Daemon Tools, a popular disk image mounting application, was compromised in a supply-chain attack that distributed malicious updates from the developer's own servers for over a month. The backdoored versions (12.5.0.2421-2434) collect sensitive system information and have infected thousands of machines across 100+ countries, with at least 12 high-value targets receiving additional payloads. This incident follows a pattern of similar supply-chain attacks on widely-used software like CCleaner, SolarWinds, and 3CX.
Background
Supply-chain attacks involve compromising software at its source, allowing attackers to distribute malware through legitimate update channels. These attacks are particularly dangerous because they bypass traditional security measures by using trusted software distribution mechanisms.
- Source
- Ars Technica
- Published
- May 6, 2026 at 03:46 AM
- Score
- 8.0 / 10