CAPTION: What would Laocoon and Cassandra have done? The two Trojans who warned their people against the suspicious wooden horse would probably identify any suspicious e-mail attachment and then get rid of them.
So how do Trojan horses infect computers? Believe it or not, you have to do some of the work yourself. In order for a Trojan to infect your machine, you have to install the server side of the application. This is normally done by social engineering -- the author of the Trojan horse has to convince you to download the application. Alternately, he or she might send the program to you in an e-mail message hoping you execute it. Again, this is why it is called a Trojan horse -- you have to consciously or unconsciously run the .exe file to install the program -- it doesn't propagate on its own like a virus (see How Computer Viruses Work for a description of Trojans and viruses). Once you execute the program, the Trojan server is installed and will start running automatically every time you power up your computer.
The most common way Trojan horses spread is through e-mail attachments. The developers of these applications typically use spamming techniques to send out hundreds or even thousands of e-mails to unsuspecting people; those who open the messages and download the attachment end up having their systems infected.
Sometimes, it's not even a person manually spreading malware -- it's possible for your own computer to do so, if it's been infected already. Crackers -- hackers who use their computer skills to create mischief or cause damage intentionally -- can send out Trojans that turn innocent Web surfer's computers into zombie computers, so-called because the person with the infected computer rarely knows his system is under control. Crackers then use these zombie computers to send out more viruses, eventually creating networks of zombie computers known as botnets.
There are several things you can do to protect yourself from Trojan horses. The easiest thing to do is to never open any e-mails or download any attachments from unknown senders. Simply deleting these messages will take care of the situation. Installing antivirus software will also scan every file you download (even if it's from someone you know) and protect you from anything malicious. If you ever find your computer has been infected with a Trojan, you should disconnect your Internet connection and remove the files in question with an antivirus program or by reinstalling your operating system. You can call your computer's manufacturer, your local computer store or a knowledgeable friend if you need help.
For lots more information on computer viruses and computer security, see the next page.
Related HowStuffWorks Articles
More Great Links
- Durkota, Michael. "Recovering from a Trojan horse or virus." US-CERT. 2004. (Oct. 6, 2008) http://www.us-cert.gov/reading_room/trojan-recovery.pdf
- IRChelp.org. "Trojan horse attacks." (Oct. 6, 2008) http://www.irchelp.org/irchelp/security/trojan.html
- Microsoft.com. "Zombies and botnets: help keep your computer under control." Jan. 7, 2007. (Oct. 6, 2008) http://www.microsoft.com/protect/computer/viruses/zombies.mspx
- TechFAQ.com. "What is a Trojan horse virus?" (Oct. 6, 2008) http://www.tech-faq.com/trojan-horse-virus.shtml