RAT): This Trojan gives the attacker complete control over the victim's computer, effectively turning it into a tool for cybercriminals to exploit.
- Distributed Denial of Service (DDoS) Attack Trojans: These Trojans perform DDoS attacks, flooding a network with traffic to overwhelm and crash it.
The harm that Trojans can cause extends beyond just individual computers. Cybercriminals can use Trojans to create a botnet, which is a network of infected computers that a malicious actor can remotely control to spread malware or stage other online attacks.
To help safeguard your device against malicious threats, Norton AntiVirus Plus offers a comprehensive suite of security features, like advanced threat protection and a smart firewall, designed to help protect your personal information and computer against Trojans, viruses, and other malware.
How to get rid of the Trojan?
If you think your computer is infected with Trojan malware, it's crucial to remove it right away. Follow the steps below to help get rid of a Trojan:
- Disconnect your computer from the internet: Going “offline” helps to prevent the malware from communicating with its command-and-control servers, limiting further harm.
- Install a reputable antivirus tool: A trusted tool such as Norton AntiVirus Plus will help you detect and remove Trojans to help keep your system safer.
- Perform a full system scan: Use your antivirus tool to help detect and quarantine malicious files.
- Delete infected files: After your antivirus identifies and isolates malicious files, follow the prompts to delete the files permanently.
- Update your operating system and software: Keeping your devices and software up to date can help protect against future malware infections. Cybercriminals often exploit vulnerabilities in outdated software to launch attacks.
- Download programs from trusted sources: Stick to official app stores and trusted websites when shopping for applications. Learn how to identify the signs you’re on a malicious websites so you know how to avoid them next time.
- Use a firewall: Many devices come with a built-in firewall. Ensure it's active to add an extra layer of protection against unauthorized access.
Finally, do your homework on how to avoid viruses — knowing what to look out for will help you keep your device free of harmful software in the future.
What do Trojan horses do?
Highly versatile forms of malware, Trojan horses can carry out various malicious activities. Here are some common actions that Trojans might perform:
- Breach data: Trojans can steal sensitive data from your computer, such as login credentials, credit card details, and personal files.
- Botnet recruitment: Some Trojan horses are designed to convert infected computers and pull them into a botnet that cybercriminals can control remotely.
- Data destruction: Certain Trojans may be programmed to delete files, corrupt data, or even reformat entire hard drives.
- Espionage: Trojan horses can be used to monitor a user's activities, capture screenshots, and record keystrokes to gather sensitive information covertly.
What are some Trojan horse virus examples?
Here are some examples of well-known Trojan malware:
- Zeus: The Zeus Trojan orchestrates sophisticated attacks to acquire crucial banking credentials and extract sensitive financial data. Its precision has made it a popular choice for cybercriminals, leaving a wake of compromised financial systems since peaking in the early 2010s.
- Emotet: Emotet started as a banking Trojan but was quickly adapted to help execute different kinds of cyberattacks. It can spread various types of malware, including ransomware, and is highly unpredictable and difficult to detect.
- Petya/NotPetya: As a type of encryption malware, Petya explicitly targets Microsoft Windows systems by infecting the master boot record. That move causes a process to begin that encrypts the file system table of the hard drive, preventing Windows from starting up.
- DarkComet: Designed as a helpful tool for remote computer management, DarkComet has been hijacked by hackers and become a harmful program used to launch cyberattacks. This tool allows cybercriminals to steal sensitive data and money by secretly gaining unauthorized access and controlling computers without a user’s knowledge or permission.
- CryptoLocker: As a type of ransomware, CryptoLocker encrypts files on a victim's computer, making them inaccessible. The hacker then demands a ransom payment from the victim to unlock the files and return them.
Get the powerful protection your device deserves
With Trojans and other malware a persistent threat, a proactive approach to online security is essential. Norton AntiVirus Plus provides layers of security including built-in hacking protection, a firewall, and real-time threat protection to help keep your device and personal information safer.
Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc.
Want more?
Follow us for all the latest news, tips and updates.