A widely used everyday software tool has quietly become a gateway for hackers putting thousands of systems at risk.
Hidden Malware Inside Trusted Software
Security researchers at Kaspersky have uncovered a malicious backdoor embedded in Daemon Tools, a long-standing Windows application.
The attack is not isolated. It is described as:
- Widespread across global systems
- Affecting thousands of computers
- Still actively ongoing
How the Attack Works
Hackers compromised the software supply chain, meaning users unknowingly installed infected versions through legitimate updates.
Once inside, the backdoor allows attackers to:
- Deploy additional malware
- Gain deeper system access
- Target specific organizations
- Targeted Sectors and Regions
Although broadly distributed, the attack shows signs of precision targeting:
Industries: retail scientific manufacturing government
Locations: Russia Belarus Thailand
Researchers believe the attackers are linked to a Chinese-speaking group based on malware analysis.
A Growing Cybersecurity Trend
This incident highlights a broader shift in cyberattacks:
- Hackers target software developers instead of individuals
- Malicious updates spread to large user bases instantly
Similar attacks recently impacted tools like Notepad++ and CPUID utilities.
Current Status
Kaspersky confirmed:
- The backdoor was detected on April 8
- The threat is still active
- Disc Soft is investigating
Why It Matters
Supply chain attacks are particularly dangerous because they exploit trust. Users install updates expecting security improvements, not hidden threats.
