DanaBot malware operation seized in global takedown | CyberScoop<\/title> <meta name=\"description\" content=\"The successful break-up of DanaBot marks the second high-profile law enforcement disruption of a widespread malware operation in as many days.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/danabot-malware-botnet-seizure-takedown\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"DanaBot malware operation seized in global takedown\"> <meta property=\"og:description\" content=\"The successful break-up of DanaBot marks the second high-profile law enforcement disruption of a widespread malware operation in as many days.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/danabot-malware-botnet-seizure-takedown\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2025-05-22T22:51:43+00:00\"> <meta property=\"article:modified_time\" content=\"2025-05-22T23:00:57+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/danabot-malware-operation-seized-in-global-takedown.webp\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1280\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Matt Kapko\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@CyberScoopNews\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1746040294g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1747327192g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1747926732g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/84655\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.8.1\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=84655\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fdanabot-malware-botnet-seizure-takedown%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fdanabot-malware-botnet-seizure-takedown%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-84655 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/danabot-malware-botnet-seizure-takedown\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--event js-stickybar\">\n<div class=\"stickybar__details\" readability=\"4.9180327868852\">\n<div class=\"stickybar__info js-sticky-bar-content\" readability=\"32\">\n<p>Voting is open for the 2025 CyberScoop 50 awards!<\/p>\n<\/div>\n<p> <a class=\"stickybar__link button button-tertiary\" href=\"https:\/\/cyberscoop.com\/cyberscoop50\/\">Click here!<\/a> <\/div>\n<p> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.541591320072\">\n<div class=\"single-article__header-content\" readability=\"34.134715025907\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/danabot-malware-botnet-seizure-takedown\/\"> <span>Cybercrime<\/span> <\/a> <\/li>\n<\/ul>\n<p> The successful break-up of DanaBot marks the second high-profile law enforcement disruption of a widespread malware operation in as many days. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/84655\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/danabot-malware-operation-seized-in-global-takedown.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/danabot-malware-operation-seized-in-global-takedown.webp 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/danabot-malware-operation-seized-in-global-takedown.webp?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/danabot-malware-operation-seized-in-global-takedown.webp?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/danabot-malware-operation-seized-in-global-takedown.webp?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/danabot-malware-operation-seized-in-global-takedown.webp?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/danabot-malware-operation-seized-in-global-takedown.webp?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/danabot-malware-operation-seized-in-global-takedown.webp?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/danabot-malware-operation-seized-in-global-takedown.webp?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/danabot-malware-operation-seized-in-global-takedown.webp?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/danabot-malware-operation-seized-in-global-takedown.webp?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> Traffic streaks past the Department of Justice (DOJ) headquarters building late in the evening on May 18, 2024 in Washington, DC. (Photo by J. David Ake\/Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"54.297428288823\"><body readability=\"110.62193776208\"><\/p>\n<p>A global collection of private defenders and law enforcement agencies notched another win against a core facilitator for cybercrime, initiating coordinated seizures and takedowns of DanaBot\u2019s command and control servers, <a href=\"https:\/\/www.justice.gov\/usao-cdca\/pr\/16-defendants-federally-charged-connection-danabot-malware-scheme-infected-computers\">disrupting the malware-as-a-service\u2019s operations<\/a>, the Justice Department said Thursday. <\/p>\n<p>Federal officials also unsealed a <a href=\"https:\/\/www.justice.gov\/usao-cdca\/media\/1401356\/dl?inline\">grand jury indictment<\/a> and <a href=\"https:\/\/www.justice.gov\/usao-cdca\/media\/1401361\/dl?inline\">criminal complaint<\/a> charging 16 individuals for their alleged involvement in the development and deployment of DanaBot. The malware, which was <a href=\"https:\/\/cyberscoop.com\/danabot-banking-trojan-retail-targets\/\">initially developed as a banking trojan in 2018<\/a>, was updated multiple times and eventually used as an information stealer and loader for follow-on malware, according to threat researchers.<\/p>\n<p>The Russia-based cybercrime organization that controlled and deployed DanaBot ultimately infected more than 300,000 computers globally, resulting in fraud and ransomware, causing at least $50 million in damage, the DOJ said.<\/p>\n<p>The successful break-up of DanaBot, which became part of a global botnet, marks the second high-profile law enforcement takedown of a widespread malware operation in as many days. Global law enforcement authorities and cybersecurity companies on Wednesday <a href=\"https:\/\/cyberscoop.com\/lumma-stealer-infostealer-takedown\/\">toppled the prolific Lumma Stealer infostealer operation<\/a>, which <a href=\"https:\/\/cyberscoop.com\/lumma-infostealer-widespread-victims\/\">infected about 10 million systems<\/a>.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The takedowns and indictments mark a flurry of law enforcement activity against cybercrime as part of <a href=\"https:\/\/www.operation-endgame.com\/\">Operation Endgame<\/a> \u2014 a broader and ongoing international law enforcement effort to dismantle and prosecute cybercriminal organizations. <\/p>\n<p>The DOJ on Thursday also unsealed a <a href=\"https:\/\/www.justice.gov\/d9\/2025-05\/qakbot_indictment.pdf\">federal indictment<\/a> charging Rustam Rafailevich Gallyamov, 48, of Moscow, Russia, with allegedly leading the cybercrime group responsible for the development and deployment of the Qakbot malware operation, which was <a href=\"https:\/\/cyberscoop.com\/fbi-doj-major-botnet-and-malware-takedown-qakbot\/\">disrupted by international law enforcement in 2023<\/a>. Authorities said they seized over $24 million in cryptocurrency from Gallyamov during their investigation.<\/p>\n<p>A countdown clock on the Operation Endgame site indicates more news in the fight against cybercrime will be announced Friday morning.<\/p>\n<p>Authorities named two of the 16 defendants accused of operating DanaBot: Aleksandr Stepanov, 39, and Artem Aleksandrovich Kalinkin, 34, both residents of Novosibirsk, Russia. Kalinkin and Stepanov are not in custody and believed to be in Russia, the DOJ said. The United States doesn\u2019t have an extradition treaty with Russia.<\/p>\n<p>DanaBot included multiple features that allowed cybercriminals to hijack banking sessions and steal data from infected computers, including account credentials, device information, browsing histories and cryptocurrency wallet information, experts said. DanaBot was also used to achieve full remote access to victim computers to record keystrokes and videos of users\u2019 activities. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The DOJ said a second version of the botnet targeted computers in military, government and diplomatic operations. This variant targeted military officials, diplomats and law enforcement personnel in North America and Europe, sending stolen data to a different server than the fraud-oriented version of DanaBot, officials said.<\/p>\n<p>This mix of espionage and cybercrime distinguishes DanaBot, which CrowdStrike tracks as Scully Spider, from typical financially motivated operations, the cybersecurity firm\u2019s threat researchers said in a Thursday <a href=\"https:\/\/www.crowdstrike.com\/en-us\/blog\/crowdstrike-partners-with-doj-disrupt-danabot-malware-operators\/\">blog post<\/a>.<\/p>\n<p>\u201cThough it is unclear how the collected data was used, we think this direct use of criminal infrastructure for intelligence-gathering activities provides evidence that Scully Spider operators were acting on behalf of Russian government interests,\u201d CrowdStrike said.<\/p>\n<p>Said Kenneth DeChellis, special agent in charge of the Department of Defense Office of Inspector General, Defense Criminal Investigative Service (DCIS), Cyber Field Office: \u201cThe enforcement actions announced today, made possible by enduring law enforcement and industry partnerships across the globe, disrupted a significant cyber threat group, who were profiting from the theft of victim data and the targeting of sensitive networks. The DanaBot malware was a clear threat to the Department of Defense and our partners.\u201d<\/p>\n<p>The FBI\u2019s Anchorage Field Office and DCIS led the investigation into DanaBot, with assistance from federal police agencies in Germany, the Netherlands and Australia. Multiple cybersecurity companies also aided the investigation and takedown operation, including Amazon, CrowdStrike, ESET, Flashpoint, Google, Intel 471, Lumen, PayPal, Proofpoint, Team CYMRU and ZScaler.<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"3.4416826003824\">\n<div class=\"author-card\" readability=\"14\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/danabot-malware-operation-seized-in-global-takedown-1.jpg?w=640&ssl=1\" alt=\"Matt Kapko\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Matt Kapko<\/h4>\n<p> Matt Kapko is a reporter at CyberScoop. His beat includes cybercrime, ransomware, software defects and vulnerability (mis)management. The lifelong Californian started his journalism career in 2001 with previous stops at Cybersecurity Dive, CIO, SDxCentral and RCR Wireless News. Matt has a degree in journalism and history from Humboldt State University. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/danabot-malware-botnet-seizure-takedown\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>DanaBot malware operation seized in global takedown | CyberScoop Skip<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[2080,282,78,4327,338,624,117,3833,3913,3914,168,270,288],"tags":[2082,286,86,4328,341,629,119,3835,3917,3918,169,276,294],"class_list":["post-7671","post","type-post","status-publish","format-standard","hentry","category-botnets","category-cybercrime","category-cybersecurity","category-danabot","category-department-of-justice-doj","category-espionage","category-government","category-indictment","category-information-stealing-malware","category-infostealers","category-malware","category-russia","category-threats","tag-botnets","tag-cybercrime","tag-cybersecurity","tag-danabot","tag-department-of-justice-doj","tag-espionage","tag-government","tag-indictment","tag-information-stealing-malware","tag-infostealers","tag-malware","tag-russia","tag-threats"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/botnets\/\" rel=\"category tag\">botnets<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybercrime\/\" rel=\"category tag\">cybercrime<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/danabot\/\" rel=\"category tag\">DanaBot<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/department-of-justice-doj\/\" rel=\"category tag\">Department of Justice (DOJ)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/espionage\/\" rel=\"category tag\">espionage<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/government\/\" rel=\"category tag\">Government<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/indictment\/\" rel=\"category tag\">indictment<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/information-stealing-malware\/\" rel=\"category tag\">information-stealing malware<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/infostealers\/\" rel=\"category tag\">infostealers<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/malware\/\" rel=\"category tag\">Malware<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/russia\/\" rel=\"category tag\">Russia<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a>","tag_info":"Threats","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7671","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=7671"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7671\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=7671"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=7671"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=7671"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":7671,"date":"2025-05-22T17:51:43","date_gmt":"2025-05-22T22:51:43","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=84655"},"modified":"2025-05-22T17:51:43","modified_gmt":"2025-05-22T22:51:43","slug":"danabot-malware-operation-seized-in-global-takedown","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2025\/05\/22\/danabot-malware-operation-seized-in-global-takedown\/","title":{"rendered":"DanaBot malware operation seized in global takedown"},"content":{"rendered":"