Tuesday, April 22, 2025
HomeComputer SecurityHacker Group Behind GozNym Banking Malware Dismantled by International Authorities that Stolen...

Hacker Group Behind GozNym Banking Malware Dismantled by International Authorities that Stolen $100 Million

Published on

SIEM as a Service

Follow Us on Google News

International law enforcement operation brings down a globally operated and well-organized cybercrime network behind GozNym banking malware responsible for stealing $100 million from more than 41,000 victims.

The GozNym banking malware primarily targeted financial institutions; it includes a banking trojan and trojan downloader, which also has the function of ransomware.

GozNym distributed through phishing emails, designed to have appeared from legitimate sources and includes a malicious link or attachment.

- Advertisement - Google News

The United States charges ten members of the GozNym criminal network in a conspiracy to infect victims computer with malware to capture login credentials, using stolen credentials to gain unauthorized access and for stealing money from victims’ bank accounts.

GozNym

“The International operation was highlighted by the unprecedented initiation of criminal prosecutions against members of the network in four different countries as a result of cooperation between the United States, Georgia, Ukraine, Moldova, Germany, Bulgaria, Europol, and Eurojust,” reads the press release.

GozNym

GozNym cybercrime group also emphasize “cybercrime as a service,” along with services such as bulletproof hosters, money mules networks, crypters, spammers, coders, organizers, and technical support.

According to the Indictment, the defendants reside in Russia, Georgia, Ukraine, Moldova, and Bulgaria. The operation was an unprecedented international effort to share evidence and initiate criminal prosecutions against members of the same criminal network in multiple countries.

The leader of the GozNym malware network who controlled 41 000 victim computers arrested along with his technical assistant is being prosecuted in Georgia.

For hosting they used Bulletproof hosting services, provided by Avalanche, the administrator of the service is now facing prosecution in Ukraine.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

FBI-affiliated Websites Hacked – Hackers Steals Agents Personal data From Websites and Published Online

Two Hackers of Bayrob Malware Gang Convicted for Infecting more than 400,000 Computers Worldwide

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Hackers Exploit Cloudflare Tunnel Infrastructure to Deploy Multiple Remote Access Trojans

The Sekoia TDR (Threat Detection & Research) team has reported on a sophisticated network...

Threat Actors Leverage npm and PyPI with Impersonated Dev Tools for Credential Theft

The Socket Threat Research Team has unearthed a trio of malicious packages, two hosted...

Hackers Exploit Legitimate Microsoft Utility to Deliver Malicious DLL Payload

Hackers are now exploiting a legitimate Microsoft utility, mavinject.exe, to inject malicious DLLs into...

Cybercriminals Exploit Network Edge Devices to Infiltrate SMBs

Small and midsized businesses (SMBs) continue to be prime targets for cybercriminals, with network...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Hackers Exploit Cloudflare Tunnel Infrastructure to Deploy Multiple Remote Access Trojans

The Sekoia TDR (Threat Detection & Research) team has reported on a sophisticated network...

Threat Actors Leverage npm and PyPI with Impersonated Dev Tools for Credential Theft

The Socket Threat Research Team has unearthed a trio of malicious packages, two hosted...

Hackers Exploit Legitimate Microsoft Utility to Deliver Malicious DLL Payload

Hackers are now exploiting a legitimate Microsoft utility, mavinject.exe, to inject malicious DLLs into...