Daemon Tools developer Disc Soft confirmed hackers compromised their software distribution between April 8 and May 5, infecting thousands of computers with malware. Chinese-speaking attackers injected trojanized code into Daemon Tools Lite version 12.5.1 downloads from the official website.
Kaspersky discovered the breach affected government, scientific, manufacturing, and retail organizations across Belarus, Russia, and Thailand. The attackers selected about a dozen victims for deeper infiltration, including a Russian educational institution hit with a complex backdoor.
Disc Soft has contained the incident, rebuilt clean installation packages, and released version 12.6.0.2445 on May 5. Users who downloaded the compromised version must uninstall the software and scan for malware.
Source: Security Week