Windows malware DanaBot - JavaScript into 50K online banking sessions

This topic has 2 replies, 2 voices, and was last updated 1 year, 9 months ago by UK Sentinel.

Viewing 3 posts - 1 through 3 (of 3 total)

Author
Posts
December 22, 2023 at 9:23 pm #28599
UK Sentinel
Keymaster
- Replies 8,184
- The Skipper
According to The Register, seems IBM Security has dissected some JavaScript code that was injected into people’s online banking pages to steal their login credentials, saying 50,000 user sessions with more than 40 banks worldwide were compromised by the malicious software in 2023.
Judging by the evidence to hand, it appears the Windows malware DanaBot, or something related or connected to it, infects victims’ PCs – typically from spam emails and other means – and then waits for the user to visit their bank website. At that point, the malware kicks in and injects JavaScript into the login page. This injected code executes on the page in the browser, and intercepts the victim’s credentials as they are entered, which can be passed to fraudsters to exploit to drain accounts.

Read more;
https://www.theregister.com/2023/12/20/credentialstealing_malware_infects_50k_banking/

Share the knowledge
In a completely sane world, madness is the only freedom (J.G.Ballard).
You need to login in order to vote
December 29, 2023 at 10:53 am #28765
kev2021
- Replies 1,177
- Forum Addict
wow, getting more advanced it seems. very seldom login to bank websites these days, mainly use the apps on mobile.
Kev
Share the knowledge

You need to login in order to vote
December 29, 2023 at 11:13 am #28767
UK Sentinel
Keymaster
- Replies 8,184
- The Skipper
And they say online banking is safe ….
There’s always a way in and just a case or Risk vs Benefit (convenience)
Share the knowledge
In a completely sane world, madness is the only freedom (J.G.Ballard).
You need to login in order to vote
Author
Posts