Kaspersky researchers discovered a monthlong supply-chain attack targeting the widely used Daemon Tools disk application. Attackers deployed minimalistic backdoors to about a dozen organizations, with capabilities to execute commands, download files, and run shellcode payloads. More concerning was the discovery of QUIC RAT, a sophisticated backdoor found on a single machine in Russia.

The attack compromised 100 organizations primarily in Russia, Brazil, Turkey, and European nations. Kaspersky noted that 10% of affected systems belonged to businesses, with the complex backdoor specifically targeting government, scientific, manufacturing, and retail organizations in Russia, Belarus, and Thailand. This suggests a deliberate, targeted approach rather than indiscriminate malware distribution.

The attack represents part of a troubling trend in recent supply-chain compromises, following similar incidents affecting Trivy, Checkmarx, and Bitwarden. Users should immediately scan their systems with reputable antivirus software and check for indicators of compromise listed in Kaspersky's advisory. Advanced users should monitor suspicious code injections into legitimate system processes.