® 
Trojan Horse (Trojan)
Definition
A Trojan horse (Trojan) is malware that disguises itself as legitimate, useful software but secretly performs harmful functions.
A Trojan horse (Trojan) is malware that disguises itself as legitimate, useful software but secretly performs harmful functions on the victim's system. According to Kaspersky, Trojans account for over 75% of all malware detections, making them the most prevalent malware type.
How does a Trojan work?
Trojans do not self-propagate like viruses or worms. They rely on social engineering to convince the victim to install the malware themselves. Distribution occurs via phishing emails with infected attachments, fake downloads, trojanized software, malvertising and social media links. After installation, the Trojan executes its malicious functions in the background while appearing as normal software.
Types of Trojans
Remote Access Trojans (RAT) give attackers full remote control including webcam, microphone, files and keystrokes. Banking Trojans steal banking credentials via web injections. Downloader Trojans install additional malware after initial infection. Backdoor Trojans create hidden access points. Ransomware Trojans encrypt files and demand payment. Infostealer Trojans harvest stored passwords, cookies and sensitive data.
Impact on organisations
Trojans form the basis of many targeted attacks. Once installed, a Trojan can lead to full system compromise, data theft, ransomware infection or botnet participation. Notable campaigns like Emotet and TrickBot have caused billions in damage. NIS2 requires adequate malware protection.
Protection
Implement EDR with behavioural analysis detecting Trojan activity. Use email sandboxing to intercept infected attachments. Train employees to recognise social engineering. Apply application whitelisting. Monitor network traffic for C2 communication.
How DEFION helps
DEFION detects Trojan activity through Managed Threat Detection. The DFIR team investigates infections and determines full impact. Security Awareness Masterclasses train employees to recognise the social engineering techniques used to distribute Trojans.