Trojan horses, or trojans for short, take their name from the myth of Odysseus's wooden horse, which had a number of Greek soldiers hidden inside its belly. We all know how the story unfolds: the unsuspecting citizens of Troy actually bring their enemy into the heart of the embattled city inside the wooden horse themselves – and in so doing, seal their own fate.

Trojan developers employ a similar trick: they disguise their malware as a useful program and hope that innocent users will install it for themselves. Because, unlike viruses and worms, trojans do not have a mechanism that allows them to self-reproduce; instead, they rely on deception as their distribution strategy. Trojans often appear in counterfeit software, which has been manipulated by cyber criminals. Such software is generally available to download from disreputable sources.

NotPetya: a trojan hidden in accounting software

In June 2017, a malware program named NotPetya caused a global stir. Unlike many other trojans, NotPetya did not enter systems via an e-mail attachment, but through an update to the M.E.Doc accounting software, which is especially widely used in Ukraine. The malware was initially identified as an encryption trojan (ransomware), because it seemed the criminals' motive was to extort ransom payments in exchange for releasing encrypted data.

German companies that conduct business in Ukraine and pay taxes there using M.E.Doc, which is one of two programs officially approved for this purpose, were affected too. Critical business and production processes came to a standstill for some firms for over a week. The end result was millions of euros' worth of damage – even though Germany had only a slight brush with the NotPetya epidemic, so to speak, since M.E.Doc software is not usually needed here.