DanaBot November Campaigns Target European Banks and Email Providers
ATT&CK techniques detected
T1566.002Spearphishing Link
75%
"figure 5 : webinject used in gozi, 2016 now, compare that to this example used recently in danabot. in gozi 2016, the malware is injecting a javascript named myjs8 _ amo. js onto the injected user page. danabot malware is using an injected script named myjs28 _ frr _ w1. js. in o…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.002Spearphishing Link
72%
"danabot november campaigns target european banks and email providers first detected in may 2018, 1 danabot is a banking trojan that has since shifted its targets from banks in australia to banks in europe, as well as global email providers such as google, microsoft and yahoo for …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1657Financial Theft
56%
"older, successful banking trojans like gozi and tinba. given this progression, we wouldn ’ t be surprised if this malware continued its increased activity in 2019. all organizations, especially the known targets identified in this article, should make their customers aware that t…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
First detected in May 2018, DanaBot is a fraud trojan that has since shifted its targets from banks in Australia to banks in Europe, as well as global email providers such as Google, Microsoft and Yahoo for the holiday phishing season.