Friday, January 3, 2025
HomeComputer SecurityHacker Group Behind GozNym Banking Malware Dismantled by International Authorities that Stolen...

Hacker Group Behind GozNym Banking Malware Dismantled by International Authorities that Stolen $100 Million

Published on

SIEM as a Service

International law enforcement operation brings down a globally operated and well-organized cybercrime network behind GozNym banking malware responsible for stealing $100 million from more than 41,000 victims.

The GozNym banking malware primarily targeted financial institutions; it includes a banking trojan and trojan downloader, which also has the function of ransomware.

GozNym distributed through phishing emails, designed to have appeared from legitimate sources and includes a malicious link or attachment.

- Advertisement - SIEM as a Service

The United States charges ten members of the GozNym criminal network in a conspiracy to infect victims computer with malware to capture login credentials, using stolen credentials to gain unauthorized access and for stealing money from victims’ bank accounts.

GozNym

“The International operation was highlighted by the unprecedented initiation of criminal prosecutions against members of the network in four different countries as a result of cooperation between the United States, Georgia, Ukraine, Moldova, Germany, Bulgaria, Europol, and Eurojust,” reads the press release.

GozNym

GozNym cybercrime group also emphasize “cybercrime as a service,” along with services such as bulletproof hosters, money mules networks, crypters, spammers, coders, organizers, and technical support.

According to the Indictment, the defendants reside in Russia, Georgia, Ukraine, Moldova, and Bulgaria. The operation was an unprecedented international effort to share evidence and initiate criminal prosecutions against members of the same criminal network in multiple countries.

The leader of the GozNym malware network who controlled 41 000 victim computers arrested along with his technical assistant is being prosecuted in Georgia.

For hosting they used Bulletproof hosting services, provided by Avalanche, the administrator of the service is now facing prosecution in Ukraine.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

FBI-affiliated Websites Hacked – Hackers Steals Agents Personal data From Websites and Published Online

Two Hackers of Bayrob Malware Gang Convicted for Infecting more than 400,000 Computers Worldwide

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

LegionLoader Abusing Chrome Extensions To Deliver Infostealer Malware

LegionLoader, a C/C++ downloader malware, first seen in 2019, delivers payloads like malicious Chrome...

ASUS Critical Vulnerabilities Let Attackers Execute Arbitrary Commands

In a recent security advisory, ASUS has alerted users to critical vulnerabilities affecting several...

NTT Docomo Hit by DDoS Attack, Services Disrupted for 11 Hours

NTT Docomo, one of Japan’s leading telecommunications and IT service providers, experienced a massive...

Apple Agrees to $95M Settlement Over Siri Privacy Lawsuit

Apple Inc. has agreed to pay $95 million to settle a proposed class-action lawsuit...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

LegionLoader Abusing Chrome Extensions To Deliver Infostealer Malware

LegionLoader, a C/C++ downloader malware, first seen in 2019, delivers payloads like malicious Chrome...

ASUS Critical Vulnerabilities Let Attackers Execute Arbitrary Commands

In a recent security advisory, ASUS has alerted users to critical vulnerabilities affecting several...

NTT Docomo Hit by DDoS Attack, Services Disrupted for 11 Hours

NTT Docomo, one of Japan’s leading telecommunications and IT service providers, experienced a massive...