Meet GozNym: The Banking Malware Offspring of Gozi ISFB and Nymaim
IBM
X-Force Research uncovered a Trojan hybrid spawned from the Nymaim and Gozi
ISFB malware. It appears that the operators of Nymaim have recompiled its
source code with part of the Gozi ISFB source code, creating a combination that
is being actively used in attacks against more than 24 U.S. and Canadian banks,
stealing millions of dollars so far. X-Force named this new hybrid GozNym.
The new
GozNym hybrid takes the best of both the Nymaim and Gozi ISFB malware to create
a powerful Trojan. From the Nymaim malware, it leverages the dropper’s stealth
and persistence; the Gozi ISFB parts add the banking Trojan’s capabilities to
facilitate fraud via infected Internet browsers. The end result is a new
banking Trojan in the wild.
Internally,
GozNym works like a double-headed beast, where the two codes rely on one
another to carry out the malware’s internal operations. More information about
the hybrid’s intertwined operation appears in the technical section of this
blog.
Read the
research on this Trojan here: https://securityintelligence.com/meet-goznym-the-banking-malware-offspring-of-gozi-isfb-and-nymaim/
This
story was covered by major media outlets:
US –
Forbes: Eastern European Cyber Crooks Raid US Banks For $4 Million In Just 3
Days http://onforb.es/1VrSlcE
US –
Fortune: New “Double-Headed” Malware Has Stolen $4 Million From US and Canadian
Banks http://for.tn/23LlpwK
US – The Wall Street Journal: New Malware Steals $4
Million at US, Canada Banks http://on.wsj.com/1W0GRLK
US - The
Wall Street Journal The Morning Download: New Malware Steals $4 Million at U.S.,
Canada Banks. http://on.wsj.com/1V6r2UX
UK - The
Register: Halfbreed trojan targets US banks http://bit.ly/1WvwYWP
US –
ZDNet: GozNym: The double-headed malware monster targeting US banks
http://zd.net/1qYEJJ6
US - The
Hill: New malware steals $4M at US, Canadian banks http://bit.ly/1RYzGSR
US -
Inc.: Crooks Use New "Blended" Malware To Steal $4 Million From 24
Banks In Just A Few Days http://bit.ly/1V6yNdx
UK –
Computing: IBM warning over new ‘conjoined malware’ robbing banks of millions
every day http://bit.ly/1WvBXqq
US - IDG
/ Computer World: Hybrid GozNym malware targets customers of 24 financial
institutions http://bit.ly/1T9bv3c
US - SC
Magazine; New GozNym banking malware steals millions in just days
http://bit.ly/1VogQqo
US -
Security Week: Hybrid Trojan "GozNym" Targets North American Banks
http://bit.ly/1SOlnwp
US -
Hack Busters: Hybrid Trojan "GozNym" Targets
North American Banks http://bit.ly/1p24Gpf
US -
eSecurity Planet: IBM Researchers Warn of New GozNym Banking Trojan
http://bit.ly/1VuoTTo
US –
Infosecurity Magazine: Franken-Trojan Steals $4M from North American Banks
http://bit.ly/23zwuEH
US -
Threatpost Banking Trojans Nymaim, Gozi Merge To Steal $4M http://bit.ly/1p1D6Zf
US -
Information Age: Banking Trojans merge to steal over $4m in just a few days
http://bit.ly/1W3hEQF
US -
Major Geeks: New Hybrid Malware Targets Banks http://bit.ly/1T7GCvZ
US -
Anti-Corruption Digest: Bank Trojans Nymaim, Gozi Merge Create GozNym
http://bit.ly/1NstL30
US - IBS
Intelligence: Powerful Trojan hits North American FIs hard http://bit.ly/1SPC1vM
US –
Finextra: Double-headed beast' swipes $4 million from business bank accounts
http://bit.ly/265aS1u
US - The
Paypers: Malware steals USD 4 mln from US banks http://bit.ly/20HCciD
UK -
Sensors Tech Forum: GozNym – New Banking Malware on The Loose
http://bit.ly/1T99tA5
UK - The
Inquirer: Combined malware threat is robbing banks of millions every day
http://bit.ly/1Sbsgs0
UK -
Security Affairs: GozNym Trojan combines Gozi ISFB and Nymaim malware abilities
http://bit.ly/1qYFx0y
Comments
Post a Comment