Trojanized

Trojanized is an adjective describing software or code that has been modified to include a Trojan horse—malicious payload masquerading as legitimate functionality. The intent is to deceive users into executing or installing the software so that the attacker gains unauthorized access, exfiltrates data, or damages systems. Unlike self-replicating malware such as viruses or worms, a trojan typically relies on user action or a vulnerability to run.

Trojanized software hides its malicious components within a legitimate program, a software update, or an add-on.

Notable incidents include the CCleaner 2017 supply-chain attack, where a tainted build was distributed to a

Defenses emphasize software provenance and integrity: strict code signing, verified hashes, secure build pipelines, and digitally