Malware is a catchall term for many different types of dangerous threats. Malware includes things like viruses, ransomware, spyware, trojans, and more.
One of the most dangerous forms of malware in a trojan. These are bits of malicious code that hide inside other files, just waiting to be unleashed.
Trojans are so dangerous because they are often disguised as legitimate software. Such as a mobile app that helps you manage tasks, but actually has trojan spyware inside.
This type of malware can also do multiple things, that makes them harder to detect by network security than malware that does only one thing. For example, a trojan can be designed to seek out online backing login details or set up to act as spyware and steal system files.
Of the 15 most prevalent detections of mobile malware in Q1 2020 by antivirus vendor Kaspersky, Nearly half (7) of them were different types of trojans.
Because trojan malware can do so many different things, it has several classifications. These are based upon what the trojan does once it infiltrates a system.
The different types of trojan malware include:
There were some key trojan threats that were targeted at Canadian organizations in 2019 and that businesses should be on the lookout for.
A report by ThreatPost noted the biggest trojan that are geotargeting Canadian businesses.
This trojan sends malicious emails and has sent tens of millions of messages around the world, including in Canada.
These malicious emails contain Microsoft Word documents or links to malicious sites and can also spoof Amazon invoices to fool users into clicking and downloading malware.
This is a multi-purpose trojan that can steal data, seek out stored passwords, and download other malware into the victim’s computer.
This is another trojan designed to steal user login credentials. It can also download other malicious code and it will often try to disable any antivirus that a computer may be running by using Windows PowerShell.
This banking trojan was found to specifically target Canadian users, luring them with phishing attacks that use “Canada Post” as the theme. It also uses fake invoices from a fictitious software company to trick users into downloading it.
Dridex is a trojan that targets accounting and financial service companies, it’s designed to steal personal and company banking information and site logins.
Here are a few precautions you can put in place to avoid falling victim to a trojan.
Make sure you’re using an antivirus/anti-malware program that looks for suspicious behavior. Trojans are often designed to get past standard antivirus protocols, but if your application isn’t just looking for malicious signatures, but also strange behavior, you have a much better chance of detecting a trojan.
Use antivirus/anti-malware protections on both computers and mobile devices, which are also targeted by trojans.
Trojans often take advantage of software vulnerabilities, and if your devices aren’t kept updated in a timely manner it leaves you at risk because vital security patches may not be applied.
The easiest way for your Northern Ontario business to keep all devices updated is through a managed IT services plan.
One of the attack methods used by Trojans is to send malicious commands to Windows PowerShell (a legitimate Windows program).
You can help prevent these types of attacks by using application whitelisting, which restricts how Windows PowerShell can interact with various programs and what types of commands can be sent to them.
The threat landscape is only getting more complicated, which is why your cybersecurity strategy needs to continually evolve. We can ensure you’re protected against the most prevalent and newest threats.
Contact us today to schedule a free consultation! Call 705-222-8324 or reach out online.