GozNym’s Euro Trip: Launching Redirection Attacks in Germany

The GozNym banking malware, a Trojan hybrid discovered by IBM X-Force in early April, continues to increase its activity against banks in Europe. More recently, the X-Force team discovered redirection attacks launched by the GozNym crew in Germany, targeting 13 banks and their local subsidiaries.

The new redirection schemes come in addition to webinjection-based attacks for all the targeted brands, demonstrating GozNym’s significant investment in German-language attack capabilities.

European Invasion

GozNym has been intensifying its activity across Europe, showing a very sharp peak in activity in August 2016. In numbers, this peak accounts for a 3,550 percent hike since July 2016 and a 526 percent rise compared to the total number of attacks since the birth of the GozNym hybrid (April to July 2016).

This blog post was part of my work with IBM X-Force. To read the complete post, please click here.