Common Information
| Type | Value |
|---|---|
| Value |
GozNym |
| Category | Actor |
| Type | Threat-Actor |
| Misp Type | Cluster |
| Description | IBM X-Force Research uncovered a Trojan hybrid spawned from the Nymaim and Gozi ISFB malware. It appears that the operators of Nymaim have recompiled its source code with part of the Gozi ISFB source code, creating a combination that is being actively used in attacks against more than 24 U.S. and Canadian banks, stealing millions of dollars so far. X-Force named this new hybrid GozNym. The new GozNym hybrid takes the best of both the Nymaim and Gozi ISFB malware to create a powerful Trojan. From the Nymaim malware, it leverages the dropper’s stealth and persistence; the Gozi ISFB parts add the banking Trojan’s capabilities to facilitate fraud via infected Internet browsers. The end result is a new banking Trojan in the wild. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-08-06 | 0 | A Comprehensive Look at the Evolution of the Cybercriminal Underground | ||
| Details | Website | 2023-07-20 | 0 | Biggest Legal Industry Cyber Attacks | Arctic Wolf | ||
| Details | Website | 2023-01-28 | 0 | Bulletproof hosting: How cybercrime stays resilient | ||
| Details | Website | 2022-10-24 | 17 | Chapter 1 — From Gozi to ISFB: The history of a mythical malware family. | ||
| Details | Website | 2022-06-24 | 22 | We see you, Gozi | ||
| Details | Website | 2021-04-23 | 0 | Phishing impersonates global recruitment firm to push malware | ||
| Details | Website | 2020-08-28 | 131 | Gozi: The Malware with a Thousand Faces - Check Point Research | ||
| Details | Website | 2019-08-09 | 0 | Banking Trojans: A Reference Guide to the Malware Family Tree | ||
| Details | Website | 2019-05-16 | 0 | Goznym Indictments – action following on from successful Avalanche Operations | The Shadowserver Foundation | ||
| Details | Website | 2018-11-08 | 1 | 2018 Phishing and Fraud Report: Attacks Peak During the Holidays | ||
| Details | Website | 2018-10-23 | 0 | GOZNYM MALWARE: CYBERCRIMINAL NETWORK DISMANTLED IN INTERNATIONAL OPERATION | Europol | ||
| Details | Website | 2018-05-17 | 3 | Gozi V3 Technical Update | ||
| Details | Website | 2018-03-06 | 5 | Gozi ISFB Remains Active in 2018, Leverages "Dark Cloud" Botnet For Distribution | ||
| Details | Website | 2017-07-02 | 23 | ISFB: Still Live and Kicking | The Journal on Cybercrime & Digital Investigations | ||
| Details | Website | 2017-03-30 | 7 | Hi-Tech Crime Trends 2016 | ||
| Details | Website | 2017-01-30 | 16 | Nymaim revisited | ||
| Details | Website | 2017-01-01 | 0 | Nothing found for Security Antchain Intel Create New Privacy Preserving Computing Platform For Ai Training 2 | ||
| Details | Website | 2016-09-27 | 48 | Threat Spotlight: GozNym | ||
| Details | Website | 2016-04-16 | 2 | Black Hat USA 2017 |