The US Department of Justice has unsealed indictments against 16 accused individuals connected to the DanaBot malware, which has infected over 300,000 computers. The indictments name various roles in the operation, including developers and marketers, all of whom are based in Russia. DanaBot exists in two variants: one available for rent on the dark web, facilitating banking theft, and another focused on espionage targeting military and government officials. Experts suggest connections between these cybercriminals and Russian intelligence agencies, highlighting systemic issues within Russia's cybercrime landscape.
"The clue is in where the actors are based, and the way that the criminal and political world is intertwined in Russia," he said.
"Once a host computer is infected, the software harvests login credentials using a keylogger, takes screenshots, and intercepts network traffic."
"There are two variants of DanaBot. One is available to rent - malware-as-a-service-style - via the dark web."
"Crooks renting this variant spam out the thing in hope of tricking marks into running the code."
Collection
[
|
...
]