Police hunt the 'GozNym' malware gang
Five Russian men, including the creator of the virus, are on the run after police capture ring leaders
Police are on the hunt for five members of a cyber gang which used malware to steal $100 million from more than 41,000 victims.
Police in the US, Germany, Bulgaria, Georgia, Moldova and Ukraine worked together on a complex, cross-border operation to dismantle the group, but five Russian men managed to evade capture and are now on the lamb.
The gang used a form of malware to steal the hefty sum, which has been dubbed 'GozNym' and has proved quite potent. Within the five fugitives is the developer of GozNym, which the gang used to infect computers and capture online banking details.
Details of the operations have been announced by Europol, which called it an "unprecedented, international law enforcement operation". Ten members of the gang have been charged by a federal grand jury in the US with conspiracy to commit online theft.
However, that only explains part of their criminal operation. According to Europol, the gang operated a "cybercrime-as-a-service" concept, with different elements such as bulletproof hosters, money mules networks, crypters, spammers, coders, organisers and even technical support.
The gang advertised its specialist technical skills on a secret, Russian-speaking, online forums. The gang's leader also recruited individuals from these forums leading to the creation of the GozNym network, which provided the leader with access to more than 41 000 victim computers infected with GozNym malware.
The leader of this criminal network is being prosecuted in Georgia, but the creator of GozNym is still on the run. Europol believes this individual to be the developer of GozNym malware and the person that oversaw its creation, development, management and leasing to other cybercriminals.
GozNym is actually a hybrid of two other pieces of malware: Gozi Trojan and Nymaim. The first of these is known as a "dropper" - software that's designed to covertly move other malware on to a device. Gozi, on the other hand, has been around since 2007, resurfacing time and again with new techniques, all seemingly for stealing financial information.
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now