Trojan

Security+ 🏆 • Threats ⚠️ • Difficulty: free

Definition

A trojan is malware that disguises itself as legitimate or desirable software to trick a user into installing or running it. Unlike worms, trojans typically do not self-spread automatically; they rely on deception and user action, and they are often used to deliver other malware or create hidden access for attackers.

Examples

A fake “PDF reader” installer actually installs a remote access trojan that gives an attacker control of the device.
A cracked version of paid software includes a hidden trojan that steals browser passwords after installation.

Discover 🔎

The word trojan comes from the Trojan Horse story: something that looks harmless is used to sneak a threat inside. That is exactly how a trojan works in cybersecurity. It relies on trust, curiosity, urgency, or convenience to convince someone to run it. Trojans are common because they bypass strong technical defenses by targeting human decision-making.

Remember: Trojans are about disguise. They often arrive as something the user wants, expects, or is pressured to open.

Open the interactive lesson Browse more topics

Tip: The interactive version includes progress tracking, decks, and premium deep dives.