Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack

One of the follow-on payloads pushed to about a dozen organizations was what Kaspersky described as a “minimalistic backdoor.” It has the ability to execute commands, download files, and run shellcode payloads in memory—making the infection harder to detect. Kaspersky said that it observed a more complex backdoor dubbed QUIC RAT, installed on a single machine belonging to an educational institution located in Russia. …