Trojan horse

A destructive program that masquerades as a benign application. Unlikeviruses, Trojan horses do not replicate themselves but they can be just as destructive. One of the most insidious types of Trojan horse is a program that claims to rid your computer of viruses but instead introduces viruses onto your computer.

The term comes from the a Greek story of the Trojan War, in which the Greeks give a giant wooden horse to their foes, the Trojans, ostensibly as a peace offering. But after the Trojans drag the horse inside their city walls, Greek soldiers sneak out of the horse's hollow belly and open the city gates, allowing their compatriots to pour in and capture Troy.

Trojan horses are broken down in classification based on how they breach systems and the damage they cause. The seven main types of Trojan horses are:

• Remote Access Trojans
• Data Sending Trojans
• Destructive Trojans
• Proxy Trojans
• FTP Trojans
• security software disabler Trojans
• denial-of-service attack (DoS) Trojans

Trojan horse (computing)

A Trojan horse, or Trojan, is a type of malware that masquerades as a legitimate file or helpful program but whose real purpose is eg to grant a hacker unauthorized access to a computer. Trojans do not attempt to inject themselves into other files like a computer virus. Trojan horses may steal information, or harm their host computer systems.^[1] Trojans may use drive-by downloads or install via online games or internet-driven applications in order to reach target computers. The term is derived from the Trojan Horse story in Greek mythology because Trojan horses employ a form of “social engineering,” presenting themselves as harmless, useful gifts, in order to persuade victims to install them on their computers.^{[2][3][4][5][6]}

Purpose and uses

A Trojan may give a hacker remote access to a targeted computer system. Operations that could be performed by a hacker on a targeted computer system may include:

• Use of the machine as part of a botnet (e.g. to perform automated spamming or to distribute Denial-of-service attacks)
• Electronic money theft^[7]
• Data theft (e.g. retrieving passwords or credit card information)
• Installation of software, including third-party malware
• Downloading or uploading of files on the user's computer
• Modification or deletion of files
• Keystroke logging
• Watching the user's screen
• Crashing the computer
• Anonymizing internet viewing

Trojan horses in this way may require interaction with a hacker to fulfill their purpose, though the hacker does not have to be the individual responsible for distributing the Trojan horse. It is possible for individual hackers to scan computers on a network using a port scanner in the hope of finding one with a malicious Trojan horse installed, which the hacker can then use to control the target computer.^[8]

A recent innovation in Trojan horse code takes advantage of a security flaw in older versions of Internet Explorer and Google Chrome to use the host computer as an anonymizer proxy to effectively hide internet usage. A hacker is able to view internet sites while the tracking cookies, internet history, and any IP logging are maintained on the host computer. The host's computer may or may not show the internet history of the sites viewed using the computer as a proxy. The first generation of anonymizer Trojan horses tended to leave their tracks in the page view histories of the host computer. Newer generations of the Trojan horse tend to "cover" their tracks more efficiently. Several versions of Slavebothave been widely circulated in the US and Europe and are the most widely distributed examples of this type of Trojan horse.^[8]

Trojan Horse Attacks

I. What is a Trojan horse?

Trojan horse attacks pose one of the most serious threats to computer security. If you were referred here, you may have not only been attacked but may also be attacking others unknowingly. This page will teach you how to avoid falling prey to them, and how to repair the damage if you already did. According to legend, the Greeks won the Trojan war by hiding in a huge, hollow wooden horse to sneak into the fortified city of Troy. In today's computer world, a Trojan horse is defined as a "malicious, security-breaking program that is disguised as something benign". For example, you download what appears to be a movie or music file, but when you click on it, you unleash a dangerous program that erases your disk, sends your credit card numbers and passwords to a stranger, or lets that stranger hijack your computer to commit illegal denial of service attacks like those that have virtually crippled the DALnet IRC network for months on end.

The following general information applies to all operating systems, but by far most of the damage is done to/with Windows users due to its vast popularity and many weaknesses.

(Note: Many people use terms like Trojan horse, virus, worm, hacking and cracking all interchangeably, but they really don't mean the same thing. If you're curious, here's a quick primer defining and distinguishing them. Let's just say that once you are "infected", trojans are just as dangerous as viruses and can spread to hurt others just as easily!)

II. How did I get infected?

Trojans are executable programs, which means that when you open the file, it will perform some action(s). In Windows, executable programs have file extensions like "exe", "vbs", "com", "bat", etc. Some actual trojan filenames include: "dmsetup.exe" and "LOVE-LETTER-FOR-YOU.TXT.vbs" (when there are multiple extensions, only the last one counts, be sure to unhide your extensions so that you see it). More information on risky file extensions may be found at this Microsoft document.

Trojans can be spread in the guise of literally ANYTHING people find desirable, such as a free game, movie, song, etc. Victims typically downloaded the trojan from a WWW or FTP archive, got it via peer-to-peer file exchange using IRC/instant messaging/Kazaa etc., or just carelessly opened some email attachment. Trojans usually do their damage silently. The first sign of trouble is often when others tell you that you are attacking them or trying to infect them!

III. How do I avoid getting infected in the future?

You must be certain of BOTH the source AND content of each file you download! In other words, you need to be sure that you trust not only the person or file server that gave you the file, but also the contents of the file itself.

Here are some practical tips to avoid getting infected (again). For more general security information, please see our main security help page.

1. NEVER download blindly from people or sites which you aren't 100% sure about. In other words, as the old saying goes, don't accept candy from strangers. If you do a lot of file downloading, it's often just a matter of time before you fall victim to a trojan.
2. Even if the file comes from a friend, you still must be sure what the file is before opening it, because many trojans will automatically try to spread themselves to friends in an email address book or on an IRC channel. There is seldom reason for a friend to send you a file that you didn't ask for. When in doubt, ask them first, and scan the attachment with a fully updated anti-virus program.
3. Beware of hidden file extensions! Windows by default hides the last extension of a file, so that innocuous-looking "susie.jpg" might really be "susie.jpg.exe" - an executable trojan! To reduce the chances of being tricked, unhide those pesky extensions.
4. NEVER use features in your programs that automatically get or preview files. Those features may seem convenient, but they let anybody send you anything which is extremely reckless. For example, never turn on "auto DCC get" in mIRC, instead ALWAYS screen every single file you get manually. Likewise, disable the preview mode in Outlook and other email programs.
5. Never blindly type commands that others tell you to type, or go to web addresses mentioned by strangers, or run pre-fabricated programs or scripts (not even popular ones). If you do so, you are potentially trusting a stranger with control over your computer, which can lead to trojan infection or other serious harm.
6. Don't be lulled into a false sense of security just because you run anti-virus programs. Those do not protect perfectly against many viruses and trojans, even when fully up to date. Anti-virus programs should not be your front line of security, but instead they serve as a backup in case something sneaks onto your computer.
7. Finally, don't download an executable program just to "check it out" - if it's a trojan, the first time you run it, you're already infected!

IV. How do I get rid of trojans?!?

Here are your many options, none of them are perfect. I strongly suggest you read through all of them before rushing out and trying to run some program blindly. Remember - that's how you got in this trouble in the first place. Good luck!

1. Clean Re-installation: Although arduous, this will always be the only sure way to eradicate a trojan or virus. Back up your entire hard disk, reformat the disk, re-install the operating system and all your applications from original CDs, and finally, if you're certain they are not infected, restore your user files from the backup. If you are not up to the task, you can pay for a professional repair service to do it.
2. Anti-Virus Software: Some of these can handle most of the well known trojans, but none are perfect, no matter what their advertising claims. You absolutely MUST make sure you have the very latest update files for your programs, or else they will miss the latest trojans. Compared to traditional viruses, today's trojans evolve much quicker and come in many seemingly innocuous forms, so anti-virus software is always going to be playing catch up. Also, if they fail to find every trojan, anti-virus software can give you a false sense of security, such that you go about your business not realizing that you are still dangerously compromised. There are many products to choose from, but the following are generally effective: AVP, PC-cillin, and McAfee VirusScan. All are available for immediate downloading typically with a 30 day free trial. For a more complete review of all major anti-virus programs, including specific configuration suggestions for each, see the HackFix Project's anti-virus software page [all are ext. links]. When you are done, make sure you've updated Windows with all security patches [ext. link].
3. Anti-Trojan Programs: These programs are the most effective against trojan horse attacks, because they specialize in trojans instead of general viruses. A popular choice is The Cleaner, $30 commercial software with a 30 day free trial. To use it effectively, you must follow hackfix.org's configuration suggestions [ext. link]. When you are done, make sure you've updated Windows with all security patches [ext. link], then change all your passwords because they may have been seen by every "hacker" in the world.
4. IRC Help Channels: If you're the type that needs some hand-holding, you can find trojan/virus removal help on IRC itself, such as EFnet #dmsetup or DALnet #NoHack. These experts will try to figure out which trojan(s) you have and offer you advice on how to fix it. The previous directions were in fact adapted from advice given by EFnet #dmsetup. (See our networks page if you need help connecting to those networks.)

The Trojan War

The Apple of Discord
The Trojan War has its roots in the marriage between Peleus and Thetis, a sea-goddess. Peleus and Thetis had not invited Eris, the goddess of discord, to their marriage and the outraged goddess stormed into the wedding banquet and threw a golden apple onto the table. The apple belonged to, Eris said, whomever was the fairest.
Hera, Athena, and Aphrodite each reached for the apple. Zeus proclaimed that Paris, prince of Troy and thought to be the most beautiful man alive, would act as the judge.
Hermes went to Paris, and Paris agreed to act as the judge. Hera promised him power, Athena promised him wealth, and Aphrodite promised the most beautiful woman in the world.
Paris chose Aphrodite, and she promised him that Helen, wife of Menelaus, would be his wife. Paris then prepared to set off for Sparta to capture Helen. Twin prophets Cassandra and Helenus tried to persuade him against such action, as did his mother, Hecuba. But Paris would not listen and he set off for Sparta.
In Sparta, Menelaus, husband of Helen, treated Paris as a royal guest. However, when Menelaus left Sparta to go to a funeral, Paris abducted Helen (who perhaps went willingly) and also carried off much of Menelaus' wealth.
In Troy, Helen and Paris were married. This occured around 1200 B.C. (Wood, 16).
Greek Armament
Menelaus, however, was outraged to find that Paris had taken Helen. Menelaus then called upon all of Helen's old suitors, as all of the suitors had made an oath long ago that they would all back Helen's husband to defend her honor.
Many of the suitors did not wish to go to war. Odysseus pretended to be insane but this trick was uncovered by Palamedes. Achilles, though not one of the previous suitors, was sought after because the seer Calchas had stated that Troy would not be taken unless Achilles would fight.
One of the most interesting stories is of Cinyras, king of Paphos, in Cyprus, who had been a suitor of Helen. He did not wish to go to war, but promised Agamemnon fifty ships for the Greek fleet. True to his word, Cinyras did send fifty ships. The first ship was commanded by his son. The other forty-nine, however, were toy clay ships, with tiny clay sailors. They dissembled soon after being placed in the ocean (Tripp, 584-584).
The Greek fleet assembled, under Agamemnon's inspection, in Aulis. However, Agamemnon either killed one of Diana's sacred stags or made a careless boast. Either way, Diana was outraged and she calmed the seas so that the fleet could not take off.
The seer Calchas proclaimed that Iphigenia, daughter of Agamemnon, must be sacrificed before the fleet could set sail. This was done, and the Greek ships set off in search of Troy.
Finding Troy
Finding Troy proved difficult, however, and the Greek fleet at first landed in Mysia. According to Herodotus, the Greeks were under the impression that Helen had been taken by the Teuthranians (Teucrians), and though the Teuthranians denied such allegations, the Greeks layed siege to the city (Herodotus, Bk. II.118). The Greeks ultimately prevailed, but suffered heavy casualties at the hands of Telephus, king of the Teuthranians, and, at the end, were still without Helen. Telephus, in the course of the war, was wounded by Achilles.
With no where else to turn, the Greeks returned home.
The Trojan War might not have happened had not Telephus gone to Greece in the hopes of having his wound cured. Telephus had been told by an oracle that only the person who wounded him (in this case, Achilles) could cure him. Achilles assented and Telephus told the Greeks how to get to Troy.
Embassy to Priam
Odysseus, known for his eloquence, and Menelaus were sent as ambassadors to Priam. They demanded Helen and the stolen treasure be returned. Priam refused, and Odysseus and Menelaus returned to the Greek ships with the announcement that war was inevitable.
The War
The first nine years of the war consisted of both war in Troy and war against the neighboring regions. The Greeks realized that Troy was being supplied by its neighboring kingdoms, so Greeks were sent to defeat these areas.
As well as destroying Trojan economy, these battles let the Greeks gather a large amount of resources and other spoils of war, including women (e.g., Briseis, Tecmessa and Chryseis).
The Greeks won many important battles and the Trojan hero Hector fell, as did the Trojan ally Penthesilea. However, the Greeks could not break down the walls of Troy.
Patroclus was killed and, soonafter, Achilles was felled by Paris.
Helenus, son of Priam, had been captured by Odysseus. A prophet, Helenus told the Greeks that Troy would not fall unless:
a) Pyrrhus, Achilles' son, fought in the war,
b) The bow and arrows of Hercules were used by the Greeks against the Trojans,
c) The remains of Pelops, the famous Eleian hero, were brought to Troy, and
d) The Palladium, a statue of Athena, was stolen from Troy (Tripp, 587).
Phoenix persuaded Pyrrhus to join the war. Philoctetes had the bow and arrows of Hercules, but had been left by the Greek fleet in Lemnos because he had been bitten by a snake and his wound had a horrendous smell. Philoctetes was bitter, but was finally persuaded to join the Greeks. The remains of Pelops were gotten, and Odysseus infiltrated Trojan defenses and stole the Palladium.
The Trojan Horse
Still seeking to gain entrance into Troy, clever Odysseus (some say with the aid of Athena) ordered a large wooden horse to be built. Its insides were to be hollow so that soldiers could hide within it.
Once the statue had been built by the artist Epeius, a number of the Greek warriors, along with Odysseus, climbed inside. The rest of the Greek fleet sailed away, so as to deceive the Trojans.
One man, Sinon, was left behind. When the Trojans came to marvel at the huge creation, Sinon pretended to be angry with the Greeks, stating that they had deserted him. He assured the Trojans that the wooden horse was safe and would bring luck to the Trojans.
Only two people, Laocoon and Cassandra, spoke out against the horse, but they were ignored. The Trojans celebrated what they thought was their victory, and dragged the wooden horse into Troy.
That night, after most of Troy was asleep or in a drunken stupor, Sinon let the Greek warriors out from the horse, and they slaughtered the Trojans. Priam was killed as he huddled by Zeus' altar and Cassandra was pulled from the statue of Athena and raped.


After the War
After the war, Polyxena, daughter of Priam, was sacrificed at the tomb of Achilles and Astyanax, son of Hector, was also sacrificed, signifying the end of the war.
Aeneas, a Trojan prince, managed to escape the destruction of Troy, and Virgil's Aeneid tells of his flight from Troy. Many sources say that Aeneas was the only Trojan prince to survive, but this statement contradicts the common story that Andromache was married to Helenus, twin of Cassandra, after the war.
Menelaus, who had been determined to kill his faithless wife, was soon taken by Helen's beauty and seductiveness that he allowed her to live.
The surviving Trojan women were divided among the Greek men along with the other plunder. The Greeks then set sail for home, which, for some, proved as difficult and took as much time as the Trojan War itself (e.g., Odysseus and Menelaus).

Trojan Horse

The Trojan Horse is a tale from the Trojan War about the subterfuge that the Greeks used to enter the city of Troy and end the conflict. In the canonical version, after a fruitless 10-year siege, the Greeks constructed a huge wooden horse, and hid a select force of men inside. The Greeks pretended to sail away, and the Trojans pulled the horse into their city as a victory trophy. That night the Greek force crept out of the horse and opened the gates for the rest of the Greek army, which had sailed back under cover of night. The Greeks entered and destroyed the city of Troy, decisively ending the war. The main ancient source for the story is the Aeneid of Virgil, a Latin epic poem from the time of Augustus. The event does not occur in Homer's Iliad, which ends before the fall of the city, but is referred to in the Odyssey. In the Greek tradition, the horse is called the "Wooden Horse" (Δούρειος Ἵππος, Doúreios Híppos, in the Homeric Ionic dialect). Metaphorically a "Trojan Horse" has come to mean any trick or stratagem that causes a target to invite a foe into a securely protected bastion or space. It is also associated with "malware" computer programs presented as useful or harmless to induce the user to install and run them.

Literary accounts

According to Quintus Smyrnaeus, Odysseus came up with the idea of building a great wooden horse (the horse being the emblem of Troy),^{[citation needed]} hiding an elite force inside, and fooling the Trojans into wheeling the horse into the city as a trophy. Under the leadership of Epeios, the Greeks built the wooden horse in three days. Odysseus' plan called for one man to remain outside of the horse; he would act as though the Greeks abandoned him, leaving the horse as a gift for the Trojans. A Greek soldier named Sinon was the only volunteer for the role. Virgil describes the actual encounter between Sinon and the Trojans:

Sinon successfully convinces the Trojans that he has been left behind and that the Greeks are gone. Sinon tells the Trojans that the Horse is an offering to the goddess Athena, meant to atone for the previous desecration of her temple at Troy by the Greeks, and ensure a safe journey home for the Greek fleet. The Horse was built on such a huge size to prevent the Trojans from taking the offering into their city, and thus garnering the favor of Athena for themselves.

While questioning Sinon, the Trojan priest Laocoön guesses the plot and warns the Trojans, in Virgil's famous line "Timeo Danaos et dona ferentes" (I fear Greeks even those bearing gifts),^[1]which became known as 'beware of Greeks bearing gifts," Danaos being the ones who built the Trojan Horse. However, the god Poseidon sent two sea serpents to strangle him and his sons Antiphantes and Thymbraeus, before any Trojan believes his warning. According to Apollodorus, it was Apollo who sent the two serpents since Laocoon had insulted Apollo by sleeping with his wife in front of the "divine image".^[2] Helen of Troy also guesses the plot and tries to trick and uncover the Greek men inside the horse by imitating the voices of their wives. Anticlus would have answered, but Odysseus shut his mouth with his hand.^[3] King Priam's daughter Cassandra, the soothsayer of Troy, insists that the horse would be the downfall of the city and its royal family. She too is ignored, hence their doom and loss of the war.^[4]

Trojan War

Achilles tending the wounded Patroclus (Attic red-figure kylix, ca. 500 BC)

The war Setting: Troy (modern Hisarlik, Turkey) Period: Bronze Age Traditional dating: ca. 1194–1184 BC Modern dating: between 1260 and 1240 BC.[5] Outcome: Greek victory, destruction of Troy See also: Historicity of the Iliad

Literary sources Iliad · Epic Cycle · Aeneid, Book 2 · Iphigenia in Aulis · Philoctetes · Ajax · The Trojan Women · Posthomerica See also: Trojan War in popular culture

Episodes Judgement of Paris · Seduction of Helen · Trojan Horse · Sack of Troy · The Returns · Wanderings of Odysseus · Aeneas and the Founding of Rome

Greeks and allies Agamemnon · Achilles · Helen · Menelaus · Nestor ·Odysseus · Ajax · Diomedes · Patroclus ·Thersites · Achaeans · Myrmidons See also: Catalogue of Ships

Trojans and allies Priam · Hecuba · Hector · Paris · Cassandra ·Andromache · Aeneas · Memnon  · Troilus ·Penthesilea and the Amazons · Sarpedon See also: Trojan Battle Order

Related topics Homeric question · Archaeology of Troy ·Mycenae · Bronze Age warfare This box:  view   talk   edit

This incident is mentioned in the Odyssey:

What a thing was this, too, which that mighty man wrought and endured in the carven horse, wherein all we chiefs of the Argives were sitting, bearing to the Trojans death and fate!4.271 ff

But come now, change thy theme, and sing of the building of the horse of wood, which Epeius made with Athena's help, the horse which once Odysseus led up into the citadel as a thing of guile, when he had filled it with the men who sacked Ilion . 8.487 ff (trans. Samuel Butler)

The most detailed and most familiar version is in Virgil's Aeneid, Book II [1] (trans. A. S. Kline).

After many years have slipped by, the leaders of the Greeks,opposed by the Fates, and damaged by the war,build a horse of mountainous size, through Pallas’s divine art,and weave planks of fir over its ribs:they pretend it’s a votive offering: this rumour spreads.They secretly hide a picked body of men, chosen by lot,there, in the dark body, filling the belly and the hugecavernous insides with armed warriors.[...]
Then Laocoön rushes down eagerly from the heightsof the citadel, to confront them all, a large crowd with him,and shouts from far off: ‘O unhappy citizens, what madness?Do you think the enemy’s sailed away? Or do you thinkany Greek gift’s free of treachery? Is that Ulysses’s reputation?Either there are Greeks in hiding, concealed by the wood,or it’s been built as a machine to use against our walls,or spy on our homes, or fall on the city from above,or it hides some other trick: Trojans, don’t trust this horse.Whatever it is, I’m afraid of Greeks even those bearing gifts.’

Book II includes Laocoön saying: "Equo ne credite, Teucri. Quidquid id est, timeo Danaos et dona ferentes." ("Do not trust the horse, Trojans! Whatever it is, I fear the Greeks, even bringing gifts.")

Well before Virgil, the story is also alluded to in Greek classical literature. In Euripides' play Trojan Women, written in 415 B.C., the god Poseidon proclaims, “For, from his home beneath Parnassus, Phocian Epeus, aided by the craft of Pallas, framed a horse to bear within its womb an armed host, and sent it within the battlements, fraught with death; whence in days to come men shall tell of 'the wooden horse,' with its hidden load of warriors.”^[6]