Your IP: Unknown · Your Status: ProtectedUnprotectedUnknown

Skip to main content



Also known as: Trochilus RAT

Category: Malware

Type: Remote access trojan

Platform: Windows


Damage potential: Data theft, espionage, network spread


Trochilus is a remote access trojan designed for cyber espionage and remote device control. Using Trochilus, attackers can gain access to infected devices, extract system and user data — or just edit, move, and delete files without the victim’s permission. This remote access trojan has been around since 2015.

Possible symptoms

If your files start disappearing or getting modified without your knowledge, you may suspect an infection. In addition, you may notice the following:

  • Sluggish computer performance.

  • An unusual spike in network traffic.

  • Unauthorized changes in system settings or login attempts.

  • Alerts from security software.

Sources of infection

Trochilus typically lurks in malware-hosting websites, attachments in phishing emails, and P2P (peer-to-peer) networks. Additionally, cybercriminals might take advantage of vulnerabilities in outdated software to infect devices.


Always browse with caution to protect your devices from Trochilus.

  • Avoid downloading files or software from unofficial sources.

  • Be careful with email attachments, especially from unknown senders. Do not open suspicious links, media, or documents.

  • Use NordVPN to secure your online traffic.

  • Scan your newly-downloaded files for viruses and block malicious websites with NordVPN’s Threat Protection feature.

  • Make sure your operating system and software are updated.

  • Install a reputable antivirus solution.

  • Regularly back up important data.


Follow these steps to remove Trochilus from an infected device with antivirus software:

  • Disconnect from the internet to stop Trochilus from communicating with its command and control server.

  • Run a full system scan and follow the instructions provided by your antivirus software.

  • Restart your device.

  • Get in touch with an IT professional if you need further help.

Ultimate digital security