'GozNym' Banking Malware Gang Dismantled by International Law Enforcement

'GozNym' Banking Malware Gang Dismantled by International Law Enforcement


In a joint effort by several law enforcement agencies from 6 different countries, officials have dismantled a major global organized cybercrime network behind GozNym banking malware.

GozNym banking malware is responsible for stealing nearly $100 million from over 41,000 victims across the globe, primarily in the United States and Europe, for years.


GozNym was created by combining two known powerful Trojans—Gozi ISFB malware, a banking Trojan that first appeared in 2012 and Nymaim, a Trojan downloader that can also function as ransomware.

In a press conference held on Thursday, Europol said the operation was successfully conducted with the cooperation between Bulgaria, Germany, Georgia, Moldova, Ukraine, and the United States.

The United States has charged ten members of the GozNym criminal network, 5 of which were arrested during several coordinated searches conducted in Bulgaria, Georgia, Moldova, and Ukraine.

However, rest of the five defendants reside in Russia and are on the run, including one who developed the GozNym malware and leased it to other cybercriminals by advertising it on underground, Russian-language, online criminal forums.


According to the indictment unsealed earlier today in the U.S. Court, the defendants have been charged with conspiracy to commit computer fraud, conspiracy to commit wire fraud and bank fraud, and conspiracy to commit money laundering.

A member of the group who encrypted the GozNym malware to avoid detection by a ..