See every side of every news story
Get Started
SubscribeLogin
Israel-Hamas Conflict
Artificial Intelligence
Social Media
Donald Trump
Baseball
Trade
Housing
Immigration
Education
Floods
Natural Disasters
Agriculture
Stock Markets
Published loading...Updated

Feds Charge 16 Russians Allegedly Tied to Botnets Used in Cyberattacks and Spying

  • On May 22, 2025, criminal charges were publicly announced against 16 Russian nationals accused of running the DanaBot malware operation from within Russia.
  • The charges follow investigations revealing that DanaBot, active since 2018, spread globally, targeting financial institutions and sensitive military and government networks.
  • DanaBot initially functioned as a banking trojan with modular capabilities to steal credentials and later evolved into an espionage tool used in multiple cybercrime operations including ransomware.
  • Authorities seized DanaBot command servers worldwide, reducing active servers from about 30 to 2, with ongoing efforts complicated by servers hosted by Alibaba, supported by global law enforcement and tech firms.
  • This disruption marks a significant step in Operation Endgame II, aiming to dismantle cybercriminal networks and highlights alleged Russian government involvement in using DanaBot for espionage.
Insights by Ground AI
Does this summary seem wrong?

24 Articles

censor.netcensor.net
Lean Left

US and Europe Expose Russian Hacking Network that Infected 300,000 Computers Around the World - The Guardian

International investigators, as part of a large-scale special operation, exposed and partially defused a Russian cybercriminal network that infected computers with Qakbot, Danabot, Conti and other malicious programs.

Read Full Article
Ars TechnicaArs Technica
Center

Feds charge 16 Russians allegedly tied to botnets used in cyberattacks and spying

The hacker ecosystem in Russia, more than perhaps anywhere else in the world, has long blurred the lines between cybercrime, state-sponsored cyberwarfare, and espionage. Now an indictment of a group of Russian nationals and the takedown of their sprawling botnet offers the clearest example in years of how a single malware operation allegedly enabled hacking operations as varied as ransomware, wartime cyberattacks in Ukraine, and spying against f…

·United States
Read Full Article
The RegisterThe Register
Center

Suspects behind DanaBot that hit 300K computers named

: And the associated fraud'n'spy botnet is about to be shut down

Read Full Article
CyberScoopCyberScoop
Center

DanaBot malware operation seized in global takedown

A global collection of private defenders and law enforcement agencies notched another win against a core facilitator for cybercrime, initiating coordinated seizures and takedowns of DanaBot’s command and control servers, disrupting the malware-as-a-service’s operations, the Justice Department said Thursday.  Federal officials also unsealed a grand jury indictment and criminal complaint charging 16 individuals for their alleged involvement in the…

Read Full Article
krebsonsecurity.comkrebsonsecurity.com
+3 Reposted by 3 other sources
Center

Oops: DanaBot Malware Devs Infected Their Own PCs

The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot, a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018. The FBI says a newer version of DanaBot was used for espionage, and that many of the defendants exposed their real-life identities after accidentally infecting their own systems with the malware. DanaBot’s features, as pro…

Read Full Article
espreso.tvespreso.tv

Infected 300 Thousand Computers Around the World: Investigators Exposed a Hacking Network From the Russian Federation

About this writes The Guardian.As noted, law enforcement officers from the UK, USA, Canada, Germany, France, Denmark and the Netherlands.According to the investigation, hackers from Russia and related structures infected more than 300 thousand devices in the USA, Europe, Australia, Poland, India and Italy. The purpose of the cyberattackers was to steal data, blackmail, as well as cyber espionage against government, diplomatic and military instit…

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 80% of the sources are Center
80% Center

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

Techmeme broke the news in California, United States on Thursday, May 22, 2025.
Sources are mostly out of (0)

Similar News Topics

Department of Justice icon

Department of Justice

Feds icon

Feds

European Union icon

European Union

Technology icon

Technology

Cybercrimes icon

Cybercrimes

Computers icon

Computers

You have read 1 out of your 5 free daily articles.

Join millions of well-informed readers who use Ground to compare coverage, check their news blindspots, and challenge their worldview.

News
For You
SearchBlindspotLocal