GozNym Hackers Stole $100 Million – But Made One Mistake

The GozNym cyber attack was a sophisticated cybercrime operation that combined the features of both banking trojans and malware.

GozNym was first identified in early 2016 as a hybrid malware strain that aimed to steal sensitive financial information from individuals and organizations.

It was a combination of the Nymaim dropper and the Gozi banking trojan, hence the name GozNym.

The attackers behind GozNym used various tactics to infect systems, including phishing emails, exploit kits, and malicious attachments. Once a system was compromised, the malware would silently monitor the victim’s online activities, capturing login credentials and financial data.

The GozNym cyber attack had a significant impact on both individuals and financial institutions. It resulted in the theft of millions of dollars from victims worldwide, leading to financial losses and compromised personal information.

In May 2019, a multinational law enforcement operation successfully took down the infrastructure behind the GozNym cybercrime network. This collaborative effort led to the arrest of multiple individuals involved in the operation, dismantling the criminal enterprise.

The international law enforcement operation initiated criminal prosecutions against members of the network in four different countries. During the course of the operation, searches were conducted in Bulgaria, Georgia, Moldova and Ukraine. Criminal prosecutions have been initiated in Georgia, Moldova, Ukraine and the United States.