Sunday, November 24, 2024
HomeComputer SecurityHacker Group Behind GozNym Banking Malware Dismantled by International Authorities that Stolen...

Hacker Group Behind GozNym Banking Malware Dismantled by International Authorities that Stolen $100 Million

Published on

International law enforcement operation brings down a globally operated and well-organized cybercrime network behind GozNym banking malware responsible for stealing $100 million from more than 41,000 victims.

The GozNym banking malware primarily targeted financial institutions; it includes a banking trojan and trojan downloader, which also has the function of ransomware.

GozNym distributed through phishing emails, designed to have appeared from legitimate sources and includes a malicious link or attachment.

- Advertisement - SIEM as a Service

The United States charges ten members of the GozNym criminal network in a conspiracy to infect victims computer with malware to capture login credentials, using stolen credentials to gain unauthorized access and for stealing money from victims’ bank accounts.

GozNym

“The International operation was highlighted by the unprecedented initiation of criminal prosecutions against members of the network in four different countries as a result of cooperation between the United States, Georgia, Ukraine, Moldova, Germany, Bulgaria, Europol, and Eurojust,” reads the press release.

GozNym

GozNym cybercrime group also emphasize “cybercrime as a service,” along with services such as bulletproof hosters, money mules networks, crypters, spammers, coders, organizers, and technical support.

According to the Indictment, the defendants reside in Russia, Georgia, Ukraine, Moldova, and Bulgaria. The operation was an unprecedented international effort to share evidence and initiate criminal prosecutions against members of the same criminal network in multiple countries.

The leader of the GozNym malware network who controlled 41 000 victim computers arrested along with his technical assistant is being prosecuted in Georgia.

For hosting they used Bulletproof hosting services, provided by Avalanche, the administrator of the service is now facing prosecution in Ukraine.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

FBI-affiliated Websites Hacked – Hackers Steals Agents Personal data From Websites and Published Online

Two Hackers of Bayrob Malware Gang Convicted for Infecting more than 400,000 Computers Worldwide

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Nearest Neighbor Attacks: Russian APT Hack The Target By Exploiting Nearby Wi-Fi Networks

Recent research has revealed that a Russian advanced persistent threat (APT) group, tracked as...

240+ Domains Used By PhaaS Platform ONNX Seized by Microsoft

Microsoft's Digital Crimes Unit (DCU) has disrupted a significant phishing-as-a-service (PhaaS) operation run by...

Russian TAG-110 Hacked 60+ Users With HTML Loaded & Python Backdoor

The Russian threat group TAG-110, linked to BlueDelta (APT28), is actively targeting organizations in...

Earth Kasha Upgraded Their Arsenal With New Tactics To Attack Organizations

Earth Kasha, a threat actor linked to APT10, has expanded its targeting scope to...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Nearest Neighbor Attacks: Russian APT Hack The Target By Exploiting Nearby Wi-Fi Networks

Recent research has revealed that a Russian advanced persistent threat (APT) group, tracked as...

240+ Domains Used By PhaaS Platform ONNX Seized by Microsoft

Microsoft's Digital Crimes Unit (DCU) has disrupted a significant phishing-as-a-service (PhaaS) operation run by...

Russian TAG-110 Hacked 60+ Users With HTML Loaded & Python Backdoor

The Russian threat group TAG-110, linked to BlueDelta (APT28), is actively targeting organizations in...