Summary

A supply chain attack has compromised DAEMON Tools software installers, distributing malware through legitimate channels. Kaspersky researchers identified that these installers are signed with digital certificates belonging to DAEMON Tools developers.

Key Points

• The attack targets DAEMON Tools, a popular software for mounting disk images.
• Malicious installers are distributed from the official DAEMON Tools website.
• Digital certificates used in the attack belong to DAEMON Tools developers.
• Kaspersky researchers involved include Igor Kuznetsov, Georgy Kucherin, and Leonid.

Analysis

This attack highlights the vulnerabilities in the software supply chain, where even legitimate software distribution channels can be compromised. The use of valid digital certificates to sign the malicious installers increases the likelihood of users trusting and executing the compromised software, potentially leading to widespread malware infections.

Conclusion

IT professionals should verify the integrity of software installers and consider additional security measures such as monitoring for unusual network activity or using endpoint protection solutions. Awareness of supply chain vulnerabilities is crucial to mitigate similar threats.