Do you know about a software called Daemon Tools? This software is used to read disk image files without having to make a physical copy of the disk.
Recently, it was reported that the developer of Daemon Tools is now facing a very serious issue, where there is a group of hackers who have used the server machine to download the Daemon Tools file software to spread malware.
This discovery was reported by Kaspersky Labs which said that this attack, called a supply chain attack, had started since April 8, 2026 and was still active when the report was released on May 5, 2026.
According to the report, what happens is that when a user downloads the Daemon Tools software, a digital verification certificate will be matched to the software, and when the user installs and uses the Daemon Tools software, the malware will be activated in the background, and will start infecting the computer.
Kaspersky said that Daemon Tools installer versions 12.5.0.2421 to 12.5.0.2434 were affected by this malware, and they have taken action to alert AVB Disc Soft, the software’s developer.
The malware was found to search for and send data such as MAC addresses, hostnames, DNS domain names, details of computing processes, installed software and system location settings. Thousands of computer systems have been affected by this malware, but what is interesting is that the hacking group seems to be looking for computer systems in specific locations as only some of these computers have received new signals from the hackers.
This is not the first time that this supply chain-related security incident has occurred. This issue is also difficult to contain and detect because technically, this malware is “shared” through the official servers of the software service, and can only be determined after any attack has occurred.
