Geeks for your information News Privacy & Security News v
DanaBot Malware Roars Back into Relevancy
DanaBot Malware Roars Back into Relevancy
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,065 in 3,838 posts
Thanks Given: 6,205
Joined: 12 September 18
#1
Information  27 January 21, 13:16
Quote:Researchers are warning that a new fourth version of the DanaBot banking trojan has surfaced after months of mysteriously going quiet. The latest variant, still under analysis by researchers, is raising concerns given the number of past DanaBot effective campaigns.
 
From May 2018 to June 2020, DanaBot has been a fixture in the crimeware threat landscape, according to Proofpoint, which first discovered the malware in 2018 and posted a debrief on the latest variant Tuesday.

“Starting in late October 2020, we observed a significant update to DanaBot samples appearing in VirusTotal,” wrote Dennis Schwarz, Axel F. and Brandon Murphy, in the collaborative Tuesday report. “While it has not returned to its former scale, DanaBot is malware that defenders should put back on their radar.”
 
DanaBot is a banking trojan that first targeted users in Australia via emails containing malicious URLs. Criminals then developed a second variant and targeted US companies – part of a series of large-scale campaigns. A third variant surfaced in February 2019 that was significantly enhanced with remote command-and-control functionality, according to the ESET researchers who discovered it.
 
While the most recent fourth version, found by Proofpoint, is unique, it’s unclear from the researcher’s recent report what specific new capabilities, if any, the malware has today. Proofpoint did not reply to press inquiries.
 
Compared to previous campaigns,  the Tuesday report suggests that this most recent variant comes packed mostly with the same deadly arsenal of tools that have come before. Main features include a ToR component to anonymize communications between the bad-guys and an infected hardware.
 
As previously reported in DanaBot control panel revealed, we believe DanaBot is set up as a ‘malware as a service’ in which one threat actor controls a global command and control (C&C) panel and infrastructure then sells access to other threat actors known as affiliates,” researchers wrote.

Read more: https://threatpost.com/danabot-malware-r...ck/163358/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Emsisoft Anti-Malware 2025.2.0.12659
Changes in 2025.2....harlan4096 — 11:00
AVG 25.1.9816
AVG 25.1.9816: ...harlan4096 — 10:59
Avast 25.1.9816
Avast 25.1.9816: ...harlan4096 — 10:58
VeraCrypt 1.26.20
VeraCrypt 1.26.20:...harlan4096 — 10:58
UltraSearch 4.6.1.1102
UltraSearch 4.6.1....harlan4096 — 10:57

[-]
Birthdays
Today's Birthdays
avatar (45)delsreehRob
avatar (43)pyotrded
Upcoming Birthdays
avatar (46)hapedDow
avatar (45)komriwat
avatar (37)showercurtains
avatar (48)PeterWhink
avatar (49)neuthrusBub
avatar (40)oecmecodo
avatar (39)ShakitaSmobe
avatar (48)tsorenHievy
avatar (45)myhotseeve
avatar (45)Edwinmub
avatar (45)dimaWeami
avatar (40)svoyaEnuct
avatar (38)TranoTymn
avatar (38)MezirLal
avatar (49)listfquoto
avatar (45)dima6sarPrave
avatar (37)Michaelaburi
avatar (45)dpascoal
avatar (50)Ronaldduh
avatar (38)legalgauch
avatar (40)yposegij
avatar (43)Baihu
avatar (26)RaseinsLikes

[-]
Online Staff
There are no staff members currently online.

>