How to Detect & Defend Against Trojan Horse Threats

There are several forms of malware that businesses need to defend their networks against every day. A form that’s particularly stealthy is a Trojan Horse threat. Trojans are dangerous because users willingly install them, thinking they’re something else.

A Trojan Horse can be hidden within a software that a user finds online offering “free PC cleaning” or something similar. This type of malware gets its name from the famous Trojan Horse story where soldiers hid inside a large wooden horse meant to be an innocent gift.

Likewise, a Trojan Horse virus will be disguised as something helpful to get users to install it onto their computer. Once discovered, a business will typically need emergency IT services to deal with the aftermath.

What Can Trojans Do?

Trojans are an ongoing threat for all types of devices and have been seen increasingly in mobile attacks.

According to threat evolution statistics from Kaspersky for the first quarter of 2020, Trojan-Droppers were the #3 biggest threat to mobile devices, with other Trojan variations being #4 through #7.

Here are some of the common types of Trojans Horse viruses and what they can do:

  • Trojan-Dropper: Acts as a vehicle for other types of malware and is designed to install them on a system. Malware is generally hidden in a Trojan-Dropper to avoid detection.
  • Trojan-Banker: This type of Trojan is designed to gain access to online banking applications or websites that you may use on your computer or mobile device.
  • Trojan-SMS: This Trojan can either sign up a victim for premium-rate messaging services without their knowledge or can send and intercept texts on a user’s device.
  • Trojan-Spy: This is a cross being a Trojan and spyware. The Trojan is used to fool the users into installing a software, then the spyware is released which can silently track keystrokes, make screenshots, and more.

The reason a Trojan Horse is one of the biggest malware threats is because it can carry any other type of malware within it. Some of the many issues that a Trojan can cause include:

  • Ransomware attack
  • Take over a system to send, download or delete files
  • Use a computer for a DDoS attack
  • Steal personal information

How to Detect a Trojan Horse Infection

It can be difficult to spot a Trojan Horse, but there are some signs that can indicate an infected computer or mobile device. If you or your employees see any of these signs, you’ll want to have it addressed by an IT professional right away.

  • Increase in CPU Usage: If you hear processing activity on a computer when there shouldn’t be any, that’s a sign that something you don’t know about is running in the background.
  • Unexpected Crashes: Does your computer seem less stable? If crashes start happening regularly, it could be due to a Trojan that’s conflicting with other internal systems.
  • More Spam & Pop-ups: If you are noticing a large increase in email spam or browser pop-ups, this is another indicator that your device may have been infected with a Trojan Horse.
  • System Slowdown: Freezes when you’re multi-tasking and a computer that has noticeably slowed down is another indicator of a Trojan Horse or other malware infection.

Tips for Avoiding a Trojan Horse Infection

Here are several best practices to use to protect your San Fernando Valley business from being hurt by a Trojan Horse threat.

Don’t Allow Shadow IT

Shadow IT is when employees use applications on their own for work that aren’t specifically approved for use by their company. This is often how Trojans get in. An employee will have a need for a particular tool and try to find a free version online and end up downloading a Trojan.

Put a strong Shadow IT policy in place so employees know they aren’t allowed to download and install programs that haven’t been pre-approved by your company for use.

Use an AI-Based Antivirus/Anti-Malware

Other types of malware will often hide inside a Trojan Horse to escape detection by signature-based antivirus programs.

You want to make sure you’re using AI-based protection, which will look for suspicious behavior and typical malware patterns to detect threats like Trojans.

Use Anti-Phishing Safeguards

Trojan Horses can often be attached to phishing emails that fool a user into thinking the file attachment is safe.

Ensure you are using good anti-phishing safeguards such as:

  • Ongoing user awareness training
  • Anti-spam/anti-phishing software
  • DNS filtering

Keep Device Software Up to Date

Many Trojans and other malware include code that exploits system vulnerabilities. More often than not, there have been security patches already put out to seal them, but the patch was never applied.

Ensure all computers and mobile devices are regularly updated for OS, software, and firmware patches.

Don’t Install Unknown Mobile Apps

There is an entire class of Trojan Horse threats designed to take advantage of mobile wallets and online banking applications to try to steal money from victims.

Users often aren’t as suspicious as they need to be about mobile apps. Make sure you’re not installing apps that aren’t in either the Apple App Store or Google Play store. Also make sure to search reviews for mobile apps before you install them to ensure it’s not a Trojan.

Make Sure Your Security Measures Can Protect You

Are your security measures robust enough to protect your business from a Trojan Horse infection? Find out by getting a free 21-point cybersecurity audit.

Contact us today to schedule your cybersecurity audit. Call 1-833-4-NEURON or sign up online.