A piece of malicious code, which is not self-propagating, that behaves as a original piece of software on the host system and includes some hidden functionality that does Bad Things. Trojan horses often introduce backdoors to a system or give the Bad Guy special privilidges by using exploits. Trojans can provide a range of remote administration and surveillance functions.
To make this work the victim has to be trapped into trusting the trojan horse and execute it. Used techniques: Disguising it as a common used program, convince the user with social engineering, hacking a public FTP server, etc. Trojan horses are often introduced as friendly-seeming emails designed to fool the user into running an attachment.
History of the term:
In the thirteenth century B.C. a Greek army besieged the city of Troy. The siege went on for ten years. Finally, the Greeks admitted exhaustion and defeat. Pulling down their siege works and abandoning their trenches, the Greeks retired from the conflict.
The happy Trojans, safe within their walls, took the Greek collapse at face value . The Trojans could pat themselves on the back for a job well done. And they could enjoy their victory prize -- a great wooden horse mounted on wheels that the Greeks had left behind.
The Trojans rolled the big horse into the city, not realizing that Greek soldiers were hidden inside of it. After nightfall, when the Trojans were drunk or asleep, the Greeks emerged from the horse to open the city gates. Meanwhile, the whole Greek army had secretly returned under cover of darkness. With the gates of the city open, they poured in and slaughtered the unwary inhabitants.