Kaspersky Suspects Chinese Hackers Planted a Backdoor into Daemon Tools in 'Widespread' Attack

Kaspersky’s Alarming Discovery 🚨

Security researchers at Kaspersky have identified a malicious backdoor planted in the popular Windows disc imaging software, Daemon Tools. The Russian cybersecurity company reported on Tuesday that data collected from computers worldwide running Kaspersky antivirus shows a “widespread” attack targeting thousands of Windows computers using Daemon Tools.

The hackers, linked to a Chinese-language speaking group, utilized the backdoor to deploy additional malware on numerous computers across various sectors, including retail, scientific, manufacturing, and government systems. Kaspersky emphasized that the hacking of these specific computers indicates a targeted effort.

Key Findings 🔍

• The targeted organizations are located in Russia, Belarus, and Thailand.
• The backdoor was first detected on April 8.
• The supply chain attack is still active, allowing hackers to potentially plant malware on thousands of computers running the software.

This incident is part of a growing trend of supply chain attacks that have recently targeted developers of popular software. Hackers are increasingly aiming at developers’ accounts to push malicious code to users relying on their software, enabling them to compromise numerous computers simultaneously through software updates.

Earlier this year, hackers associated with the Chinese government hijacked the popular text editing software Notepad++ to deliver malware to various organizations in East Asia.

Investigation Underway 🔒

TechCrunch downloaded the Windows installer from Daemon Tools’ website, and the file appeared to contain the backdoor when checked with the online malware scanner service VirusTotal. A representative from Disc Soft stated they are aware of the report and are currently investigating the situation with the highest priority to ensure user security.

For more details, Read full article