A Trojan, or Trojan horse, is a type of malware that disguises itself as legitimate code or software. It is designed to damage, disrupt, steal, or in general inflict some other harmful action on your data or network. Unlike a virus or worm, Trojan malware cannot replicate itself or self-execute. It requires specific and deliberate action from the user. Trojans are often hidden as attachments in emails or free-to-download files, and once downloaded, the malicious code will execute the task the attacker designed it for, such as gaining backdoor access to corporate systems, spying on users’ online activity, or stealing sensitive data.

Trojans can infect computers and cause enormous problems before the user even knows what happened. Once a Trojan gets onto a system, it can monitor the keyboard, install additional malware, and cause a variety of other issues. Some Trojans download additional malware onto the computer and then bypass security settings, while others try to actively disable antivirus software. Trojans can also hijack computers and make them part of a criminal DDoS (Distributed Denial of Service) network.

Common types of Trojan malware include backdoor Trojans, exploit Trojans, rootkit Trojans, and banker Trojans. Backdoor Trojans allow hackers to remotely access and control a computer, often for the purpose of uploading, downloading, or executing files at will. Exploit Trojans inject a machine with code deliberately designed to take advantage of a weakness inherent to a specific piece of software. Rootkit Trojans are intended to prevent the discovery of malware already infecting a system so that it can affect maximum damage. Banker Trojans specifically target personal information used for banking and other online transactions.

To protect against Trojans, it is important to keep antivirus software up to date and to avoid downloading attachments from unknown sources.