"Pirated Software Sites Deliver Fresh DanaBot Malware"

Researchers at Proofpoint have discovered that websites advertising pirated and cracked software are being used to deliver an updated version of the DanaBot banking Trojan, which can steal individuals' online banking credentials.  Cybercriminal groups have used the most recent version of the banking Trojan, which became available in October 2020, to target customers of financial institutions in the U.S., Canada, Germany, the U.K., Australia, Italy, Poland, Mexico, and Ukraine.  When victims download and execute a software key, two stealer components are loaded onto the compromised device. The first stealer is capable of collecting browser details, system information, and cryptocurrency wallets. The second stealer is used to install a cryptocurrency miner and the main DanaBot payload.  The researchers stated that users should avoid downloading pirated software.

HealthcareInfoSecurity reports: "Pirated Software Sites Deliver Fresh DanaBot Malware"