Law enforcement officials from the U.S. and some European allies say they have broken up a criminal network that used banking malware to try to steal an estimated $100 million from over 41,000 victims in multiple countries.
An indictment made public Thursday alleges that 10 members of a criminal organization used the GozNym malware, a banking trojan that infects internet browsers and was compiled from two other known pieces of malware, to steal victims’ login credentials, steal their money and then launder those funds through U.S. and foreign bank accounts.
The primary victims were U.S. businesses and their supporting financial institutions, including several victims in the Western District of Pennsylvania, U.S. officials said. Other organizations hit were a Pennsylvania asphalt and paving business, a Washington law firm, a casino in Gulport, Mississippi, and a California furniture business, according to the indictment. Cybersecurity researchers tracking GozNym in recent years have reported its targeting of credit unions, e-commerce, and other finance subsectors.
International police dismantle crime ring that allegedly used GozNym malware to try to steal $100 million