Daemon Tools Supply Chain Attack Hits Thousands of Users

Hackers compromised Daemon Tools, infecting computers with malware. Affected users must update to version 12.6.0.2445 immediately.

By Content Team

May 7, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Daemon Tools developer Disc Soft confirmed hackers compromised their software distribution between April 8 and May 5, infecting thousands of computers with malware. Chinese-speaking attackers injected trojanized code into Daemon Tools Lite version 12.5.1 downloads from the official website.

Kaspersky discovered the breach affected government, scientific, manufacturing, and retail organizations across Belarus, Russia, and Thailand. The attackers selected about a dozen victims for deeper infiltration, including a Russian educational institution hit with a complex backdoor.

Disc Soft has contained the incident, rebuilt clean installation packages, and released version 12.6.0.2445 on May 5. Users who downloaded the compromised version must uninstall the software and scan for malware.

Source: Security Week

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Cyber Attack Hits Northern Ireland School IT System During Critical Exam Period

Apr 13, 2026

Identity Abuse Drives Nearly Two-Thirds of Cyberattacks, Unit 42 Report Shows

Feb 17, 2026

New 'CrashFix' Scam Intentionally Crashes Browsers to Deliver Malware

Jan 21, 2026

Nike Investigating Cyber Attack as Hackers Threaten Data Leak

Jan 24, 2026