Black & White Path

May 9, 2026 · Information Security

Kaspersky Exposes DAEMON Tools Supply Chain Attack Infecting Over 100,000 Users

In May 2026, Kaspersky revealed that the official Windows installer for DAEMON Tools Lite versions 12.5.0.2421‑12.5.0.2434 had been compromised for nearly a month, allowing attackers to inject signed back‑door binaries, establish C2 communication, deliver staged payloads—including a QUIC RAT—to thousands of victims across more than a hundred countries, with high‑value targets primarily in Russia, Belarus and Thailand, before a patched version 12.6.0.2445 was released.