ESET Research shares insights into Danabot, an infostealer recently disrupted by law enforcement. The malware, tracked since 2018, evolved from a banking trojan to a versatile tool for data theft and malware distribution. Operated as a malware-as-a-service, Danabot offered features like data stealing, keylogging, and remote control. Its infrastructure included C&C servers, an administration panel, and proxy servers. Distribution methods varied from email spam to Google Ads misuse. The takedown operation involved multiple cybersecurity companies and law enforcement agencies, leading to the identification of individuals responsible for Danabot's development and operations.