They likely thought they would never lose control of the servers. Oops: DanaBot Malware Devs Infected Their Own PCs
Cybercrime is a now a business. DanaBot is what's known as a malware-as-a-service offering. For a monthly fee criminals get access to an infrastructure that helps with phishing campaigns, stealing data from large corporations, or, in this case espionage.
The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot, a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018. The FBI says a newer version of DanaBot was used for espionage, and that many of the defendants exposed their real-life identities after accidentally infecting their own systems with the malware.
The FBI found the data when they took control of the servers, which had the defendants info on them.
“In some cases, such self-infections appeared to be deliberately done in order to test, analyze, or improve the malware,” the criminal complaint reads. “In other cases, the infections seemed to be inadvertent – one of the hazards of committing cybercrime is that criminals will sometimes infect themselves with their own malware by mistake.”
This is the 2nd malware-as-a-service provider to be taken down in 2 days. Lumma Stealer was "disrupted" by a group of tech companies.
No comments:
Post a Comment
Comment Moderation is in place. Your comment will be visible as soon as I can get to it. Unless it is SPAM, and then it will never see the light of day.
Be Nice. Personal Attacks WILL be deleted. And I reserve the right to delete stuff that annoys me.