Researchers are warning that a new fourth version of the DanaBot banking trojan has surfaced after months of mysteriously going quiet. The latest variety, still under analysis by researchers, is raising concerns given the number of past DanaBot effective campaigns. From May 2018 to June 2020, DanaBot has been a fixture in the crimeware threat landscape, according to Proofpoint, which first discovered the malware in 2018 and posted a debrief on the latest variant Tuesday. “Starting in late October 2020, we observed a significant update to DanaBot samples appearing in VirusTotal,” wrote Dennis Schwarz, Axel F. and Brandon Murphy, in the collaborative Tuesday report. “While it has not returned to its former scale, DanaBot is malware that defenders should put back on their radar.” DanaBot the Destructor DanaBot is a banking trojan that first targeted users in Australia via emails containing malicious URLs. Criminals then developed a second variant and targeted US companies – part of a series of large-scale campaigns. A third variant surfaced in February 2019 that was significantly enhanced with remote command-and-control functionality, according to the ESET researchers who discovered it. While the most recent fourth version, found by Proofpoint, is unique, it’s unclear from the researcher’s recent report what specific new capabilities, if any, the malware has today. Proofpoint did not reply to press inquiries. Compared to previous campaigns, the Tuesday report suggests that…
0 0 govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2021-01-26 16:24:002021-01-26 16:24:00DanaBot Malware Roars Back into Relevancy
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email firstname.lastname@example.org