Trojan horse

nounid 4490·updated May 9, 2026

candidate

GlossaryL1 — what DictionaryL2 — how used ThesaurusL3 — relations Universaleverything

A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.

MWE

Classifications

per-axis with provenance

Entity Type

Threat90%rule-basedr:entity.threat.attack.v1

Sensitivity

unclassified

Information Class

unclassified

Variants

3 surface forms

plural: Trojan horses
possessive: Trojan horse's
pluralpossessive: Trojan horses'

Framework definitions

6 senses across 6 frameworks

SANS Glossary of Security Terms1 senseview framework →

§1: A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.

National Initiative for Cybersecurity Careers and Studies (NICCS) Cybersecurity Lexicon1 senseview framework →

§1: A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.

ISACA Cybersecurity Glossary1 senseview framework →

§1: Purposefully hidden malicious or damaging code within an authorized computer program Scope Note: Unlike viruses, they do not replicate themselves, but they can be just as destructive to a single computer.

Federal Financial Institutions Examination Council (FFIEC) IT Examination Handbook Infobase, Glossary1 senseview framework →

§1: Malicious code that is hidden in software that has an apparently beneficial or harmless use.

NISTIR 7298: Glossary of Key Information Security Terms, Revision 21 senseview framework →

§1: A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.

CNSSI-4009 (Glossary of Information Assurance Terms)1 senseview framework →

§1: A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.

Outgoing relationships

term as subject — 0 triples

No outgoing triples

This term is not the subject of any RDF-style relationship yet.

Incoming relationships

term as object — 0 triples

No incoming triples

No other term currently asserts a relationship to this one.