In a joint effort by several law enforcement agencies from 6 different countries, officials have dismantled a major cybercrime network behind GozNym banking malware.
malware is responsible for stealing nearly $100 million from over 41,000 victims across the globe for years.
GozNym was created by combining two known powerful Trojans—Gozi ISFB malware, a banking Trojan that first appeared in 2012 and Nymaim, a Trojan downloader that can also function as ransomware.
In a press conference held on Thursday, Europol said the operation was successfully conducted with the cooperation between Bulgaria, Germany, Georgia, Moldova, Ukraine, and the United States.
The United States has charged ten members of the GozNym criminal network, 5 of which who were arrested during several coordinated searches conducted in Bulgaria, Georgia, Moldova, and Ukraine.
The remaining five defendants are Russians and remain on the run, including one who developed the GozNym malware and leased it to other cybercriminals.
Another member of the group was already arrested three years ago by the Bulgarian authorities on charges related to the Avalanche malware network.
The members of the group infected victims' computers with GozNym malware and captured their online banking login credentials, using which they fraudulently stole money and then launder funds using the U.S. and foreign bank accounts.
"The defendants advertised their specialized technical skills and services on underground, Russian-speaking online criminal forums. The GozNym network was formed when these individuals were recruited from the online forums by the GozNym leader who controlled more than 41 000 victim computers infected with GozNym malware," the Europol said.
"The leader of the GozNym criminal network, along with his technical assistant, are being prosecuted in Georgia by the Prosecutor's Office of Georgia and the Ministry of Internal Affairs of Georgia."
This is a developing story; please refresh the page for updates.