Image by Growtika from Unsplash

FBI Exposes DanaBot Malware Gang Behind Global Cyber Heist

• Written by Kiara Fabbri Former Tech News Writer
• Fact-Checked by Sarah Frazier Former Content Manager

The FBI has charged 16 people linked to DanaBot, a malware that infected 300,000+ computers and stole over $50 million worldwide.

In a rush? Here are the quick facts:

• DanaBot infected over 300,000 computers globally.
• Malware stolen over $50 million from victims.
• Spy variant targeted government and military systems.

According to unsealed indictments , those involved performed various roles, including development, marketing, and customer support functions.

DanaBot exists in two distinct versions. The dark web offers this rental model for up to $4,000 which includes technical support and software tools, as reported by The Register . The malware steals banking and cryptocurrency login information from victims after it captures their keystrokes, screenshots, and network data through installation on their computers.

The second version of the malware operates as a spy tool which is not available for rental purposes. The malware system targets military and diplomatic and government networks by recording desktop screens and logging keyboard inputs and capturing video streams.

The Register reported that Special Agent Elliott Peterson from the FBI confirmed that multiple banks suffered losses exceeding millions of dollars because of DanaBot and the total stolen amount could reach $50 million.

The takedown effort is part of “Operation Endgame II,” a global campaign to dismantle botnets. FBI Special Agent Rebecca Day said, “Today’s announcement represents a significant step forward in the FBI’s ongoing efforts to disrupt and dismantle the cyber-criminal ecosystem that wreaks havoc on global digital security,” as reported by The Register

The Register reports that most DanaBot servers have been taken offline. The remaining two active servers operate from Alibaba’s hosting platform.

Operation Endgame displays a countdown on its website which suggests the complete shutdown might occur during this week.

Image by Pierre Borthiry - Peiobty, from Unsplash

Crypto Exchange Cetus Hit By Second-Largest Hack Of 2025

• Written by Kiara Fabbri Former Tech News Writer
• Fact-Checked by Sarah Frazier Former Content Manager

Cetus Protocol was hacked for $223 million in cryptocurrency, prompting a platform freeze, whitehat deal, and a $5 million public bounty.

In a rush? Here are the quick facts:

• $162 million of stolen assets were successfully paused.
• Cetus offered whitehat deal to attacker.
• $5 million bounty offered for hacker info.

Cetus Protocol, a decentralized exchange (DEX) and major liquidity provider on the SUI blockchain, was hacked for $223 million in digital assets. The attackers exploited a vulnerability in the platform’s smart contracts, draining multiple token pools in a matter of minutes.

The blockchain analytics firm Elliptic tracked the stolen funds by observing the attackers swap USDT for USDC stablecoins before transferring them to the Ethereum network for conversion into ETH.

Bleeping Computer (BC) reports how Cetus Protocol initiated a quick response by halting its smart contract operations while starting an internal investigation process. The platform implemented an emergency validator vote which resulted in freezing $162 million of assets.

📜 Dear Sui community, thank you for your patience while our team works on the incident investigation and resolution. Since taking the actions indicated in our previous announcement, we have also done the following: 1. We engaged the broader ecosystem, Sui team, and related… https://t.co/Gs1EWXZ6AD — Cetus🐳 (@CetusProtocol) May 22, 2025

The DEX team located the Ethereum wallet of the hacker while they collaborated with law enforcement agencies and third parties to recover stolen funds.

The DEX presented the hacker with a whitehat proposal which included a deal to return the funds without facing legal consequences. The DEX increased its pressure on the hacker by issuing a $5 million reward for any information that leads to their capture, as reported by BC.

Elliptic notes that the Cetus attack stands as the second-largest cryptocurrency theft of 2025 after the $1.46 billion Bybit theft occurred. The Cetus attack joins other decentralized finance platforms in raising security concerns about their platforms because they lost more than $2 billion to hacking incidents during 2024.

As investigations continue, the industry is watching closely to see how this high-profile case unfolds.