The new version of DanaBot is now found in pirated software keys including ones offering free VPN, anti-virus software and pirated games, etc.
Proofpoint researchers have discovered a new strain of DanaBot malware. It is being distributed through pirated software keys. The user is tricked into downloading infected software disguised as anti-virus programs, VPNs, and online games.
According to researchers, websites offering cracked or pirated versions of the software are distributing the new version of DanaBot, capable of stealing the victim’s online banking credentials.
DanaBot First Discovered in 2019
Hackread.com reported about DanaBot when it was first discovered back in 2019 by Proofpoint researchers. The malware spread itself by installing a Socks5 proxy on infected Windows computers to connect to the C&C server and evade detection by bypassing firewalls.
Within the past two years, the malware kept evolving, and as per Proofpoint researchers, it became one of the top banking malware.
“For almost two years, DanaBot was one of the top banking malware being used in the crimeware threat landscape,” Proofpoint’s Dennis Schwarz, Axel F., and Brandon Murphy wrote in the company’s threat analysis report.
Threat actors frequently employed it between May 2018 and June 2020. During that time, cybercriminals’ primary targets were financial institutions in the UK, USA, Canada, Australia, Germany, Mexico, Poland, Italy, and Ukraine.
Afterward, it didn’t appear in many campaigns. However, now it has re- ..
Support the originator by clicking the read the rest link below.
