What is Trojan Horse?

Understanding Trojan Horse

A program that appears to be useful or legitimate but contains hidden code designed to exploit or damage the system on which it runs. A Trojan horse is malicious software disguised as legitimate software. Unlike viruses Trojans do not self-replicate but instead rely on users being tricked into installing them typically by social engineering or deception. Once installed Trojans can perform various malicious functions including data theft remote access installation of other malware or system damage. Trojan threats are addressed in standards like NIST SP 800-83 and various security frameworks. Organizations protect against Trojans through anti-malware solutions application whitelisting user awareness training secure email gateways and endpoint protection. For example an enterprise might defend against Trojans by implementing layered protections including pre-execution file analysis to detect suspicious code email attachment scanning to block malicious files application control to prevent unauthorized programs from running endpoint protection to detect known Trojan signatures and security awareness training teaching users to recognize social engineering tactics used to distribute Trojans. Related terms Malware Remote Access Trojan RAT Backdoor Social engineering Phishing Malware detection Payload Dropper Zeus.