Europol Shuts Down Goznym Malware Network | Avast

Europol Shuts Down Goznym Malware Network | Avast
Avast Security News Team, 17 May 2019

Europol busts an international cyber syndicate; spyware infects WhatsApp; Forbes online subscribers get hacked; and Zombieload rises.



Europol takes down cybercrime supermarket
In a joint effort by six countries, Europol led a complicated international operation to take down the GozNym malware cybercriminal network. The network preyed on over 40,000 victims from whom it attempted to steal a collective $100M. A federal grand jury in Pittsburgh indicted ten members of the criminal network under conspiracy to infect victims’ computers with GozNym malware designed to capture banking credentials, using the stolen credentials to gain fraudulent access to the victims’ accounts, and stealing and laundering money from those accounts. The bust entailed cooperation from Bulgaria, Germany, Georgia, Moldova, Ukraine, and the United States.
The GozNym network is an example of “cybercrime as a service,” where bad actors with specific criminal skill sets team up to form a full “assembly line” of crime. This consists of the leader of the network, the developer of the malware, “crypters” who encrypt the malware so it can’t be detected, spammers who distribute the malware, bulletproof hosting servers to house the malicious domains, account takeover specialists who do the actual transferring of funds from victims’ accounts, and “cash-outs” (also called “drop masters”) who launder the money. Five of the indicted men have evaded capture and remain on the run, while the others await prosecution.
Quote of the week “The GozNym network exemplified the concept of ‘cybercrime as a service,’ with different criminal services such as bulletproof hosters, money mules networks, crypters, spammers, coders, organizers, and technical support.” – Europol explaining Goz ..