Hackers Behind GozNym Malware Sentenced for Stealing $100 Million

Three associates of an international structured cybercrime group that was driving a multi-million dollar theft mainly versus U.S. organizations and economic institutions have been sentenced to prison, the U.S. Justice Section announced.

The criminals utilized the GozNym banking Trojan to break into a lot more than 4,000 victim computers globally, primarily in the United States and Europe, involving 2015 and 2016, and fraudulently steal just about $100 million from their banking accounts.

In Might this 12 months, Europol dismantled the cybercrime network powering GozNym, with the United States issuing charges from a whole of 10 customers of the team, 5 of which were being arrested at that time, even though five other folks, like the developer of GozNym, continue to be at the run.

In a federal court in Pittsburgh on Friday, Krasimir Nikolov, one of the group’s customers, was sentenced to a time period of time served soon after having served in excess of 39 months in jail for his part as an “account takeover professional” in the plan, and will now be transferred to Bulgaria.

Nikolov, 47, was arrested in September 2016 by Bulgarian authorities and extradited to Pittsburgh in December 2016 to experience federal prices of felony conspiracy, computer system fraud, and bank fraud.

“Nikolov used the victims’ stolen online banking credentials captured by GozNym malware to entry victims’ on the web bank accounts and try to steal victims’ funds via digital transfers into lender accounts managed by fellow conspirators,” the DoJ explained in a press release.

Two other GozNym team associates sentenced on Friday—Alexander Konovolov and Marat Kazandjian—also participated in the scheme and sentenced to 7 and 5 years of imprisonment, respectively. Equally ended up arrested and prosecuted in Ga.

Although Konovolov served as a key organizer and leader of the GozNym network that controlled about 41,000 infected computer systems and recruited cybercriminals applying underground on the net prison community forums, Kazandjian was his primary assistant and specialized administrator.

GozNym is a infamous banking Trojan that was produced by combining two recognized highly effective Trojans, Gozi ISFB malware—a banking Trojan that initial appeared in 2012, and Nymaim—a Trojan downloader that can also functionality as ransomware.

Web Application Firewall

The malware, primarily sent by way of substantial malspam campaigns to hack on victims’ Windows PCs, waits for victims to enter their banking passwords into their net browser, captures them, and then employed them to crack into victims’ bank accounts and fraudulently transfer resources to their personal accounts.

GozNym malware community was hosted and operated through “Avalanche” bulletproof support, whose administrator was arrested in Ukraine throughout a look for in November 2016.

“This new paradigm will involve unparalleled degrees of cooperation with ready and reliable law enforcement associates all-around the globe who share our goals of searching, arresting, and prosecuting cyber criminals no matter exactly where they could possibly be,” stated U.S. Legal professional Scott W. Brady.

The victims of this cybercrime network ended up mainly U.S. firms and their monetary establishments, which includes a amount of victims positioned in the Western District of Pennsylvania, while the DoJ did not name any.

Fibo Quantum