SCULLY SPIDER  (Back to overview)

Mentioned as operator of DanaBot in CrowdStrike's 2020 Report.

---

Associated Families

---

References

2022-12-06 ⋅ Zscaler ⋅ Dennis Schwarz @online{schwarz:20221206:technical:bfde08b, author = {Dennis Schwarz}, title = {{Technical Analysis of DanaBot Obfuscation Techniques}}, date = {2022-12-06}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/technical-analysis-danabot-obfuscation-techniques}, language = {English}, urldate = {2022-12-13} } Technical Analysis of DanaBot Obfuscation Techniques DanaBot

2022-09-26 ⋅ Kaspersky ⋅ Haim Zigel, Oleg Kupreev, Artem Ushkov @online{zigel:20220926:nullmixer:c623b01, author = {Haim Zigel and Oleg Kupreev and Artem Ushkov}, title = {{NullMixer: oodles of Trojans in a single dropper}}, date = {2022-09-26}, organization = {Kaspersky}, url = {https://securelist.com/nullmixer-oodles-of-trojans-in-a-single-dropper/107498/}, language = {English}, urldate = {2023-02-06} } NullMixer: oodles of Trojans in a single dropper ColdStealer DanaBot GCleaner Nullmixer PrivateLoader PseudoManuscrypt RedLine Stealer SmokeLoader Vidar

2022-09-15 ⋅ Sekoia ⋅ Threat & Detection Research Team @online{team:20220915:privateloader:d88c7b2, author = {Threat & Detection Research Team}, title = {{PrivateLoader: the loader of the prevalent ruzki PPI service}}, date = {2022-09-15}, organization = {Sekoia}, url = {https://blog.sekoia.io/privateloader-the-loader-of-the-prevalent-ruzki-ppi-service/}, language = {English}, urldate = {2022-09-19} } PrivateLoader: the loader of the prevalent ruzki PPI service Agent Tesla Coinminer DanaBot DCRat Eternity Stealer Glupteba Mars Stealer NetSupportManager RAT Nymaim Nymaim2 Phoenix Keylogger PrivateLoader Raccoon RedLine Stealer SmokeLoader Socelars STOP Vidar YTStealer

2022-08-07 ⋅ Malverse ⋅ greenplan @online{greenplan:20220807:config:db5873e, author = {greenplan}, title = {{Config Extractor per DanaBot (PARTE 1)}}, date = {2022-08-07}, organization = {Malverse}, url = {https://malverse.it/costruiamo-un-config-extractor-per-danabot-parte-1}, language = {English}, urldate = {2022-08-31} } Config Extractor per DanaBot (PARTE 1) DanaBot

2022-04-20 ⋅ CISA ⋅ CISA, NSA, FBI, Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), Government Communications Security Bureau, NCSC UK, National Crime Agency (NCA) @techreport{cisa:20220420:aa22110a:4fde5d6, author = {CISA and NSA and FBI and Australian Cyber Security Centre (ACSC) and Canadian Centre for Cyber Security (CCCS) and Government Communications Security Bureau and NCSC UK and National Crime Agency (NCA)}, title = {{AA22-110A Joint CSA: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure}}, date = {2022-04-20}, institution = {CISA}, url = {https://www.cisa.gov/uscert/sites/default/files/publications/AA22-110A_Joint_CSA_Russian_State-Sponsored_and_Criminal_Cyber_Threats_to_Critical_Infrastructure_4_20_22_Final.pdf}, language = {English}, urldate = {2022-04-25} } AA22-110A Joint CSA: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure VPNFilter BlackEnergy DanaBot DoppelDridex Emotet EternalPetya GoldMax Industroyer Sality SmokeLoader TrickBot Triton Zloader

2022-04-20 ⋅ CISA ⋅ CISA @online{cisa:20220420:alert:529e28c, author = {CISA}, title = {{Alert (AA22-110A): Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure}}, date = {2022-04-20}, organization = {CISA}, url = {https://www.cisa.gov/uscert/ncas/alerts/aa22-110a}, language = {English}, urldate = {2022-04-25} } Alert (AA22-110A): Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure VPNFilter BlackEnergy DanaBot DoppelDridex Emotet EternalPetya GoldMax Industroyer Sality SmokeLoader TrickBot Triton Zloader Killnet

2022-03-15 ⋅ Security Soup Blog ⋅ Ryan Campbell @online{campbell:20220315:decoding:507512a, author = {Ryan Campbell}, title = {{Decoding a DanaBot Downloader}}, date = {2022-03-15}, organization = {Security Soup Blog}, url = {https://security-soup.net/decoding-a-danabot-downloader/}, language = {English}, urldate = {2022-03-28} } Decoding a DanaBot Downloader DanaBot

2022-03-02 ⋅ Zscaler ⋅ Dennis Schwarz, Brett Stone-Gross @online{schwarz:20220302:danabot:b734fd3, author = {Dennis Schwarz and Brett Stone-Gross}, title = {{DanaBot Launches DDoS Attack Against the Ukrainian Ministry of Defense}}, date = {2022-03-02}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/danabot-launches-ddos-attack-against-ukrainian-ministry-defense}, language = {English}, urldate = {2022-03-04} } DanaBot Launches DDoS Attack Against the Ukrainian Ministry of Defense DanaBot

2022-03 ⋅ VirusTotal ⋅ VirusTotal @techreport{virustotal:202203:virustotals:c6af9c1, author = {VirusTotal}, title = {{VirusTotal's 2021 Malware Trends Report}}, date = {2022-03}, institution = {VirusTotal}, url = {https://assets.virustotal.com/reports/2021trends.pdf}, language = {English}, urldate = {2022-04-13} } VirusTotal's 2021 Malware Trends Report Anubis AsyncRAT BlackMatter Cobalt Strike DanaBot Dridex Khonsari MimiKatz Mirai Nanocore RAT Orcus RAT

2022-01-03 ⋅ AhnLab ⋅ ASEC Analysis Team @online{team:20220103:distribution:6b19c5a, author = {ASEC Analysis Team}, title = {{Distribution of Redline Stealer Disguised as Software Crack}}, date = {2022-01-03}, organization = {AhnLab}, url = {https://asec.ahnlab.com/en/30445/}, language = {English}, urldate = {2022-01-25} } Distribution of Redline Stealer Disguised as Software Crack DanaBot RedLine Stealer Vidar

2021-12-15 ⋅ Mandiant ⋅ Alessandro Parilli, James Maclachlan @online{parilli:20211215:no:b7a3405, author = {Alessandro Parilli and James Maclachlan}, title = {{No Unaccompanied Miners: Supply Chain Compromises Through Node.js Packages (UNC3379)}}, date = {2021-12-15}, organization = {Mandiant}, url = {https://www.mandiant.com/resources/supply-chain-node-js}, language = {English}, urldate = {2021-12-31} } No Unaccompanied Miners: Supply Chain Compromises Through Node.js Packages (UNC3379) DanaBot

2021-11-18 ⋅ Blackberry ⋅ The BlackBerry Research & Intelligence Team @online{team:20211118:threat:7fd07f8, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: DanaBot’s Evolution from Bank Fraud to DDos Attacks}}, date = {2021-11-18}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/11/threat-thursday-danabot-malware-as-a-service}, language = {English}, urldate = {2021-11-25} } Threat Thursday: DanaBot’s Evolution from Bank Fraud to DDos Attacks DanaBot

2021-11-14 ⋅ Twitter (@f0wlsec) ⋅ Marius Genheimer @online{genheimer:20211114:static:944e6c7, author = {Marius Genheimer}, title = {{A static config extractor for the main component of DanaBot}}, date = {2021-11-14}, organization = {Twitter (@f0wlsec)}, url = {https://twitter.com/f0wlsec/status/1459892481760411649}, language = {English}, urldate = {2021-11-19} } A static config extractor for the main component of DanaBot DanaBot

2021-11-08 ⋅ Bitdefender ⋅ Silviu Stahie @online{stahie:20211108:popular:8222961, author = {Silviu Stahie}, title = {{Popular NPM Repositories Compromised in Man-in-the-Middle Attack}}, date = {2021-11-08}, organization = {Bitdefender}, url = {https://www.bitdefender.com/blog/hotforsecurity/popular-npm-repositories-compromised-in-man-in-the-middle-attack/}, language = {English}, urldate = {2021-11-09} } Popular NPM Repositories Compromised in Man-in-the-Middle Attack DanaBot

2021-11-05 ⋅ Zscaler ⋅ Dennis Schwarz @online{schwarz:20211105:spike:f47ffcd, author = {Dennis Schwarz}, title = {{Spike in DanaBot Malware Activity}}, date = {2021-11-05}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/spike-danabot-malware-activity}, language = {English}, urldate = {2021-11-08} } Spike in DanaBot Malware Activity DanaBot

2021-10-24 ⋅ Sophos ⋅ Sean Gallagher @online{gallagher:20211024:node:3619389, author = {Sean Gallagher}, title = {{Node poisoning: hijacked package delivers coin miner and credential-stealing backdoor}}, date = {2021-10-24}, organization = {Sophos}, url = {https://news.sophos.com/en-us/2021/10/24/node-poisoning-hijacked-package-delivers-coin-miner-and-credential-stealing-backdoor}, language = {English}, urldate = {2021-11-02} } Node poisoning: hijacked package delivers coin miner and credential-stealing backdoor DanaBot Monero Miner

2021-09-20 ⋅ Lexfo ⋅ Lexfo @online{lexfo:20210920:danabot:1f9e842, author = {Lexfo}, title = {{DanaBot Communications Update}}, date = {2021-09-20}, organization = {Lexfo}, url = {https://blog.lexfo.fr/danabot-malware.html}, language = {English}, urldate = {2021-09-28} } DanaBot Communications Update DanaBot

2021-03-31 ⋅ Kaspersky ⋅ Kaspersky @online{kaspersky:20210331:financial:3371aa0, author = {Kaspersky}, title = {{Financial Cyberthreats in 2020}}, date = {2021-03-31}, organization = {Kaspersky}, url = {https://securelist.com/financial-cyberthreats-in-2020/101638/}, language = {English}, urldate = {2021-04-06} } Financial Cyberthreats in 2020 BetaBot DanaBot Emotet Gozi Ramnit RTM SpyEye TrickBot Zeus

2021-02-23 ⋅ CrowdStrike ⋅ CrowdStrike @techreport{crowdstrike:20210223:2021:bf5bc4f, author = {CrowdStrike}, title = {{2021 Global Threat Report}}, date = {2021-02-23}, institution = {CrowdStrike}, url = {https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2021GTR.pdf}, language = {English}, urldate = {2021-02-25} } 2021 Global Threat Report RansomEXX Amadey Anchor Avaddon BazarBackdoor Clop Cobalt Strike Conti Cutwail DanaBot DarkSide DoppelPaymer Dridex Egregor Emotet Hakbit IcedID JSOutProx KerrDown LockBit Mailto Maze MedusaLocker Mespinoza Mount Locker NedDnLoader Nemty Pay2Key PlugX Pushdo PwndLocker PyXie QakBot Quasar RAT RagnarLocker Ragnarok RansomEXX REvil Ryuk Sekhmet ShadowPad SmokeLoader Snake SUNBURST SunCrypt TEARDROP TrickBot WastedLocker Winnti Zloader KNOCKOUT SPIDER OUTLAW SPIDER RIDDLE SPIDER SOLAR SPIDER VIKING SPIDER

2021-02-02 ⋅ CRONUP ⋅ Germán Fernández @online{fernndez:20210202:de:6ff4f3a, author = {Germán Fernández}, title = {{De ataque con Malware a incidente de Ransomware}}, date = {2021-02-02}, organization = {CRONUP}, url = {https://www.cronup.com/post/de-ataque-con-malware-a-incidente-de-ransomware}, language = {Spanish}, urldate = {2021-03-02} } De ataque con Malware a incidente de Ransomware Avaddon BazarBackdoor Buer Clop Cobalt Strike Conti DanaBot Dharma Dridex Egregor Emotet Empire Downloader FriedEx GootKit IcedID MegaCortex Nemty Phorpiex PwndLocker PyXie QakBot RansomEXX REvil Ryuk SDBbot SmokeLoader TrickBot Zloader

2021-01-26 ⋅ Proofpoint ⋅ Dennis Schwarz, Axel F., Brandon Murphy @online{schwarz:20210126:new:2eefe69, author = {Dennis Schwarz and Axel F. and Brandon Murphy}, title = {{New Year, New Version of DanaBot}}, date = {2021-01-26}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/new-year-new-version-danabot}, language = {English}, urldate = {2021-01-27} } New Year, New Version of DanaBot DanaBot

2021-01-09 ⋅ Marco Ramilli's Blog ⋅ Marco Ramilli @online{ramilli:20210109:command:d720b27, author = {Marco Ramilli}, title = {{Command and Control Traffic Patterns}}, date = {2021-01-09}, organization = {Marco Ramilli's Blog}, url = {https://marcoramilli.com/2021/01/09/c2-traffic-patterns-personal-notes/}, language = {English}, urldate = {2021-05-17} } Command and Control Traffic Patterns ostap LaZagne Agent Tesla Azorult Buer Cobalt Strike DanaBot DarkComet Dridex Emotet Formbook IcedID ISFB NetWire RC PlugX Quasar RAT SmokeLoader TrickBot

2020-08-09 ⋅ F5 Labs ⋅ Remi Cohen, Debbie Walkowski @online{cohen:20200809:banking:8718999, author = {Remi Cohen and Debbie Walkowski}, title = {{Banking Trojans: A Reference Guide to the Malware Family Tree}}, date = {2020-08-09}, organization = {F5 Labs}, url = {https://www.f5.com/labs/articles/education/banking-trojans-a-reference-guide-to-the-malware-family-tree}, language = {English}, urldate = {2021-06-29} } Banking Trojans: A Reference Guide to the Malware Family Tree BackSwap Carberp Citadel DanaBot Dridex Dyre Emotet Gozi Kronos PandaBanker Ramnit Shylock SpyEye Tinba TrickBot Vawtrak Zeus

2020-07-30 ⋅ Spamhaus ⋅ Spamhaus Malware Labs @techreport{labs:20200730:spamhaus:038546d, author = {Spamhaus Malware Labs}, title = {{Spamhaus Botnet Threat Update Q2 2020}}, date = {2020-07-30}, institution = {Spamhaus}, url = {https://www.spamhaus.org/news/images/botnet-report-2020-q2/2020-q2-spamhaus-botnet-threat-report.pdf}, language = {English}, urldate = {2020-07-30} } Spamhaus Botnet Threat Update Q2 2020 AdWind Agent Tesla Arkei Stealer AsyncRAT Ave Maria Azorult DanaBot Emotet IcedID ISFB KPOT Stealer Loki Password Stealer (PWS) Nanocore RAT NetWire RC NjRAT Pony Raccoon RedLine Stealer Remcos Zloader

2020-07-29 ⋅ ESET Research ⋅ welivesecurity @techreport{welivesecurity:20200729:threat:496355c, author = {welivesecurity}, title = {{THREAT REPORT Q2 2020}}, date = {2020-07-29}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2020/07/ESET_Threat_Report_Q22020.pdf}, language = {English}, urldate = {2020-07-30} } THREAT REPORT Q2 2020 DEFENSOR ID HiddenAd Bundlore Pirrit Agent.BTZ Cerber ClipBanker CROSSWALK Cryptowall CTB Locker DanaBot Dharma Formbook Gandcrab Grandoreiro Houdini ISFB LockBit Locky Mailto Maze Microcin Nemty NjRAT Phobos PlugX Pony REvil Socelars STOP Tinba TrickBot WannaCryptor

2020-07-12 ⋅ Malware and Stuff ⋅ Andreas Klopsch @online{klopsch:20200712:deobfuscating:a374688, author = {Andreas Klopsch}, title = {{Deobfuscating DanaBot’s API Hashing}}, date = {2020-07-12}, organization = {Malware and Stuff}, url = {https://malwareandstuff.com/deobfuscating-danabots-api-hashing/}, language = {English}, urldate = {2020-07-15} } Deobfuscating DanaBot’s API Hashing DanaBot

2020-06-02 ⋅ Lastline Labs ⋅ James Haughom, Stefano Ortolani @online{haughom:20200602:evolution:3286d87, author = {James Haughom and Stefano Ortolani}, title = {{Evolution of Excel 4.0 Macro Weaponization}}, date = {2020-06-02}, organization = {Lastline Labs}, url = {https://www.lastline.com/labsblog/evolution-of-excel-4-0-macro-weaponization/}, language = {English}, urldate = {2020-06-03} } Evolution of Excel 4.0 Macro Weaponization Agent Tesla DanaBot ISFB TrickBot Zloader

2020-05-21 ⋅ Malwarebytes ⋅ Malwarebytes Labs @techreport{labs:20200521:cybercrime:d38d2da, author = {Malwarebytes Labs}, title = {{Cybercrime tactics and techniques}}, date = {2020-05-21}, institution = {Malwarebytes}, url = {https://resources.malwarebytes.com/files/2020/05/CTNT_Q1_2020_COVID-Report_Final.pdf}, language = {English}, urldate = {2020-06-03} } Cybercrime tactics and techniques Ave Maria Azorult DanaBot Loki Password Stealer (PWS) NetWire RC

2020-03-04 ⋅ CrowdStrike ⋅ CrowdStrike @techreport{crowdstrike:20200304:2020:818c85f, author = {CrowdStrike}, title = {{2020 CrowdStrike Global Threat Report}}, date = {2020-03-04}, institution = {CrowdStrike}, url = {https://go.crowdstrike.com/rs/281-OBQ-266/images/Report2020CrowdStrikeGlobalThreatReport.pdf}, language = {English}, urldate = {2020-07-24} } 2020 CrowdStrike Global Threat Report MESSAGETAP More_eggs 8.t Dropper Anchor BabyShark BadNews Clop Cobalt Strike CobInt Cobra Carbon System Cutwail DanaBot Dharma DoppelDridex DoppelPaymer Dridex Emotet FlawedAmmyy FriedEx Gandcrab Get2 IcedID ISFB KerrDown LightNeuron LockerGoga Maze MECHANICAL Necurs Nokki Outlook Backdoor Phobos Predator The Thief QakBot REvil RobinHood Ryuk SDBbot Skipper SmokeLoader TerraRecon TerraStealer TerraTV TinyLoader TrickBot Vidar Winnti ANTHROPOID SPIDER APT23 APT31 APT39 APT40 BlackTech BuhTrap Charming Kitten CLOCKWORK SPIDER DOPPEL SPIDER FIN7 Gamaredon Group GOBLIN PANDA MONTY SPIDER MUSTANG PANDA NARWHAL SPIDER NOCTURNAL SPIDER PINCHY SPIDER SALTY SPIDER SCULLY SPIDER SMOKY SPIDER Thrip VENOM SPIDER VICEROY TIGER

2019-06-20 ⋅ Check Point ⋅ Yaroslav Harakhavik, Aliaksandr Chailytko @online{harakhavik:20190620:danabot:238fce9, author = {Yaroslav Harakhavik and Aliaksandr Chailytko}, title = {{DanaBot Demands a Ransom Payment}}, date = {2019-06-20}, organization = {Check Point}, url = {https://research.checkpoint.com/danabot-demands-a-ransom-payment/}, language = {English}, urldate = {2020-01-07} } DanaBot Demands a Ransom Payment DanaBot

2019-05-09 ⋅ G Data ⋅ G-Data @online{gdata:20190509:strange:2e58aae, author = {G-Data}, title = {{Strange Bits: HTML Smuggling and GitHub Hosted Malware}}, date = {2019-05-09}, organization = {G Data}, url = {https://www.gdatasoftware.com/blog/2019/05/31695-strange-bits-smuggling-malware-github}, language = {English}, urldate = {2019-12-10} } Strange Bits: HTML Smuggling and GitHub Hosted Malware DanaBot

2019-05-08 ⋅ Verizon Communications Inc. ⋅ Verizon Communications Inc. @techreport{inc:20190508:2019:3c20a3b, author = {Verizon Communications Inc.}, title = {{2019 Data Breach Investigations Report}}, date = {2019-05-08}, institution = {Verizon Communications Inc.}, url = {https://enterprise.verizon.com/resources/reports/2019-data-breach-investigations-report.pdf}, language = {English}, urldate = {2020-05-10} } 2019 Data Breach Investigations Report BlackEnergy Cobalt Strike DanaBot Gandcrab GreyEnergy Mirai Olympic Destroyer SamSam

2019-03-13 ⋅ Proofpoint ⋅ Dennis Schwarz, Proofpoint Threat Insight Team @online{schwarz:20190313:danabot:a6b3c02, author = {Dennis Schwarz and Proofpoint Threat Insight Team}, title = {{DanaBot control panel revealed}}, date = {2019-03-13}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/danabot-control-panel-revealed}, language = {English}, urldate = {2019-12-20} } DanaBot control panel revealed DanaBot

2019-03-01 ⋅ Fortinet ⋅ FortiGuard SE Team @online{team:20190301:breakdown:fbb8608, author = {FortiGuard SE Team}, title = {{Breakdown of a Targeted DanaBot Attack}}, date = {2019-03-01}, organization = {Fortinet}, url = {https://www.fortinet.com/blog/threat-research/breakdown-of-a-targeted-danabot-attack.html}, language = {English}, urldate = {2019-11-26} } Breakdown of a Targeted DanaBot Attack DanaBot

2019-02-07 ⋅ ESET Research ⋅ ESET Research @online{research:20190207:danabot:6346e2b, author = {ESET Research}, title = {{DanaBot updated with new C&C communication}}, date = {2019-02-07}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2019/02/07/danabot-updated-new-cc-communication/}, language = {English}, urldate = {2019-11-14} } DanaBot updated with new C&C communication DanaBot

2018-12-20 ⋅ Yoroi ⋅ Davide Testa, Luigi Martire, Antonio Pirozzi, Luca Mella @online{testa:20181220:dissecting:e9c16fb, author = {Davide Testa and Luigi Martire and Antonio Pirozzi and Luca Mella}, title = {{Dissecting the Danabot Payload Targeting Italy}}, date = {2018-12-20}, organization = {Yoroi}, url = {https://blog.yoroi.company/research/dissecting-the-danabot-paylaod-targeting-italy/}, language = {English}, urldate = {2022-02-02} } Dissecting the Danabot Payload Targeting Italy DanaBot

2018-12-06 ⋅ ESET Research ⋅ ESET Research @online{research:20181206:danabot:dd22bc3, author = {ESET Research}, title = {{DanaBot evolves beyond banking Trojan with new spam‑sending capability}}, date = {2018-12-06}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2018/12/06/danabot-evolves-beyond-banking-trojan-new-spam/}, language = {English}, urldate = {2019-11-14} } DanaBot evolves beyond banking Trojan with new spam‑sending capability DanaBot

2018-10-02 ⋅ Proofpoint ⋅ Proofpoint Staff @online{staff:20181002:danabot:b7282b9, author = {Proofpoint Staff}, title = {{DanaBot Gains Popularity and Targets US Organizations in Large Campaigns}}, date = {2018-10-02}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/danabot-gains-popularity-and-targets-us-organizations-large-campaigns}, language = {English}, urldate = {2019-12-20} } DanaBot Gains Popularity and Targets US Organizations in Large Campaigns DanaBot

2018-09-21 ⋅ ESET Research ⋅ ESET Research @online{research:20180921:danabot:a939e5f, author = {ESET Research}, title = {{DanaBot shifts its targeting to Europe, adds new features}}, date = {2018-09-21}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2018/09/21/danabot-targeting-europe-adds-new-features/}, language = {English}, urldate = {2019-11-14} } DanaBot shifts its targeting to Europe, adds new features DanaBot

2018-07-16 ⋅ SpiderLabs Blog ⋅ Fahim Abbasi @online{abbasi:20180716:danabot:08d5942, author = {Fahim Abbasi}, title = {{DanaBot Riding Fake MYOB Invoice Emails}}, date = {2018-07-16}, organization = {SpiderLabs Blog}, url = {https://www.trustwave.com/Resources/SpiderLabs-Blog/DanaBot-Riding-Fake-MYOB-Invoice-Emails/}, language = {English}, urldate = {2020-01-10} } DanaBot Riding Fake MYOB Invoice Emails DanaBot

2018-05-31 ⋅ Proofpoint ⋅ Proofpoint Staff @online{staff:20180531:danabot:b1b2487, author = {Proofpoint Staff}, title = {{DanaBot - A new banking Trojan surfaces Down Under}}, date = {2018-05-31}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/danabot-new-banking-trojan-surfaces-down-under-0}, language = {English}, urldate = {2019-12-20} } DanaBot - A new banking Trojan surfaces Down Under DanaBot

---

Credits: MISP Project