DSL A.I CyberSecurity Scoring
DSL
Company Information
Website:http://www.disc-soft.com
Employees number:23
Number of followers:0
NAICS:5415
Industry Type:IT Services and IT Consulting
Homepage:disc-soft.com
DSL Risk Score (AI oriented)
Between 750 and 799
DSLIT Services and IT Consulting
Updated:
05/05/2026
05/05/2026
797/1000
Fair
Baa
DSL Global Score (TPRM)
xxxx
DSLIT Services and IT Consulting
Score locked

DSLFair
Current Score
797Baa (FAIR)
01000
1 incidents
-10 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
798
JUNE 2026
797
MAY 2026
807
Cyber Attack
05 May 2026 • DSL
DAEMON Tools: DAEMON Tools Breach Used to Spread Malware in Supply Chain Attack
DAEMON Tools Supply Chain Attack Distributes Backdoors via Trojanized Installers
797
CRITICAL-10
DIS1777998353
DAEMON Tools Supply Chain Attack Distributes Backdoors via Trojanized Installers
In May 2026, Kaspersky researchers uncovered a sophisticated supply chain attack targeting users of DAEMON Tools, a widely used disk image mounting software. The compromised installers versions 12.5.0.2421 through 12.5.0.2434 were distributed directly from the official website beginning April 8, 2026, and remained available for nearly a month.
The attackers embedded malicious payloads in three core binaries within the installation directory (DTHelper.exe, DiscSoftBusServiceLite.exe, and DTShellHlp.exe). Upon execution at system startup, the malware triggered a backdoor that communicated with a typosquatted command-and-control (C2) domain env-check.daemontools[.]cc registered on March 27, 2026, just days before the attack commenced.
The campaign affected thousands of systems across over 100 countries, with the majority of victims located in Russia, Brazil, Turkey, Spain, Germany, France, Italy, and China. While 90% of infections targeted individual users, a smaller subset of retail, scientific, government, and manufacturing organizations primarily in Russia, Belarus, and Thailand received advanced payloads, suggesting a targeted espionage or "big game hunting" motive.
The attack employed a three-stage payload chain:
1. Information Collector (*envchk.exe*) – A .NET-based tool that harvested system details (MAC address, hostname, installed software, processes) and exfiltrated data to 38.180.107[.]76. The presence of Chinese-language strings in its code pointed to a likely Chinese-speaking threat actor.
2. Minimalistic Backdoor (*cdg.exe*) – An RC4-encrypted shellcode loader deployed to roughly a dozen high-value machines, enabling file downloads, command execution, and in-memory shellcode deployment.
3. QUIC RAT – A sophisticated C++ implant, observed in a single attack against a Russian educational institution, featuring multi-protocol C2 communication (HTTP, UDP, TCP, WSS, QUIC, DNS, HTTP/3) and process injection capabilities.
The trojanized installers were signed with legitimate digital certificates from AVB Disc Soft, the software’s developer, allowing them to bypass security tools. Key indicators of compromise (IOCs) include the malicious C2 domain, the IP address 38.180.107[.]76, and specific file hashes for the infected installers and payloads. Suspicious file paths, such as C:\Windows\Temp\envchk.exe and %AppData%\Microsoft\mcrypto.dat, were also identified.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
APRIL 2026
807
MARCH 2026
807
FEBRUARY 2026
807
JANUARY 2026
807
DECEMBER 2025
807
NOVEMBER 2025
807
OCTOBER 2025
807
SEPTEMBER 2025
807
AUGUST 2025
807
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for DSL ??
What was DSL's A.I Rankiteo Cyber Score in June 2026 ??
What was DSL's A.I Rankiteo Cyber Score in May 2026 ??
What was DSL's A.I Rankiteo Cyber Score in April 2026 ??
What was DSL's A.I Rankiteo Cyber Score in March 2026 ??
What was DSL's A.I Rankiteo Cyber Score in February 2026 ??
What was DSL's A.I Rankiteo Cyber Score in January 2026 ??
What was DSL's A.I Rankiteo Cyber Score in December 2025 ??
What was DSL's A.I Rankiteo Cyber Score in November 2025 ??
What was DSL's A.I Rankiteo Cyber Score in October 2025 ??
What was DSL's A.I Rankiteo Cyber Score in September 2025 ??
What was DSL's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on DSL's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with DSL ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view DSL's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?