Crimeware: Trojans & Spyware

In the cyberworld, there are numerous methods available to commit identity theft and other cybercrimes. Learn more about trojan horses and spyware—two of the most popular methods used by cybercrimals.

What is a Trojan Horse?

This term "Trojan Horse" comes from a Greek fable, in which the Greeks presented a giant wooden horse to the Trojans as a peace offering. However, a nasty surprise awaited the Trojans as Greek soldiers sprung out of the hollow horse and captured Troy. Similarly, a Trojan horse program presents itself as a useful computer program, while it actually causes havoc and damage to your computer.

Increasingly, Trojans are the first stage of an attack and their primary purpose is to stay hidden while downloading and installing a stronger threat such as a bot. Unlike viruses and worms, Trojan horses cannot spread by themselves. They are often delivered to a victim through an email message where it masquerades as an image or joke, or by a malicious website, which installs the Trojan horse on a computer through vulnerabilities in web browser software such as Microsoft Internet Explorer.

After it is installed, the Trojan horse lurks silently on the infected machine, invisibly carrying out its misdeeds, such as downloading spyware, while the victim continues on with their normal activities.

What is Spyware?

Spyware is a general term used for programs that covertly monitor your activity on your computer, gathering personal information, such as usernames, passwords, account numbers, files, and even driver's license or social security numbers. Some spyware focuses on monitoring a person's Internet behavior; this type of spyware often tracks the places you visit and things you do on the web, the emails you write and receive, as well as your Instant Messaging (IM) conversations. After gathering this information, the spyware then transmits that information to another computer, usually for advertising purposes.

Spyware is similar to a Trojan horse in that users unknowingly install the product when they install something else. However, while this software is almost always unwelcome, it can be used in some instances for monitoring in conjunction with an investigation and in accordance with organizational policy.

Spyware is installed in many ways:

  • Most often spyware is installed unknowingly with some other software that you intentionally install. For example, if you install a "free" music or file sharing service or download a screensaver, it may also install spyware. Some Web pages will attempt to install spyware when you visit their page.
  • A person who wants to monitor your online activities may also manually install spyware. Depending on how this is done, this might be acceptable surveillance of an individual or an unwelcome, even illegal, invasion of privacy.

Trojans, Spyware & Crime

Trojans and spyware are crimeware—two of the essential tools a cybercriminal might use to obtain unauthorized access and steal information from a victim as part of an attack. The creation and distribution of these programs is on the rise—they are now 37% of all of the thousands of malware Symantec processes on a weekly basis.

Click to enlarge
Trojans and spyware are developed by professionals. Trojans and spyware are often created by professional crimeware authors who sell their software on the black market for use in online fraud and other illegal activities.

How Can I Avoid Getting Infected

Symantec has performed in-depth research on how and when crimeware programs are created in order to gain a deeper understanding of the problem. Our analysis reveals that Trojans and spyware are developed as a full-time job during what might be considered a normal workday. These findings suggest that crimeware authors are creating their Trojans as a full-time profession.

Fortunately, there are several ways you can help protect your computer against Trojans and spyware. Visit our Cybercrime Prevention page for more details.

For additional tips and more information on cybercrime prevention and response, please visit the Cybercrime Resource Center.