trojan dropper: Explainer: What is a dropper malware and how to prevent its attack


A dropper malware or trojan dropper or just ‘dropper’ is a trojan program that carries a malicious code with it to ‘drop’ it onto the targeted smartphone or PC. It is different from the malware that usually gets downloaded on a system from a server to infect it. Instead, the dropper malware hides the dangerous ‘payload’ inside an app which is then triggered after it escapes through the firewall/ security shield of the device.
Think of it like a stealth bomber jet or a drone camouflaged as a friendly one that drops a surveillance/hacking device inside the enemy’s territory, the enemy being the smartphone user who has no idea that the malware has arrived on their phones.
Usually, droppers abound in trojans which are programs that look like harmless but indispensable ones to the user like a key generator for pirated software. One cannot do anything if the software copy needs a key to operate and for that reason, the user has to open the keygen to retrieve the key. You see? The keygen is absolutely ‘needed’ and it looks harmless, so the user ends up clicking on it and hence dooms the system.
A dropper malware could be hidden inside a useful-looking app, one of the recent examples being the Fast Cleaner app that’s been reported to hide the Xenomorph banking trojan inside it. You can read more about it here.
How dropper malware attacks your smartphone/PC
The dropper malware (trojan dropper) is harmless by itself since the main cause of worry is what is being carried by it. The function of the trojan dropper is to sneak in the malicious tool/code on the victim’s device. When launched from the victim’s device, it extracts the malicious code and saves it to the memory. Sometimes, dropper malware can also carry malware installers. First, the dropper malware’s trojans disable/neutralise or bypass the security features of the user’s device and only then do they get installed.
What can dropper malware carry
The malicious program being carried could be a single or a group of trojans. It is not necessary that all the Trojans have been put there for the same purpose or have been developed by the same hackers. Also, there could be a few clean, harmless files too to mask the presence of the trojan.
How to prevent dropper malware from entering your system
There is no foolproof way to prevent such attacks but you can start off by not downloading any app from outside the Google Play Store and Apple App Store on your phone. Also, try not to install unnecessary memory and junk cleaner apps from the Google and Apple app stores as they may have the trojan hidden inside, as in the case of the Xenomorph banking trojan. On PC, refrain from downloading files and software from unknown and suspicious-looking websites. And, most of all, invest in a paid antivirus solution for both your smartphone and PC.