A Trojan horse is a destructive computer program that masquerades as a valuable or entertaining tool. It claims to perform a desirable function, but in fact damages your computer system when it is run. A Trojan horse can be a virus or a remote control program. They are usually installed on a computer through an e-mail attachment.

The term is derived from the Trojan Horse story in Greek mythology. In this story, the Greeks give a giant wooden horse to their enemy, the Trojans, apparently as a peace offering. But after the Trojans drag the horse inside their city walls, Greek soldiers sneak out of the horse's hollow belly and open the city gates, allowing their compatriots to pour in and capture Troy.

Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. One of the most crafty types of Trojan horse is a program that claims to rid a computer of viruses but instead introduces viruses onto the computer.

Back Orifice is a famous example of a Trojan Horse, written to demonstrate the lack of security in Microsoft Windows 98. It was the brainchild of Sir Dystic, a member of the U.S. hacker organization CULT OF THE DEAD COW. It was designed for remote system administration, based on a client-server architecture, allowing a user to control a computer running Microsoft Windows from a remote location (much like Microsoft's Remote Desktop Connection software). This required two components to work -- a client application running on the attacker's computer and a server application running on the victim's computer. Once installed, the attacker can perform any number of tasks on the victim's computer, including transferring files to and from the victim's machine, crashing the computer, data theft, installation of software including malware, and keystroke logging for the purpose of acquiring user ids and passwords. Back Orifice 2000, the sequel to Back Orifice, was later released and could run on Windows NT machines.

Another notable Trojan horse is called SubSeven. It was designed to attack computers running Microsoft Windows 95 and Windows 98. It is also similar in architecture to Back Orifice, but with a third component called a server editor (EditServer), which allowed the attacker to configure the infection. It provides many more options for attack than Back Orifice, however, allowing an attacker to issue virtually any command imaginable on a compromised system.

Trojan horses are becoming more and more common. According to a survey conducted by BitDefender from January to June 2009, "Trojan-type malware is on the rise, accounting for 83-percent of the global malware detected in the world". This virus has a relationship with worms as it spreads with the help given by worms and travel across the Internet with them.