Why is a Trojan One of the Most Dangerous Forms of Malware?

Why is a Trojan One of the Most Dangerous Forms of Malware?

Malware is a catchall term for many different types of dangerous threats. Malware includes things like viruses, ransomware, spyware, trojans, and more.

One of the most dangerous forms of malware in a trojan. These are bits of malicious code that hide inside other files, just waiting to be unleashed.

Trojans are so dangerous because they are often disguised as legitimate software. Such as a mobile app that helps you manage tasks, but actually has trojan spyware inside.

This type of malware can also do multiple things, that makes them harder to detect by network security than malware that does only one thing. For example, a trojan can be designed to seek out online backing login details or set up to act as spyware and steal system files.

Of the 15 most prevalent detections of mobile malware in Q1 2020 by antivirus vendor Kaspersky, Nearly half (7) of them were different types of trojans. 

Classifications of Trojans

Because trojan malware can do so many different things, it has several classifications. These are based upon what the trojan does once it infiltrates a system.

The different types of trojan malware include:

  • Rootkit: This is designed to prevent malicious programs from being detected in a system.
  • Backdoor: This type of trojan gives a hacker the ability to remote control a computer and gain complete access.
  • Trojan-Banker: These are particularly prevalent and are designed to seek out account data for online banking systems as well as payment card details.
  • Exploit: This trojan takes advantage of a vulnerability in an application software and can often infect a system because it hasn’t been properly updated.
  • Trojan-Downloader: This type of code can download other malicious programs once it has infected your system.
  • Trojan-IM: This trojan steals logins to instant messaging programs (Skype, WhatsApp, etc.) to exploit them.
  • Trojan-SMS: This malicious code sends text messages from your mobile device to premium rate phone numbers, costing you money.
  • Trojan-Spy: This is a trojan designed to run in the background undetected and spy on all your activities. It can often take screenshots, sending those back to the hacker.

Trojans that Have Been Attacking Canadian Organizations

There were some key trojan threats that were targeted at Canadian organizations in 2019 and that businesses should be on the lookout for.

A report by ThreatPost noted the biggest trojan that are geotargeting Canadian businesses.


This trojan sends malicious emails and has sent tens of millions of messages around the world, including in Canada. 

These malicious emails contain Microsoft Word documents or links to malicious sites and can also spoof Amazon invoices to fool users into clicking and downloading malware.


This is a multi-purpose trojan that can steal data, seek out stored passwords, and download other malware into the victim’s computer.


This is another trojan designed to steal user login credentials. It can also download other malicious code and it will often try to disable any antivirus that a computer may be running by using Windows PowerShell. 


This banking trojan was found to specifically target Canadian users, luring them with phishing attacks that use “Canada Post” as the theme. It also uses fake invoices from a fictitious software company to trick users into downloading it.


Dridex is a trojan that targets accounting and financial service companies, it’s designed to steal personal and company banking information and site logins. 

How to Block Trojan Malware

Here are a few precautions you can put in place to avoid falling victim to a trojan.

Use a Behavior-Based Antivirus/Anti-malware

Make sure you’re using an antivirus/anti-malware program that looks for suspicious behavior. Trojans are often designed to get past standard antivirus protocols, but if your application isn’t just looking for malicious signatures, but also strange behavior, you have a much better chance of detecting a trojan.

Use antivirus/anti-malware protections on both computers and mobile devices, which are also targeted by trojans. 

Keep Devices Updated

Trojans often take advantage of software vulnerabilities, and if your devices aren’t kept updated in a timely manner it leaves you at risk because vital security patches may not be applied.

The easiest way for your Northern Ontario business to keep all devices updated is through a managed IT services plan.

Use Application Whitelisting 

One of the attack methods used by Trojans is to send malicious commands to Windows PowerShell (a legitimate Windows program).

You can help prevent these types of attacks by using application whitelisting, which restricts how Windows PowerShell can interact with various programs and what types of commands can be sent to them.

Create a Strong Cybersecurity Plan with Haxxess

The threat landscape is only getting more complicated, which is why your cybersecurity strategy needs to continually evolve. We can ensure you’re protected against the most prevalent and newest threats.

Contact us today to schedule a free consultation! Call 705-222-8324 or reach out online.

stay in touch

Subscribe to our newsletter and we'll keep you informed about latest IT news.