A trojan is malicious software that disguises itself as something legitimate or useful in order to trick a user or system into allowing it.
A trojan is malicious software that disguises itself as something legitimate, useful, or expected. In plain language, it relies on deception to get a user or system to accept or run it when it should not be trusted.
Trojans matter because many security incidents begin with trust abuse rather than purely technical exploitation. A user may be tricked into opening something that looks harmless, or a system may treat a deceptive file or package as if it were legitimate.
It also matters because trojans remind defenders that malware defense is not only about blocking obviously malicious-looking code. Presentation, user trust, and software origin all affect security.
Trojans appear in phishing, malware detection, endpoint security, software-origin review, and user-awareness training. Teams defend against them through Antivirus, Application Whitelisting, Secure Coding for trusted software distribution, and controlled execution policies.
Security teams also reference trojans in incident response because deceptive delivery often affects how the initial infection occurred and how user or system trust was abused.
A user receives a file that appears to be a routine business document but actually behaves differently than expected once opened. The deception is the key idea: the malware is not presented honestly as what it really is.
A trojan is not defined by one specific payload or effect. The defining characteristic is the deceptive presentation used to get it accepted or executed.
It is also different from Ransomware. A trojan describes the deceptive disguise aspect. Ransomware describes an extortion-focused outcome or behavior.