ELI5: What is a Trojan?
Remember the story of the wooden horse that soldiers hid inside? A trojan is software that looks like a fun game or useful tool, but once you install it, the bad stuff hiding inside comes out.
Definition
A Trojan (Trojan horse) is malware that disguises itself as or is bundled with legitimate, desirable software to trick users into installing it. Unlike viruses or worms, Trojans do not self-replicate—they rely on user action to install them. Once installed, they can create backdoors, steal data, download additional malware, or give attackers remote control of the compromised system.
Key Details
- Named after the Greek myth: appears beneficial on the outside, delivers malicious payload once inside.
- Does not self-replicate: Unlike viruses (which infect files) or worms (which spread through networks)—Trojans rely on social engineering for installation.
- Common delivery: pirated software, malicious email attachments, fake software updates, drive-by downloads, phishing links.
- Types: banking Trojans (Zeus, Emotet), downloader Trojans (download and install other malware), backdoor Trojans, RATs (Remote Access Trojans).
- Dropper: A Trojan variant that installs other malware and then may remove itself.
Connections
- Parent: malware-types — a fundamental malware delivery mechanism
- See also: rat-remote-access-trojan