GozNym Malware Hackers Sentenced

Uploaded on 2020-01-08 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Financial

Three members of an international organised cybercrime group have been sentenced to prison. The criminals used the GozNym banking Trojan to break into more than 4,000 victim computers globally, primarily in the United States and Europe in 2015 and 2016, and steal nearly $100 million from their banking accounts.

In May last year, Europol took down the cybercrime network behind GozNym, with the United States issuing charges against a total of ten members of the group, 5 of which were arrested at that time, while five others, including the developer of GozNym, remain at the run. 

In a US federal court in Pittsburgh, Krasimir Nikolov, one of the group's members, was sentenced to a period of time served after having served over 39 months in prison for his role as an "account takeover specialist" in the scheme, and will now be transferred to Bulgaria.

Nikolov, 47, was arrested in September 2016 by Bulgarian authorities and extradited to  the US in December 2016 to face federal charges of criminal conspiracy, computer fraud, and bank fraud. "Nikolov used the victims' stolen online banking credentials captured by GozNym malware to access victims' online bank accounts and attempt to steal victims' money through electronic transfers into bank accounts controlled by fellow conspirators," the DoJ has said.

Two other GozNym group members were recently sentenced; Alexander Konovolov and Marat Kazandjian, also participated in the scheme and sentenced to seven and five years of imprisonment, respectively. 

While Konovolov served as a primary organiser and leader of the GozNym network that controlled over 41,000 infected computers and recruited cybercriminals using underground online criminal forums, Kazandjian was his primary assistant and technical administrator.

GozNym is a notorious banking Trojan that was developed by combining two known powerful Trojans, Gozi ISFB malware, a banking Trojan that first appeared in 2012, and Nymaim, a Trojan downloader that can also function as ransomware.The malware, primarily delivered via massive malspam campaigns to hack on victims' Windows PCs, waits for victims to enter their banking passwords into their web browser, captures them, and then used them to break into victims' bank accounts and fraudulently transfer funds to their own accounts.

GozNym malware network was hosted and operated through "Avalanche" bulletproof service, whose administrator was arrested in Ukraine during a search in November 2016.

"This new paradigm involves unprecedented levels of cooperation with willing and trusted law enforcement partners around the world who share our goals of searching, arresting, and prosecuting cyber criminals no matter where they might be," said US Attorney Scott W. Brady.

US Dept. of Justice:         The Hacker News:       Image: Christoph Scholz

You Might Also Read: 

Bank Creates Its Own AI To Identify & Disintegrate Malware:

$5m Bounty For Russian Hacker:

 

 

 

« Ten Predictions For Smart Cities
Iran Launches Missile & Cyber Attacks On The US »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Messageware

Messageware

Messageware is the market leader in securing, enhancing, and customizing Microsoft Exchange and Outlook Web App.

Cybercrypt

Cybercrypt

Cybercrypt is a world leading system provider in robust cryptography. Protecting critical assets, applications and sensitive data.

ElcomSoft

ElcomSoft

ElcomSoft is a global leader in computer and mobile forensics, IT security and forensic data recovery.

Cyber Security Academy (CSA)

Cyber Security Academy (CSA)

The CSA aims to educate professionals who wish to contribute to strengthening the digital defensibility of states, organisations and individual citizens.

DreamIt Ventures

DreamIt Ventures

DreamIt Ventures is an early stage venture fund that accelerates startups building transformative tech products in the fields of Healthtech, Securetech, and Urbantech.

DeepView

DeepView

DeepView delivers a unified platform for managing risk on digital platforms. One interactive secure portal allowing employees to engage their networks securely and compliantly.

SightGain

SightGain

SightGain is the only integrated risk management solution focused on cybersecurity readiness using real-world attack simulations in your live environment.

Enzoic

Enzoic

Enzoic is an enterprise-focused cybersecurity company committed to preventing account takeover and fraud through compromised credential detection.

NightDragon

NightDragon

NightDragon is a venture capital firm investing in innovative growth and late stage companies within the cybersecurity, safety, security, and privacy industry.

Trilateral Research

Trilateral Research

Trilateral Research provide regulatory and policy advice; develop new data-driven technologies and contribute to the latest standards in safeguarding privacy, ethics and human rights.

Brightsolid

Brightsolid

Brightsolid are experts in Hybrid Cloud. We design, build and manage secure, scalable cloud environments that meet customers’ business ambitions.

Cenobe Cyber Security

Cenobe Cyber Security

Cenobe provides customized solutions to keep you ahead of potential threats and ensure the security of your organization's systems and data.

iNovex

iNovex

iNovex is a community of innovators that work together to solve hard problems. We partner with you to meet problems head-on and push boundaries with technology solutions.

Orca Tech

Orca Tech

Orca Tech brings together a portfolio of complimentary vendor in the IT security industry to help provide a complete solution to meet the requirements of our Partners across all sectors.

CyRiSo

CyRiSo

CyRiSo is a cyber security consulting company with a focus on 'as-a-service' services for the most pressing challenges of cyber security.

Dark Entry

Dark Entry

Dark Entry provide solutions to safeguard businesses, leveraging advanced technologies and intelligence-driven approaches to detect and mitigate risks associated with compromised data.