1. /
  2. Security Response/
  3. Trojan Horse

Trojan Horse

Risk Level 1: Very Low

February 19, 2004
April 20, 2010 4:20:07 PM
Also Known As:
Trojan-Spy.HTML.Smitfraud.c [Kaspersky], Phish-BankFraud.eml.a [McAfee], Trj/Citifraud.A [Panda Software], generic5 [AVG]
Infection Length:
Systems Affected:
Trojan Horse is a detection name used by Symantec to identify malicious software programs that masquerade as benign applications or files.

Trojan horse programs pose as legitimate programs or files that users may recognize and want to use. They rely on this trick to lure a user into inadvertently running the Trojan. Often a Trojan will mimic a well known legitimate file name or pose as a particular type of file, like a .jpg or .doc file to trick a user.

Distribution of Trojans on to compromised computers occurs in a variety of ways. From email attachments and links to instant messages, drive-by downloads and being dropped by other malicious software. Once installed on the compromised computer, the Trojan begins to perform the predetermined actions that it was designed for.

Trojan horse is a generic name given to all Trojan programs and they can be further categorized by their primary payload functions and may generally includes the following types:
  • Backdoor.Trojan - a Trojan with a primary purpose of opening a back door to allow remote access at a later time.
  • Downloader - a Trojan with a primary goal of downloading another piece of software, usually additional malware.
  • Infostealer - a Trojan that attempts to steal information from the compromised computer.

Antivirus Protection Dates

  • Initial Rapid Release version February 19, 2004
  • Latest Rapid Release version March 29, 2017 revision 017
  • Initial Daily Certified version February 19, 2004
  • Latest Daily Certified version March 29, 2017 revision 019
  • Initial Weekly Certified release date February 19, 2004
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment


  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy


  • Damage Level: Medium
  • Payload: Actions carried out by Trojan horse programs may vary from one instance to another.
  • Large Scale E-mailing: A Trojan may carry out spam relay operations.
  • Releases Confidential Info: Trojans may attempt to steal information from the compromised computer.
  • Degrades Performance: Activities performed by a Trojan may lead to performance degradation.
  • Compromises Security Settings: Trojans may end processes associated with security applications and also lower security settings.


  • Distribution Level: Low
Writeup By: Angela Thigpen

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21