Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack
Summary
Daemon Tools, a popular app for mounting disk images on Windows, was compromised in a supply-chain attack that lasted about a month starting April 8. The attackers pushed malicious updates from the official developer’s servers, infecting thousands of machines worldwide and delivering deeper malware to select organizations.Key Facts
- The attack started on April 8 and continued for about one month.
- Malicious updates were digitally signed and delivered via the official Daemon Tools website.
- Only Windows versions 12.5.0.2421 through 12.5.0.2434 were affected.
- Initial malware collected device information like MAC addresses, hostnames, and running software.
- Thousands of devices in over 100 countries were infected.
- About a dozen machines in government, scientific, manufacturing, and retail fields received a more dangerous backdoor.
- The advanced backdoor could run commands, download files, and hide its presence by running code in memory.
- The attack shows high complexity, making it difficult to detect and stop.
Read the Full Article
This is a fact-based summary from The Actual News. Click below to read the complete story directly from the original source.