DanaBot takedown shows how agentic AI cut months of SOC analysis to weeks

Agentic AI looks set to improve cybersecurity operations after the recent takedown of DanaBot, a Russian malware operation that infected more than 300,000 systems and caused over $50m in damage, according to the US Department of Justice.
DanaBot infected computers with malware to access banking details and other sensitive information, with its operators, Scully Spider, allegedly having links to Russian intelligence.
After the takedown, chief executive of cybersecurity firm CrowdStrike Tom Gillis said static rule-based defenses were useless against such dynamic and adaptable cybercrime operations.
Agentic AI played a key role in taking down DanaBot, using predictive threat modelling and real-time correlation to detect anomalies and take down the operation.
The sophistication of DanaBot and similar operations mean that cybersecurity operations centres (SOCs) need to use AI to detect, analyse and respond to threats at a similar speed and scale.

Fast Feed