Main Page | See live article | Alphabetical index

Trojan horse

''Alternate meaning: Trojan Horse (mythical siege machine)

A Trojan horse is also a relatively dangerous computer program that does something which the programmer (or packager, or distributor, or advertiser) maliciously intends it to do, but which is unknown to the user. The term is derived from the classical myth of the Trojan Horse.

A Trojan horse differs from a virus in that it is a stand-alone program; the Trojan does not attach to another program. It differs from a worm in that it does not move from one computer to another on its own. A person must transfer it intentionally, such as by email.

For example, an attacker might email a Trojan with an innocuous filename, attached to an email message that claims the program does something useful. When the user executes the attachment, it might modify or delete the content of the attacked machine (by deleting all files or formatting the hard disk). Newer Trojans also access networks, sometimes attacking them by flooding them with messages.

Typically, a Trojan horse is an executable code contained in e-mail attachments, usually in .exe, .scr, .bat, .pif and other pretended formats (but these extensionss might be "masked" behind false or additional extensions and however hide an executable program).

A prototypical Trojan horse is, for instance, a program called "SEXY.EXE" that is posted somewhere with a promise of "hot pix", but when executed erases all the files it can find and prints the message "arf, arf, I got you!".

It is prudent to always scan e-mail attachments with updated antivirus software before opening them. A typical Trojan does not infect other programs and is usually easily deleted.

An early Trojan horse was the 1975 ANIMAL program, a game to identify an animal but which also spread itself to other users on UNIVAC Exec 8 computers[1].

See also: secure computing.