DanaBot

One of the newer banking trojans, DanaBot first emerged in mid-2018,49 targeting Australian users. Since it first appeared in the wild, DanaBot has been seen targeting European banks and email providers. Like many other banking trojans, DanaBot has recently shifted focus away from exclusively targeting financial services institutions for a number of reasons. Since users often share passwords across platforms, compromising credentials is still useful for many cybercriminals. F5 Labs also published a notable link between DanaBot, Gozi, and Tinba web injection patterns, supporting the idea that a great deal of fraud business logic is now implemented in JavaScript and sold to malware authors.