Chapter in this post:
In addition to the Computer virus You have probably come across the term “Trojan” to describe malware on Macs and PCs. The word Trojan, which is short for Trojan horse, describes an app that pretends to have useful functions, but exploits weak points in the background, transfers computer data to the server or causes other damage. Trojans belong to malware and are a threat to individuals and companies alike. "Trojan" is often used as a synonym or generic term for other malware, such as viruses, rootkits or backdoor attacks. But there are striking differences.
The name is no coincidence, because a program called a Trojan horse pretends to be useful, but harbors attackers (scripts, codes, other programs, etc.) within itself. On Mac and PC as well as on mobile devices and other systems, Trojans ensure that an open door is used to inject unwanted content. This unwanted content can be of various types - viruses, Keyloggers or other stalkerware, other spy programs or digital nodes for file sharing, crypto mining, etc.
Among other things, the software smuggled in by a Trojan can read passwords, check keystrokes or open the door for other malware that can cause (even) more damage. The actions can also be:
Most Trojans get onto the user's computer through a user-side download. The download can be a program or a simple e-mail attachment. Simply visiting a website is not enough here to infect Mac or PC. The download happens actively because the Trojan camouflage itself. Just as the historical "Trojan horse" was received with open doors, so users download a supposedly useful one App or download an app that was advertised as helpful in an email.
There are various camouflage options. On the one hand, the downloaded and opened program can have a useful function, but it can also do other things in the background. On the other hand, the camouflage can be purely in the file name or in the icon of the app, for example if it imitates a known app. Then you open them, but the expected program does not start, only the background actions. After these are done, it doesn't matter if you terminate and uninstall the trojan. Because the malware that came up with it also works without it.
The bad news first: Trojans are often difficult to find and remove even with conventional virus scanners. It is all the more important to recognize them beforehand. So you should check the download source, check the file size (a graphics program or game is not just a few kB or MB small) and never open email attachments from unknown email addresses.
Signs that the computer has been infected with a Trojan horse can be:
If the computer behaves strangely after installing new software (e.g. the desired app is not running and still uses more of the CPU), it should be uninstalled. However, since programs that have been smuggled in can remain behind, it is advisable to also check the registry database and the task manager of the Windows PC or the programs folder and the Activity Monitor on Mac to check for suspicious software. The "Software" section in the macOS system report (Apple menu -> About This Mac -> "Overview" tab -> System Report...) can also be helpful here.
If you feel like you have a Trojan on your computer, the first step should always be to use an antivirus program. These programs scan all files and processes on the PC and scan the hard drive for trojans, viruses, worms, adware, spyware and other malware. Among other things CleanMyMac X implemented a malware scanner. Furthermore there is Intego Mac antivirus software. A tip: Use the full and longer-lasting scan and not the express scan. The latter only looks at the beginning and end of files, but not for code hidden in the middle.
There are different approaches to dividing known computer Trojans into types. In this way, one can look purely at the entry routes (i.e. the horses) or also include the interactions with the introduced software (attackers in the horse). Here are the most common Trojan and mixed types:
There is a lot more to know about Trojans, about what is known as the malicious routine of the malware they smuggle in, and how it differs from other malicious software. But that would go beyond the scope here and retell too much of what you can also find in one of the sources for this article: Wikipedia. Do you have any questions or additions? Then feel free to leave a comment on the topic!
After graduating from high school, Johannes completed an apprenticeship as a business assistant specializing in foreign languages. But then he decided to research and write, which resulted in his independence. For several years he has been working for Sir Apfelot, among others. His articles include product introductions, news, manuals, video games, consoles, and more. He follows Apple keynotes live via stream.