4 Trojans most used by hackers


Taking control of a computer remotely is unfortunately easier than you might think.

To guard against this, it is better to know the tools used by hackers.

Of course, there is no question here of promoting any incitement to use these tools for malicious purposes. All these tools are anyway available to the public, and should precisely make us aware of the need to protect our operating system.

The trojans are among the great threats that can be encountered on the web. Usually, such programs are used to steal personal information, spreading other viruses or simply to create a network of PC Zombie in order to launch DDOS attacks.

Note that these different Trojans almost all do the same thing but each has its own style. Here is a presentation of the four most used trojans by hackers, from the most famous to the least famous.


It is probably the most popular Trojan horse. It is renowned for its ease of use, it allows cybercriminals to very easily retrieve multiple sensitive information. It has been used in recent years in money transfer transactions.

Zeus is coded in C++, it is compatible with all versions of Windows(XP, Vista, windows 7) both 32 bits and 64 bits. It hasn't been updated in years but can still be useful.

Bad guys and cybercriminal networks can use Zeus to perform a wide variety of criminal tasks such as:

  • Email address collection and spamming
  • DDOS attack
  • Sale and rental of zombie PCs
  • Phishing
  • Retrieving browser cookies
  • Retrieval of the Logins of the main FTP clients: FlashFXP, CuteFtp,, WsFTP, FileZilla and others.
  • Record the keys hit on the victim's keyboard.
  • Creation of screenshots around the mouse cursor while pressing buttons.
  • Force connection to specific sites.


SpyEye is a Trojan horse which has been merged with the functionality of the Zeus. Even though the development of the basic Trojan has stalled, it is still widely used by cybercriminals around the world. Moreover SpyEye was the main Trojan horse used by the smiling hacker Hamza Bendelladj

Here are the main features and functionalities offered by SpyEye:

  • Extract bank or credit card identification information,
  • Browser password recovery
  • Access to the victim's webcam
  • Record the keys hit on the victim's keyboard.
  • Screen capture system


Carberp is also a known tool. It allows to steal personal data from infected computers. It intercepts, manipulates and steals confidential information that a user is likely to send or receive on the Internet.

Carberp sends the stolen information back to a command and control server (Botnet). It differs from the other three horses by its ability to encrypt data stolen as it was transmitted unencrypted from infected computers to C&C servers.

Better known for his exploits in the world of finance and worthy successor to Zeus and SpyEye, Carberp is a Trojan horse which seeks to deceive the vigilance of the subscriber to steal his banking data.


The Citadel Trojan is based on Zeus. It appeared, along with many other Trojans, after Zeus' source code was released in 2011.

Some of its most fascinating features include:

  • AES encryption of configuration files and communication with a C&C server
  • Disable protection antivirus computers
  • Record videos of victims' activities.
  • Block virus scanning sites on infected computers.
  • Steal passwords stored in popular web browsers
  • Steal the password through a keylogger stored by applications like DASHLANE or KeePass.