Son Dakika
ES¡ESPAÑA ESTÁ EN CUARTOS! Merino decide en el 90' contra PortugalFRL'Espagne élimine le Portugal en 8e de finale de la Coupe du Monde 2026INTLCanada Selects ThyssenKrupp Marine Systems for Multi-Billion Euro Submarine ContractJP10代長女を監禁、母親を再逮捕 三男も逮捕、警視庁FRThales rachète Exail Technologies après l'échec des négociations avec SafranRUВ Сумах и Днепропетровске прогремели взрывы на фоне воздушной тревогиRUПотери ЕС от отказа от российских энергоносителей оцениваются в 3 трлн евроFRDonald Trump confirme avoir demandé à la FIFA de réexaminer le carton rouge de Folarin BalogunVNBồ Đào Nha vs Tây Ban Nha: Tâm điểm vòng 1/8 World Cup 2026TRPortekiz, İspanya'ya 1-0 Mağlup Oldu ve ElendiES¡ESPAÑA ESTÁ EN CUARTOS! Merino decide en el 90' contra PortugalFRL'Espagne élimine le Portugal en 8e de finale de la Coupe du Monde 2026INTLCanada Selects ThyssenKrupp Marine Systems for Multi-Billion Euro Submarine ContractJP10代長女を監禁、母親を再逮捕 三男も逮捕、警視庁FRThales rachète Exail Technologies après l'échec des négociations avec SafranRUВ Сумах и Днепропетровске прогремели взрывы на фоне воздушной тревогиRUПотери ЕС от отказа от российских энергоносителей оцениваются в 3 трлн евроFRDonald Trump confirme avoir demandé à la FIFA de réexaminer le carton rouge de Folarin BalogunVNBồ Đào Nha vs Tây Ban Nha: Tâm điểm vòng 1/8 World Cup 2026TRPortekiz, İspanya'ya 1-0 Mağlup Oldu ve Elendi
Newsgather
GeriKaspersky suspects Chinese hackers planted a backdoor into Daemon Tools in ‘widespread’ attack
Teknoloji
TechCrunch05.05.2026Teknoloji3 dk okumaUnited States

Kaspersky suspects Chinese hackers planted a backdoor into Daemon Tools in ‘widespread’ attack

Neden Önemli?

Security researchers at Kaspersky have identified a malicious backdoor in the popular Windows disc imaging software, Daemon Tools. This is part of a growing trend of supply chain attacks targeting software developers to distribute malware.

Yazı boyutu

Security researchers at Kaspersky say they have identified a malicious backdoor planted in the popular and long-running Windows disc imaging software, Daemon Tools.

The Russian cybersecurity company said on Tuesday that data collected from computers around the world running the Kaspersky antivirus software shows a “widespread” attack is under way, targeting thousands of Windows computers running Daemon Tools.

The hackers, whom Kaspersky has linked to a Chinese-language speaking group based on an analysis of the malware, used the backdoor in Daemon Tools to plant additional malware on a dozen computers across the retail, scientific and manufacturing sectors, as well as government systems. Kaspersky said the hacking of these specific computers implied a “targeted” effort.

The company said the targeted organizations are located in Russia, Belarus, and Thailand.

Kaspersky said the backdoor was first detected on April 8.

Kaspersky said it had contacted Disc Soft, the company that maintains Daemon Tools, but did not say if the developer responded or took action. Kaspersky said the supply chain attack is “still active,” suggesting that the hackers can still plant malware on thousands of computers running the disc imaging software.

This is the latest in a string of so-called “supply chain” attacks that have targeted developers of popular software in recent months. Hackers are increasingly taking aim at the accounts of developers who work on widely used code and software, and abusing that access to push malicious code to anyone who relies on the software. This approach lets the hackers break into a large number of computers at once when their malicious code is delivered as a software update.

Earlier this year, hackers associated with the Chinese government hijacked the popular text editing software Notepad++ to deliver malware to a number of organizations with interests in East Asia. Security researchers also warned of another attack last month targeting users who visited the website of CPUID, which makes the popular HWMonitor and CPU-Z tools.

TechCrunch downloaded the Windows installer from Daemon Tools’ website, and the file appeared to contain the backdoor when we checked it with the online malware scanner service VirusTotal.

It’s not known if the macOS version of Daemon Tools was compromised, or if other apps made by Disc Soft are affected.

When contacted for comment, a Disc Soft representative said they are “aware of the report and are currently investigating the situation.”

“Our team is treating this matter with the highest priority and is actively working to assess and address the issue. At this stage, we are not in a position to confirm specific details referenced in the report. However, we are taking all necessary steps to remediate any potential risks and to ensure the security of our users,” the representative said.

Do you know more about the cyberattack targeting Daemon Tools users? Did you receive an antivirus alert saying you were affected? We want to hear from you. To contact this reporter securely, reach out via Signal username zackwhittaker.1337.

Bundan Sonra Ne Olabilir?

Yapay zekâ öngörüsü — kesinlik taşımaz

  • Disc Soft will release a security update to patch the backdoor.

    Çok muhtemel · Günler içinde

  • Further details about the hacking group and their motives will be revealed.

    Olası · Haftalar içinde

Açık Sorular

  • Did Disc Soft respond to Kaspersky's contact?
  • What specific actions is Disc Soft taking to remediate the issue?
  • What is the exact nature of the additional malware planted?
  • What is the full extent of the compromise across different sectors and countries?

İlgili Konular

Bu haber ilk olarak şurada yayınlandı: TechCrunch.

İlgili Haberler