ADVERTISEMENT

Trusted adware app left 25,000+ systems open to a $10 supply-chain hijack

More than 25,000 systems were left exposed after Huntress researchers discovered adware distributed by Dragon Boss Solutions used an insecure software update channel that could have been hijacked for as little as $10.

adware

Image by Zephyr_p | Shutterstock

Stefanie Schappert
Stefanie Schappert Senior Journalist
Apr 15, 2026 Updated: 15 April 2026 3 min read
Key takeaways:
Dragon Boss Solutions adware
Image by Huntress

Unsecured update path enables full takeover

Dragon Boss adware attack chain
Diagram showing multi-stage attack path. Image by Huntress

Huntress sinkholes domain, sees widespread check-ins

Dragon Boss AV Kill List
Image by Huntress
ADVERTISEMENT
jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Add us as your Preferred Source on Google.

Supply-chain style risk highlights ongoing threat

  • United States - 12,697 hosts (53.9%)
  • France - 2,803 hosts (11.9%)
  • Canada - 2,380 hosts (10.1%)
  • United Kingdom - 2,223 hosts (9.4%)
  • Germany - 2,045 hosts (8.7%)
Dragon Boss adware infected IP heatmap
Image by Huntress
  • 245 Educational institutions across North America, Europe, and Asia
  • 41 Operational Technology networks - Electric utilities, power cooperatives, transport networks, and critical infrastructure providers
  • 35 Government entities - Municipal governments, state agencies, and public utilities
  • 3 Healthcare organizations - Hospital systems and healthcare providers

Has your password leaked?

Enter your password to check if it has leaked. Having a leaked password creates the risk of identity theft, financial damages, and worse!
35,607,543,468
Exposed Passwords
Ad
Protect your personal information from cybercriminals and get 50% off the top-rated password manager
link_title link_title

ADVERTISEMENT