A horse may modify the user's computer to display advertisements in undesirable places, such asthedesktopor in uncontrollablepop-ups, or it may be less notorious, such as installing atoolbar on to theuser'sWeb browser without prior notice. This can create the author of the Trojan revenue, despite it beingagainst theTerms of Serviceof most major Internet advertising networks, such asGoogle AdSense.
Trojan horses may allow ahacker remote access to a target computer system. Once a Trojan horse hasbeen installed on a target computer system, a hacker may have access to the computer remotely andperform various operations, limited by user privileges on the target computer system and the design of theTrojan horse.Operations that could be performed by a hacker on a target computer system include:
Crashing the computer Trojan horses in this way require interaction with ahacker to fulfill their purpose, though the hacker neednot be the individual responsible for distributing the Trojan horse. It is possible for individual hackers toscan computers on a network using aport scanner in the hope of finding one with a malicious Trojanhorse installed, which the hacker can then use to control the target computer.
Websites containing executable content (e.g., a Trojan horse in the form of anActiveXcontrol)
Application exploits (e.g., flaws in a Web browser, media player, instant-messaging client, or other software that can be exploited to allow installation of a Trojan horse)Some users, particularly those in theWarez scene, may create and distribute software with or withoutknowing that a Trojan has been embedded inside.Compilersandhigher-levelsoftware makers can bewritten to attach malicious software when the author compiles his code to executable form.
A Trojan horse may itself be acomputer virus, either by asking other users on a network, such as ainstant-messaging network, to install the said software, or by spreading itself through the use of application exploits.