Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Danabot Banking Malware Now Targeting Banks in the U.S.
#1
Quote:DanaBot is a modular Trojan written in Delphi that attempts to steal account credentials and information from online banking sites. It does this through a variety of methods such as taking screenshots of active screens, stealing form data, or logging keystrokes made on the computer. This stolen information is then collected and sent back to a central server, or command & control server, where it can then be accessed by the attackers.

When ProofPoint first discovered DanaBot, a single group was using it to target Australian banks. As time went on, other actors began using the banking Trojan to target other regions. As more campaigns are released using a different ID found in server communications, ProofPoint feels that DanaBot is being marketed as part of an affiliate system where actors can either share in the profits or rent the malware from the developer.

The North American campaign discovered by ProofPoint is being spread through malspam that pretends to be digital faxes from eFax. These emails state that the recipient received a fax and then prompts the user to download them.

Source: https://www.bleepingcomputer.com/news/se...in-the-us/
[-] The following 2 users say Thank You to silversurfer for this post:
  • harlan4096, wwd
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
AWZ Screen Recorder
AWZ Screen Recorder ...zevish — 11:05
Website X5 Go 2024.1
Website X5 Go 2024.1...zevish — 09:32
Apple's rules to allow third-party app ...
Apple has announ...alison30 — 09:28
Intel: Microsoft AI PCs need a Copilot K...
Microsoft hopes th...harlan4096 — 08:55
Synchredible 8 Professional Edition v8.2...
          Synchredib...zevish — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>