Daemon Tools disk app hit by monthlong supply-chain backdoor
Original: Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack
Why This Matters
Major supply-chain attack on widely-used software affects millions of users
Popular disk mounting software Daemon Tools was compromised in a supply-chain attack that lasted approximately one month. The widely-used application was backdoored, potentially affecting millions of users who downloaded the compromised version during the attack period.
Daemon Tools, a popular disk image mounting and virtual drive software used by millions globally, was compromised in a sophisticated supply-chain attack that persisted for about one month. The attackers successfully inserted a backdoor into the legitimate software distribution, meaning users who downloaded and installed Daemon Tools during this period received malicious code alongside the expected functionality. Supply-chain attacks target software distribution channels to reach large numbers of victims through trusted applications. The incident highlights the ongoing vulnerability of software supply chains to advanced persistent threats.