FBI Takes Down DanaBot Malware, Seizes Servers and Charges 16
The FBI has taken significant action against DanaBot, a notorious information-stealing malware. Servers used by its creators to control the malware and store stolen data have been seized. This follows the unsealing of criminal charges against 16 individuals involved in its operation and sale.
DanaBot first appeared in 2018, with its initial version sold until June 2020. A second version emerged in January 2021, used for espionage purposes. The malware, sold on Russian cybercrime forums, specializes in credential theft and banking fraud. It has infected over 300,000 systems worldwide, resulting in estimated losses of over $50 million.
The masterminds behind DanaBot are Aleksandr Stepanov, alias 'JimmBee', and Artem Aleksandrovich Kalinkin, both from Novosibirsk, Russia. Stepanov worked exclusively for Gazprom, while Kalinkin is currently an IT engineer for the same Russian state-owned energy giant. The malware has targeted critical infrastructure, including military, diplomatic, and non-governmental organization computers in several countries.
The U.S. government's action against DanaBot defendants follows Microsoft's disruption of another malware-as-a-service offering, Lumma Stealer. The government is now working with industry partners to notify DanaBot victims and help remediate infections, aiming to mitigate the malware's ongoing threat.
Read also:
- Mural at blast site in CDMX commemorates Alicia Matías, sacrificing life for granddaughter's safety
- Microsoft's Patch Tuesday essential fixes: 12 critical vulnerabilities alongside a Remote Code Execution flaw in SharePoint
- Swedish Housing Associations Hike Fees by 8.1% Amidst Inflation and Interest Rate Surge
- British intelligence agency MI6 establishes a covert dark web platform named 'Silent Courier' in Istanbul for the purpose of identifying and enlisting secret agents.
