Skip to main content

New malware GozNym is stealing millions from U.S. bank account holders

microsoft security intelligence report 2016 online piracy
Mopic / Shutterstock
Hiding your money under your mattress may seem like an antiquated idea, but it may be the only way to stop a new hybrid malware monster that is attacking American and Canadian bank accounts. Known as GozNym, the malicious code actually combines two already powerful viruses known as Nymaim and Gozi. The resulting Trojan is as ruthless as it is resilient, and it has already been used to steal $4 million from over 24 U.S. and Canadian banks.

According to the IBM X-Force Research team that first uncovered this dangerous new weapon, which is being wielded by Eastern European hackers, GozNym takes the worst of each of its “parents.” “From the Nymaim malware, it leverages the dropper’s stealth and persistence; the Gozi ISFB parts add the banking Trojan’s capabilities to facilitate fraud via infected Internet browsers,” the IBM team writes. “The end result is a new banking Trojan in the wild.”

Recommended Videos

GozNym was first unleashed in early April, and has already inflicted considerable damage. It is unclear as of yet as to how many customers thus far have been affected, but the worst doesn’t appear to be over quite yet. IBM says that “GozNym’s operators’ top target is business accounts.” 50 percent of the attacks have been banking and credit unions, and another 17 percent of victims are retail banks.

Please enable Javascript to view this content

This malware is particularly dangerous because it targets the actual consumer. Essentially, GozNym sneaks its way into a computer when an account holder clicks on email attachments or links, and then stays dormant until the user logs on to his or her bank account. Once this happens, GozNym really goes to work, stealing and sending information to hackers. “It all happens without the user seeing anything,” Etay Maor, executive security adviser at IBM Security tells the Wall Street Journal.

“To help stop threats like GozNym, banks and service providers can use adaptive malware detection solutions and protect customer endpoints with malware intelligence,” IBM notes. These tools could provide “real-time insight into fraudster techniques and capabilities, designed to address the relentless evolution of the threat landscape.”

Lulu Chang
Former Digital Trends Contributor
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
TikTok says it’s here to stay; ban from U.S. app stores delayed to September 27
tiktok logo

TikTok claims that it is here to stay, shortly after President Donald Trump said that he has approved Oracle's proposed deal to acquire the video-sharing app's U.S. assets.

TikTok said on Twitter said that it is not going anywhere, while also uploading a short video message from interim CEO Vanessa Pappas.

Read more
Rocket Lab given go-ahead to launch rockets from U.S. soil
rocket lab achieves first launch since july mission failure  aug 2020

Rocket Lab has been granted a launch operator license by the Federal Aviation Administration, paving the way for its first mission from U.S. soil at Wallops Island, Virginia.

Up to now, the private spaceflight company has been launching from a site in New Zealand, but the permission granted by the FAA will enable Rocket Lab to increase its frequency of launches and serve more customers, including U.S. government agencies that would rather launch from American soil.

Read more
Trump says he’ll ban TikTok from the U.S.
Trump stylized image

President Donald Trump said he will ban the popular video app TikTok from operating in the U.S. -- and do it as early as Saturday.

Trump told reporters aboard Air Force One Friday evening that he will use emergency powers or an executive order to block the app, according to The Hill. “As far as TikTok is concerned, we’re banning them from the United States,” he told reporters. "I have that authority."

Read more