
- Safe Mode
Intel471’s Will Dixon goes behind the scenes on the DanaBot takedown
This week, Greg talks to Will Dixon, Senior Intelligence Collection Manager for Intel471, about the lifecycle and takedown of DanaBot — one of the most notorious malware-as-a-service (MaaS) platforms of the last decade. We’ll explore how DanaBot transformed from a banking trojan into a full-featured MaaS tool, capable of serving both criminal enterprises and espionage operations. Will shares insights on its technical evolution, how it became a vital cog in the Initial Access Broker (IAB) ecosystem, and the anti-forensic tricks that kept detection teams on their toes. We’ll also dig into the broader impact on the cybercrime underground: How did DanaBot’s productization and subscription model reshape the MaaS and IAB economies? Has its downfall changed how actors maintain operational security, or blurred the lines between crimeware and espionage tools? This episode is perfect for anyone interested in the inside story of a leading-edge cybercrime operation and global enforcement campaign.
Also in this episode: Trinity Cyber Chief Product Officer Mike Denning joins SNG host Wyatt Kash in a sponsored podcast discussion on how Full Content Inspection technology is ushering in a new era of real-time cybersecurity. This segment was sponsored by Trinity Cyber.