Security News > 2021 > January > DanaBot Malware Roars Back into Relevancy
The latest variant, still under analysis by researchers, is raising concerns given the number of past DanaBot effective campaigns.
From May 2018 to June 2020, DanaBot has been a fixture in the crimeware threat landscape, according to Proofpoint, which first discovered the malware in 2018 and posted a debrief on the latest variant Tuesday.
"While it has not returned to its former scale, DanaBot is malware that defenders should put back on their radar."
"As previously reported in DanaBot control panel revealed, we believe DanaBot is set up as a 'malware as a service' in which one threat actor controls a global command and control panel and infrastructure then sells access to other threat actors known as affiliates," researchers wrote.
"Proofpoint researchers were able to narrow down at least one of the DanaBot distribution methods to various software warez and cracks websites that supposedly offer software keys and cracks for a free download, including anti-virus programs, VPNs, graphics editors, document editors, and games," researchers wrote.
"Some of the affiliates that were using [DanaBot] have continued their campaigns using other banking malware. It is unclear whether COVID-19, competition from other banking malware, redevelopment time, or something else caused the dip, but it looks like DanaBot is back and trying to regain its foothold in the threat landscape," concluded researchers.