Malware adds ransomware to its malicious bag of tricks.
A new sample of the DanaBot trojan spotted in a recent campaign reveals that operators behind the malware have now included a ransomware component into its code, along with new string encryption and communications protocols.
The update, wrote Check Point researchers on Thursday, represents a significant upgrade to the malware. However, the researchers also reported they have devised a possible way to recover files encrypted by the newly added DanaBot ransomware component.
“For almost a year, DanaBot has been extending its capabilities and evolving into a more sophisticated threat,” wrote Check Point researchers Yaroslav Harakhavik and Aliaksandr Chailytko, in a breakdown of the malware’s latest components. “We assume its operators will continue to add more improvements.”
Full Article.