Trojans
The Kill Chain is the cybercrime thriller from Scotland’s newest crime writer, GJ Scobie, which will be published by Darkstroke on the 16th July 2022. This blog post is one in a series called Facts behind the Fiction, in which I take an aspect of the plot and provide factual background material, giving an insight into the real world of cyber security and those who work tirelessly to defend our networks and data.
So, what is a Trojan?
A Trojan is a computer program disguised as a useful utility, but contains a hidden payload causing unwanted consequences for the user. Some Trojans can appear to be a legitimate, recognizable app, but are in fact fakes. These programs contain malware, or viruses, and can infect your computer, or steal and trash your data.
The results of installing a Trojan can be many and varied. They can be used to distribute computer viruses, install ransomware and encrypt files, delete data, install spyware to monitor your use of the computer or set up a backdoor to your device leaving it open for cyber criminals to connect from the Internet and watch what you are doing.
A well-designed Trojan may not raise alarm bells with you. For example, it could be a calculator app, like the one you probably have on your laptop or phone right now. You run it and it does behave like a calculator, but is running additional code in the background unbeknown to you. Other Trojans, when launched, announce themselves straight away, making it quite clear that you have infected your system with for example Ransomware and will demand payment to return it to a known, good state. Never offer payment as that is never guaranteed.
The name Trojan, to describe this form of malware, comes from the Ancient Greek tale of the wooden horse which was used to smuggle soldiers into the city of Troy during the Trojan war. It is this hidden component, the unknown code that will execute in unexpected and hostile fashion that makes the Trojan a popular choice among cyber criminals to help them carry out their attacks.
Trojans can be delivered to your email in-box, posing as legitimate file attachments. If you are not expecting a file attachment, then do not open it. If you believe it to be genuine, see if you have a file viewer to preview it rather than double-click on open it. If you are intending to download the file attachment, then ensure you have anti-virus software running on your computer which will hopefully intercept any hidden malware within the file. Remember, a colleague or friend, may have had their email account compromised and taken over by the cyber criminal. They could be emailing you from that account pretending to be that person, so just take a moment to think before proceeding.
Do not download mobile phone apps from unofficial sites. Safest course of action is to use either the Google Play Store or the Apple Store. Free apps from unofficial web sites can contain Trojans and other forms of malware, so be aware.
Next time, viruses. What are they?
The Fiction Factory 