Name of Malware: DanaBot

Type of Malware: Dropper, Backdoor, Stealer

Affected Operating Systems: Windows

Affected Device Types: PCs, laptops

Impact: high

What is DanaBot?

DanaBot is a multifaceted malware that functions as a dropper, backdoor, and stealer. It is designed to deploy additional malicious payloads and grant unauthorized remote access to compromised systems. Furthermore, it harvests sensitive data, thereby posing significant security risks.

How did I get infected with DanaBot?

Infection typically occurs through phishing emails, compromised downloads, or drive-by-downloads from compromised websites. Once inside, DanaBot conceals itself to maintain persistence and avoid early detection.

What do I have to do now?

To remove DanaBot, it is recommended to scan the infected system with an antivirus program. As the infection may be accompanied by other malware, it may be necessary to reinstall the operating system. Furthermore, all login passwords should be changed.

Further information on removing this malware can be found under Removing infections from PCs, laptops etc.

Technical specifications

Further information on this malware can be found on the website of our project partner Fraunhofer FKIE.