Danabot

Malware updated 3 months ago (2025-08-26T09:28:18.829Z)

Download STIX

Preview STIX

Not enough context has been learned about Danabot for a description yet. However we're tracking it as a Malware profile. Malware: Malware, short for malicious software, is a harmful program designed to exploit and damage your computer or device. It can infect your system through suspicious downloads, emails, or websites, often without your knowledge. Once inside, it can steal personal information, disrupt operations, or even hold your data hostage for ransom.

Description last updated:

What's your take? (Question 1 of 5)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Malware

Maas

Trojan

Ransomware

Cybercrime

Vulnerability

Fraud

Malvertising

Botnet

Bot

Exploit

Rat

Lateral Move...

Spam

Ddos

Windows

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

Alias Description	Association Type	Votes
The Lumma Stealer Malware is associated with Danabot. Lumma Stealer is a potent malware designed to exfiltrate information from compromised systems, including system details, web browsers, and browser extensions. The malware was primarily delivered to victims through websites hosting cracked games, specifically targeting gamers. In July 2024, it was di	Unspecified	4
The Hijackloader Malware is associated with Danabot. HijackLoader is a new and rapidly growing malware in the cybercrime community, designed to exploit and damage computer systems. This malicious software infects systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once infiltrated, HijackLoader can steal personal	Unspecified	2
The Cactus Malware is associated with Danabot. Cactus is a type of malware, specifically ransomware, known for its malicious activities including data theft and system disruption. This malware has been linked to several high-profile attacks, spreading primarily through malvertising campaigns that leverage the DanaBot Trojan. Notably, the Cactus	Unspecified	2
The QakBot Malware is associated with Danabot. Qakbot is a type of malware, or malicious software, that infiltrates computer systems to exploit and damage them. This harmful program can infect devices through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt ope	Unspecified	2
The TrickBot Malware is associated with Danabot. TrickBot is a notorious malware developed by cybercriminals to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites. This malicious software can steal personal information, disrupt operations, or even hold data hostage for ransom. Vladimir Dunaev,	Unspecified	2

Source Document References

Information about the Danabot Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securityaffairs	9 days ago	Security Affairs newsletter Round 550 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	12 days ago	A new round of Europol’s Operation Endgame dismantled Rhadamanthys, Venom RAT, and Elysium botnet
Securityaffairs	13 days ago	New Danabot Windows version appears in the threat landscape after May disruption
Securityaffairs	22 days ago	Crooks exploit RMM software to hijack trucking firms and steal cargo
Recorded Future	a month ago	Dark Covenant 3.0: Controlled Impunity and Russia’s Cybercriminals
ESET	4 months ago	Threat Report H1 2025: ClickFix, infostealer disruptions, and ransomware deathmatch
Malwarebytes	4 months ago	Steam games abused to deliver malware once again
ESET	5 months ago	ESET Threat Report H1 2025
InfoSecurity-magazine	5 months ago	ClickFix Attacks Surge 517% in 2025
Flashpoint	6 months ago	16 Defendants Federally Charged in Connection with DanaBot Malware Scheme That Infected Computers Worldwide
ESET	6 months ago	Danabot under the microscope
CrowdStrike	6 months ago	CrowdStrike Partners with DOJ to Disrupt DanaBot Malware Operators
ESET	6 months ago	Danabot: Analyzing a fallen empire
Krebs on Security	6 months ago	Oops: DanaBot Malware Devs Infected Their Own PCs
Flashpoint	6 months ago	Operation Endgame: Global Law Enforcement Takes Down DanaBot Malware Scheme
Malware-traffic-analysis.net	2 years ago	Malware-Traffic-Analysis.net - 2024-02-14 - Danabot infection from Italian languag malspam
CERT-EU	2 years ago	Decoding the Web Injection Malware Campaign of 2023
CERT-EU	2 years ago	Increased health cybersecurity funding, penalties sought by HHS \| #ransomware \| #cybercrime \| National Cyber Security Consulting
CERT-EU	2 years ago	Twisted Spider’s Dangerous CACTUS Ransomware Attack
CERT-EU	2 years ago	Microsoft warns of Cactus ransomware actors using malvertising to infect victims \| #ransomware \| #cybercrime \| National Cyber Security Consulting