Once installed, the tool can infiltrate programs used to access other computers. Malware disguised as legitimate updates sent by the IT provider can be sent to the customer.