Government, Scientific Entities Hit via Daemon Tools Supply Chain Attack
Government and scientific organizations have been targeted by a supply chain attack that distributed a sophisticated backdoor through trojanized DAEMON Tools installers.
A supply chain attack involving trojanized versions of the DAEMON Tools software has been identified, impacting government and scientific entities. While the malicious installers were distributed globally, the attackers deployed a sophisticated backdoor to only a select group of high-value targets.
The incident highlights the risks associated with software supply chain compromises, where legitimate tools are weaponized to deliver malware. The backdoor allows for persistent access and potential data exfiltration from the compromised systems [SecurityWeek].
Organizations that use DAEMON Tools should audit their environments for unauthorized installations or suspicious activity. Security teams are advised to review their software procurement and update processes to mitigate the risk of similar supply chain attacks. Further details on the incident can be found in the ongoing investigation DAEMON Tools Supply Chain Attack.