Trojans: camouflaged malware

Trojan horses – also just called Trojans for short – owe their name to the legend of the wooden horse of Odysseus, in whose belly Greek soldiers hid themselves. The progress of the story is known: The unsuspecting inhabitants of Troy brought the enemy into the interior of the embattled city with their own hands on the wooden horse – and thus sealed their doom.   Trojan horse developers use a similar ruse: They disguise their malware as a useful program and hope that unsuspecting users will install it themselves. Unlike viruses and worms, Trojans do not have a self-reproduction mechanism. Instead, their strategy of dissemination is deception. Trojans are often found in bogus software that has been manipulated by cyber criminals. This software is mostly available as a download from dubious sources.

NotPetya: Trojan hides in financial software In June 2017, a malicious program called NotPetya caused a worldwide sensation: NotPetya did not get onto a system as an e-mail attachment like many other Trojans, but via the update function of the accounting software M.E.Doc, which is particularly widespread in Ukraine. The malicious program was initially known as a so-called encryption trojan (ransomware), because the criminal motive appeared to be extortion of ransom payments for the release of encrypted data.

European companies that have business relationships in the Ukraine and pay taxes there using M.E.Doc as one of two officially approved programs were also affected. At some companies, critical business and production processes stood still for more than a week. This resulted in damage worth millions.