Daemon Tools Backdoored for a Month, Pushing Malware via Updates
Kaspersky reveals popular disk image tool Daemon Tools was compromised, distributing malicious updates for roughly a month.
Daemon Tools, the widely used disk image mounting software, got owned. Kaspersky has confirmed that the application was backdoored in a sustained compromise lasting approximately one month, during which malicious updates were pushed to users.
That's a supply chain attack — one of the nastiest flavors of compromise out there. Attackers didn't need to trick individual users. They hijacked the update pipeline itself, meaning anyone running the software and accepting updates was a potential victim.
Kaspersky flagged the campaign, though specifics on the exact malware payload and the total number of affected users remain thin. Daemon Tools has been a staple utility for decades, particularly among power users and developers who regularly work with ISO files and virtual drives.
Supply chain attacks continue to be a growing threat vector. If your update mechanism is compromised, trust evaporates instantly.