DanaBot, a banking trojan that has targeted organizations in Australia, Europe, and North America, has expanded its targets in Germany as of this June in a new campaign, according to new research from Webroot. While the trojan — which steals users’ banking credentials via malicious JavaScript injects — initially began targeting Australian banks in 2018, the targets identified in this new campaign are outside of the financial sector. Webroot Advanced Threat Research Analyst Jason Davison tells CyberScoop that the targets are a range of victims in retail, including the German websites for fashion brands H&M and Esprit, along with lodging rental platform Airbnb. The campaign is primarily unleashed via spear phishing emails containing malicious links or files to download, Davison says. “Once the loader module gets downloaded and is run, it sets up persistence (the ability to stay on a device through a reboot) on the victim’s machine and then […]
The post DanaBot banking trojan hits Germany again, with new targets appeared first on CyberScoop.
Continue reading DanaBot banking trojan hits Germany again, with new targets→