Dragon Boss Solutions LLC adware malicious update
Malware Activity
Summary
Hide ▲
Show ▼
A March 22, 2025 malicious update turned Dragon Boss Solutions LLC adware into an AV-disabling payload, exposing nearly 24,000 systems to follow-on abuse. The update targeted security tools from ESET, McAfee, Kaspersky, and Malwarebytes, and it also added scheduled-task persistence and Windows Defender exclusions. The malware was later found on 23,500+ computers in 124 countries, including 35 government entities and 41 OT networks.
Related Happenings
StealC and Amadey infostealer infrastructure disruption
Malware Activity
H score69
First: 24.06.2026 18:25
Last: 24.06.2026 18:25
Sources 1
About this happening:
**StealC** and **Amadey** malware infrastructure was disrupted in **Operation Endgame**, cutting off the command-and-control services used to manage infected systems. Europol said...
StealC and Amadey infostealer infrastructure disruption
Malware ActivityAbout this happening: **StealC** and **Amadey** malware infrastructure was disrupted in **Operation Endgame**, cutting off the command-and-control services used to manage infected systems. Europol said...
Major U.S. services company hit by ransomware attack linked to DragonForce
Incident
H score38
First: 16.06.2026 13:18
Last: 16.06.2026 13:18
Sources 1
About this happening:
A **DragonForce ransomware** incident hit a **major U.S. services firm** in **December 2025**, with attackers maintaining access for **one to two months** and hiding **command-and...
Major U.S. services company hit by ransomware attack linked to DragonForce
IncidentAbout this happening: A **DragonForce ransomware** incident hit a **major U.S. services firm** in **December 2025**, with attackers maintaining access for **one to two months** and hiding **command-and...
UNC5221 Brickstorm, Plenet, and AgentPSD access-maintenance malware activity
Malware Activity
H score16
First: 05.06.2026 21:09
Last: 05.06.2026 21:09
Sources 1
About this happening:
The **Brickstorm** malware set enabled **UNC5221 / VerdantBamboo** to keep long-term access inside victim infrastructure, including **Microsoft 365**, raising the risk of stealthy...
UNC5221 Brickstorm, Plenet, and AgentPSD access-maintenance malware activity
Malware ActivityAbout this happening: The **Brickstorm** malware set enabled **UNC5221 / VerdantBamboo** to keep long-term access inside victim infrastructure, including **Microsoft 365**, raising the risk of stealthy...
Daemon Tools Lite trojanized installer campaign
Campaign
H score43
First: 07.05.2026 12:30
Last: 07.05.2026 12:30
Sources 1
About this happening:
A **trojanized Daemon Tools Lite installer campaign** is driving **several thousand infection attempts** across **more than 100 countries**, turning a trusted download into a malw...
Daemon Tools Lite trojanized installer campaign
CampaignAbout this happening: A **trojanized Daemon Tools Lite installer campaign** is driving **several thousand infection attempts** across **more than 100 countries**, turning a trusted download into a malw...
DAEMON Tools Lite trojanized installer wave
Exploitation Wave
H score9
First: 06.05.2026 19:43
Last: 06.05.2026 19:43
Sources 1
About this happening:
Trojanized **DAEMON Tools Lite** installers backdoored **thousands of systems** in **more than 100 countries**, turning a trusted download path into a broad infection wave. The co...
DAEMON Tools Lite trojanized installer wave
Exploitation WaveAbout this happening: Trojanized **DAEMON Tools Lite** installers backdoored **thousands of systems** in **more than 100 countries**, turning a trusted download path into a broad infection wave. The co...
Timeline
-
16.04.2026 22:07 2 articles · 2mo ago
Dragon Boss Solutions LLC pushes AV-disabling update
Technical Analysis UpdateDragon Boss Solutions LLC pushes a malicious Advanced Installer update to its adware on March 22, 2025, disabling ESET, McAfee, Kaspersky, and Malwarebytes detection, adding scheduled-task persistence, and setting Windows Defender exclusions that could let future payloads land with less resistance.
Show sources
- 'Harmless' Global Adware Transforms Into an AV Killer — www.darkreading.com — 16.04.2026 22:07
- 'Harmless' Global Adware Transforms Into an AV Killer — www.darkreading.com — 16.04.2026 22:07
-
16.04.2026 22:07 1 articles · 2mo ago
Huntress sinkholes Dragon Boss update domain and measures spread
Campaign Scope UpdateHuntress sinkholes the campaign's primary update domain and finds Dragon Boss adware on more than 23,500 computers in 124 countries, including 35 government entities, 41 operational technology networks, and 221 higher education institutions, showing a broad distribution base for follow-on cyberattacks.
Show sources
- 'Harmless' Global Adware Transforms Into an AV Killer — www.darkreading.com — 16.04.2026 22:07