A Trojan Horse, or Trojan, is a type of malware that hides its malicious intent behind a seemingly innocent or beneficial application. Unlike viruses or worms, Trojans do not self-replicate. Instead, they rely on deception to spread: users must deliberately execute or install them, often without realising what they are doing.
The name comes from Greek mythology, referring to the wooden horse that concealed enemy soldiers inside its apparently harmless exterior. In cybersecurity, the principle is identical. A Trojan might masquerade as a game, software update, media player, or productivity tool. Once installed, it opens a backdoor for attackers to steal data, install additional malware, monitor activity, or take control of your device.
Common Trojan types include:
- Backdoor Trojans: grant remote access to attackers
- Spyware Trojans: log keystrokes, steal passwords, or monitor browsing
- Banking Trojans: target financial information and login credentials
- Ransomware Trojans: encrypt files and demand payment for restoration
- Botnet Trojans: enlist devices into networks controlled by attackers
Trojans spread through deceptive downloads, malicious email attachments, compromised websites, or fake software installers. They are particularly dangerous because they often bypass antivirus software if properly coded, and users may not notice infection for weeks or months.
To protect yourself, download software only from official sources, keep your operating system and applications patched, use reputable antivirus software, avoid opening suspicious email attachments, and be cautious of unexpected software update prompts.