DAEMON Tools trojanized in supply-chain attack to deploy backdoor
Summary
Attackers have trojanized installers for DAEMON Tools, a popular disk imaging utility, distributing a backdoor to thousands of users since April 8th. The compromised installers were downloaded from the official DAEMON Tools website, indicating a supply-chain attack.
IFF Assessment
This event represents a successful supply-chain attack, allowing threat actors to compromise numerous systems by distributing malware through a trusted software installer.
Defender Context
This incident highlights the persistent threat of supply-chain attacks, where trusted software distributors can become vectors for malware. Defenders should implement strict software vetting processes, monitor for unusual network activity from installed applications, and maintain robust endpoint detection and response capabilities to identify and mitigate such compromises.