Trojan

Malicious program masquerading as something innocuous or useful

A trojan (or Trojan horse) is a malicious program masquerading as something innocuous or even useful. Trojans use social engineering to convince victims to execute their code, and often act in a clandestine manner, sometimes even providing the useful functionality promised while running malicious actions in secret.

The great majority of malware takes the form of trojans - software such as adware and spyware also falls into this category, as actions which are not revealed during the installation process are carried out in a clandestine manner once installed. Trojan infections can come from malicious or hijacked websites, either using social engineering to persuade victims to install the file or exploiting vulnerabilities to carry out silent drive-by downloads. Trojans may also be sent out via email spam, with the email either including an attachment (the trojan file itself), or including links to the malicious or hijacked sites mentioned previously, again using social engineering to persuade readers to visit the site. Trojans can also be spread via other communication methods such as IM or P2P filesharing, or even dropped by self-replicating malware.

Many trojan infestations involve a variety of files, each providing different functionality. Typical types of trojan include downloaders, keyloggers, backdoors, clickers and diallers.