GozNym Malware Hackers Sentenced

Uploaded on 2020-01-08 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Financial

Three members of an international organised cybercrime group have been sentenced to prison. The criminals used the GozNym banking Trojan to break into more than 4,000 victim computers globally, primarily in the United States and Europe in 2015 and 2016, and steal nearly $100 million from their banking accounts.

In May last year, Europol took down the cybercrime network behind GozNym, with the United States issuing charges against a total of ten members of the group, 5 of which were arrested at that time, while five others, including the developer of GozNym, remain at the run. 

In a US federal court in Pittsburgh, Krasimir Nikolov, one of the group's members, was sentenced to a period of time served after having served over 39 months in prison for his role as an "account takeover specialist" in the scheme, and will now be transferred to Bulgaria.

Nikolov, 47, was arrested in September 2016 by Bulgarian authorities and extradited to  the US in December 2016 to face federal charges of criminal conspiracy, computer fraud, and bank fraud. "Nikolov used the victims' stolen online banking credentials captured by GozNym malware to access victims' online bank accounts and attempt to steal victims' money through electronic transfers into bank accounts controlled by fellow conspirators," the DoJ has said.

Two other GozNym group members were recently sentenced; Alexander Konovolov and Marat Kazandjian, also participated in the scheme and sentenced to seven and five years of imprisonment, respectively. 

While Konovolov served as a primary organiser and leader of the GozNym network that controlled over 41,000 infected computers and recruited cybercriminals using underground online criminal forums, Kazandjian was his primary assistant and technical administrator.

GozNym is a notorious banking Trojan that was developed by combining two known powerful Trojans, Gozi ISFB malware, a banking Trojan that first appeared in 2012, and Nymaim, a Trojan downloader that can also function as ransomware.The malware, primarily delivered via massive malspam campaigns to hack on victims' Windows PCs, waits for victims to enter their banking passwords into their web browser, captures them, and then used them to break into victims' bank accounts and fraudulently transfer funds to their own accounts.

GozNym malware network was hosted and operated through "Avalanche" bulletproof service, whose administrator was arrested in Ukraine during a search in November 2016.

"This new paradigm involves unprecedented levels of cooperation with willing and trusted law enforcement partners around the world who share our goals of searching, arresting, and prosecuting cyber criminals no matter where they might be," said US Attorney Scott W. Brady.

US Dept. of Justice:         The Hacker News:       Image: Christoph Scholz

You Might Also Read: 

Bank Creates Its Own AI To Identify & Disintegrate Malware:

$5m Bounty For Russian Hacker:

 

 

 

« Ten Predictions For Smart Cities
Iran Launches Missile & Cyber Attacks On The US »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Prewen

Prewen

Prewen provide solutions to protect sensitive data across the organisation.

ContentKeeper

ContentKeeper

ContentKeeper provides Web Threat Protection solutions to secure today’s Web 2.0 and mobile centric business environments.

adaware

adaware

adaware is an award-winning security and privacy software provider, empowering users to connect with confidence.

Nuspire

Nuspire

Nuspire provide services to protect your network with best-in-class managed detection and response, allowing you to stay focused on managing your business.

Corrata

Corrata

Corrata is an award-winning provider of mobile security and data control solutions for enterprises.

Nemko

Nemko

Nemko offers testing, inspection, and certification services worldwide, mainly concerning products and systems, but also for machinery, installations, and personnel.

Cyber Risk Aware

Cyber Risk Aware

Cyber Risk Aware provide a security awareness and phishing simulation platform that focuses on real threats and educates and empowers employees to be the first line of defence.

Meterian

Meterian

The Meterian Platform is a fuss-free solution to protect you against vulnerabilities in your app’s software supply chain.

Neptune Cyber

Neptune Cyber

Neptune is a cyber security company that works exclusively in the marine sector. Our team combines experts in shipbuilding, maintenance and operations and cyber security testing and design.

Protectt.ai Labs

Protectt.ai Labs

Protectt.ai Labs is India’s first mobile security start up building awareness & providing solutions for mobile app, device & transaction security.

8com

8com

8com is an established Managed Security Service Provider (MSSP) with over 75 employees and customers in over 40 countries.

NorthStar

NorthStar

NorthStar provide the visibility needed to track and reduce risk through risk-based vulnerability management and vulnerability exploit prediction.

dWallet Labs

dWallet Labs

dWallet Labs is a cybersecurity company specializing in blockchain technology. We believe that the future of Web3 relies on cutting edge cryptography and unabated security.

BCX

BCX

BCX, a subsidiary within Telkom Group, is one of Africa’s largest systems integrator and digital transformation partners for enterprises and public sector organisations.

Axiler

Axiler

Axiler’s AI-driven self-healing architecture seamlessly detect, patch, and neutralize threats in real-time, ensuring systems remain secure and ever-adaptable.

Seasia Infotech

Seasia Infotech

Seasia Infotech is a leader in offering efficient, tailor-made and comprehensive digital transformation services.