Labels

Meet GozNym: The Banking Malware Offspring of Gozi ISFB and Nymaim

IBM X-Force Research uncovered a Trojan hybrid spawned from the Nymaim and Gozi ISFB malware. It appears that the operators of Nymaim have recompiled its source code with part of the Gozi ISFB source code, creating a combination that is being actively used in attacks against more than 24 U.S. and Canadian banks, stealing millions of dollars so far. X-Force named this new hybrid GozNym.

The new GozNym hybrid takes the best of both the Nymaim and Gozi ISFB malware to create a powerful Trojan. From the Nymaim malware, it leverages the dropper’s stealth and persistence; the Gozi ISFB parts add the banking Trojan’s capabilities to facilitate fraud via infected Internet browsers. The end result is a new banking Trojan in the wild.

Internally, GozNym works like a double-headed beast, where the two codes rely on one another to carry out the malware’s internal operations. More information about the hybrid’s intertwined operation appears in the technical section of this blog.

Read the research on this Trojan here: https://securityintelligence.com/meet-goznym-the-banking-malware-offspring-of-gozi-isfb-and-nymaim/


This story was covered by major media outlets: 

US – Forbes: Eastern European Cyber Crooks Raid US Banks For $4 Million In Just 3 Days http://onforb.es/1VrSlcE

US – Fortune: New “Double-Headed” Malware Has Stolen $4 Million From US and Canadian Banks http://for.tn/23LlpwK 

US – The Wall Street Journal: New Malware Steals $4 Million at US, Canada Banks http://on.wsj.com/1W0GRLK

US - The Wall Street Journal The Morning Download: New Malware Steals $4 Million at U.S., Canada Banks. http://on.wsj.com/1V6r2UX

UK - The Register: Halfbreed trojan targets US banks http://bit.ly/1WvwYWP  

US – ZDNet: GozNym: The double-headed malware monster targeting US banks http://zd.net/1qYEJJ6     

US - The Hill: New malware steals $4M at US, Canadian banks http://bit.ly/1RYzGSR

US - Inc.: Crooks Use New "Blended" Malware To Steal $4 Million From 24 Banks In Just A Few Days http://bit.ly/1V6yNdx

UK – Computing: IBM warning over new ‘conjoined malware’ robbing banks of millions every day http://bit.ly/1WvBXqq

US - IDG / Computer World: Hybrid GozNym malware targets customers of 24 financial institutions http://bit.ly/1T9bv3c

US - SC Magazine; New GozNym banking malware steals millions in just days http://bit.ly/1VogQqo

US - Security Week: Hybrid Trojan "GozNym" Targets North American Banks http://bit.ly/1SOlnwp

US - Hack Busters: Hybrid Trojan "GozNym" Targets North American Banks http://bit.ly/1p24Gpf

US - eSecurity Planet: IBM Researchers Warn of New GozNym Banking Trojan http://bit.ly/1VuoTTo

US – Infosecurity Magazine: Franken-Trojan Steals $4M from North American Banks http://bit.ly/23zwuEH

US - Threatpost Banking Trojans Nymaim, Gozi Merge To Steal $4M http://bit.ly/1p1D6Zf

US - Information Age: Banking Trojans merge to steal over $4m in just a few days http://bit.ly/1W3hEQF   

US - Major Geeks: New Hybrid Malware Targets Banks http://bit.ly/1T7GCvZ

US - Anti-Corruption Digest: Bank Trojans Nymaim, Gozi Merge Create GozNym http://bit.ly/1NstL30      

US - IBS Intelligence: Powerful Trojan hits North American FIs hard http://bit.ly/1SPC1vM

US – Finextra: Double-headed beast' swipes $4 million from business bank accounts http://bit.ly/265aS1u

US - The Paypers: Malware steals USD 4 mln from US banks http://bit.ly/20HCciD

UK - Sensors Tech Forum: GozNym – New Banking Malware on The Loose http://bit.ly/1T99tA5

UK - The Inquirer: Combined malware threat is robbing banks of millions every day http://bit.ly/1Sbsgs0       

UK - Security Affairs: GozNym Trojan combines Gozi ISFB and Nymaim malware abilities http://bit.ly/1qYFx0y

Labels:

Comments

Post a Comment