Vendor Says Daemon Tools Supply Chain Attack Contained

After learning of the issue, the company isolated and secured the affected systems, removed potentially compromised files from distribution, rebuilt and validated installation packages, and made a clean iteration of Daemon Tools Lite, namely version 12.6.0.2445, available on May 5.“Our investigation is ongoing as we continue to analyze the root cause and full scope of the incident. At this stage, we are not attributing the incident to any specific third party. We are carefully reviewing all components of our infrastructure to ensure a complete and accurate understanding of what occurred,” the company said.Disc Soft says only Daemon Tools Lite version 12.5.1 was compromised, the issue has been contained, and no other products, such as Daemon Tools Ultra and Daemon Tools Pro, have been affected.Users who downloaded the trojanized software release, however, need to clean their systems too. For that, they should uninstall Daemon Tools Lite and scan the machine for malware.“We are also enhancing our verification procedures to further reduce the risk of similar incidents in the future,” Disc Soft said.Related:Gemini CLI Vulnerability Could Have Led to Code Execution, Supply Chain AttackRelated:SAP NPM Packages Targeted in Supply Chain AttackRelated:Checkmarx Confirms Data Stolen in Supply Chain AttackRelated:‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

“Our investigation is ongoing as we continue to analyze the root cause and full scope of the incident. At this stage, we are not attributing the incident to any specific third party. We are carefully reviewing all components of our infrastructure to ensure a complete and accurate understanding of what occurred,” the company said.Disc Soft says only Daemon Tools Lite version 12.5.1 was compromised, the issue has been contained, and no other products, such as Daemon Tools Ultra and Daemon Tools Pro, have been affected.Users who downloaded the trojanized software release, however, need to clean their systems too. For that, they should uninstall Daemon Tools Lite and scan the machine for malware.“We are also enhancing our verification procedures to further reduce the risk of similar incidents in the future,” Disc Soft said.Related:Gemini CLI Vulnerability Could Have Led to Code Execution, Supply Chain AttackRelated:SAP NPM Packages Targeted in Supply Chain AttackRelated:Checkmarx Confirms Data Stolen in Supply Chain AttackRelated:‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

Disc Soft says only Daemon Tools Lite version 12.5.1 was compromised, the issue has been contained, and no other products, such as Daemon Tools Ultra and Daemon Tools Pro, have been affected.Users who downloaded the trojanized software release, however, need to clean their systems too. For that, they should uninstall Daemon Tools Lite and scan the machine for malware.“We are also enhancing our verification procedures to further reduce the risk of similar incidents in the future,” Disc Soft said.Related:Gemini CLI Vulnerability Could Have Led to Code Execution, Supply Chain AttackRelated:SAP NPM Packages Targeted in Supply Chain AttackRelated:Checkmarx Confirms Data Stolen in Supply Chain AttackRelated:‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

Users who downloaded the trojanized software release, however, need to clean their systems too. For that, they should uninstall Daemon Tools Lite and scan the machine for malware.“We are also enhancing our verification procedures to further reduce the risk of similar incidents in the future,” Disc Soft said.Related:Gemini CLI Vulnerability Could Have Led to Code Execution, Supply Chain AttackRelated:SAP NPM Packages Targeted in Supply Chain AttackRelated:Checkmarx Confirms Data Stolen in Supply Chain AttackRelated:‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

“We are also enhancing our verification procedures to further reduce the risk of similar incidents in the future,” Disc Soft said.Related:Gemini CLI Vulnerability Could Have Led to Code Execution, Supply Chain AttackRelated:SAP NPM Packages Targeted in Supply Chain AttackRelated:Checkmarx Confirms Data Stolen in Supply Chain AttackRelated:‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

Related:Gemini CLI Vulnerability Could Have Led to Code Execution, Supply Chain AttackRelated:SAP NPM Packages Targeted in Supply Chain AttackRelated:Checkmarx Confirms Data Stolen in Supply Chain AttackRelated:‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

Related:SAP NPM Packages Targeted in Supply Chain AttackRelated:Checkmarx Confirms Data Stolen in Supply Chain AttackRelated:‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

Related:Checkmarx Confirms Data Stolen in Supply Chain AttackRelated:‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

Related:‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

Ionut Arghire is an international correspondent for SecurityWeek.

Source: SecurityWeek