Cybersecurity experts at Kaspersky have reported the discovery of a malicious backdoor in the popular Daemon Tools software for Windows. This cyberattack, which has affected thousands of computers worldwide, was carried out via a supply chain compromise, according to Techcrunch.com reports.
Analysis indicates that a Chinese-speaking hacker group is behind the attack. Through this software, they managed to install additional malware on computers belonging to retail, scientific research, manufacturing, and government systems in Russia, Belarus, and Thailand.
Kaspersky experts note that this threat has been ongoing since April 8 and remains active. Although the software developer, Disc Soft, has been notified, there is currently no information regarding their response measures.
In recent months, such supply chain attacks targeting software developers have been increasing. Hackers aim to gain access to thousands of user devices simultaneously through updates to popular programs.
Checks conducted via the VirusTotal service confirmed that the installation file downloaded from the Daemon Tools website indeed contains malicious code. It is currently unknown whether the macOS version or other software has been affected by this attack.
Read “Zamin” on Telegram!
