European law enforcers have hailed the dismantling of what they term a complex, globally operating and organised cybercrime network. The criminals used GozNym malware in an attempt to steal an estimated $100 million from more than 41,000 victims, primarily businesses and their financial institutions.
A criminal indictment returned by a federal grand jury in Pittsburgh, charges ten members of the GozNym criminal network with conspiracy. Police worked in EU countries Bulgaria and Germany, besides Georgia, Moldova, Ukraine and the United States (in alphabetical order). Europol, the European Agency for policing and Eurojust, the European Union’s Judicial Cooperation Unit supported the case.
The authorities see it as an example of “cybercrime as a service,” with criminal services such as bulletproof hosters, money mules networks, crypters, spammers, coders, organisers, and technical support, advertising skills and services on underground, Russian-speaking online criminal forums. Several members of the network provided money-laundering services and were known as “cash-outs” or “drop masters.”
Comment
Gavin Millard, VP of Intelligence at Tenable: “The simple truth is that cyberattacks yield a decent return for minimal effort for cyber criminals, with the chances of being caught negligible. The majority of attacks, such as crytojacking and ransomware, leverage poor cyber hygiene practices and until that changes we’re going to continue to see organised cyber-crime gangs, like GozNym, take advantage.
“Every organisation should be concentrating on getting basic cyber hygiene right to reduce the relative ease of these cyberattacks gaining a foothold and monetising their efforts. It comes down to three key elements: knowing what you have – both hardware and software; knowing where and how it’s exposed – what has flawed code that is being actively exploited by threat actors; then putting in policies that reduce the risk – whether its installing the latest update, restricting access to other systems and databases, or even removing its connection to the internet or other internal accounts.
“Bringing cyber criminals to justice is positive news but realistically this is just a few bad people prosecuted from the massive army of threat actors. Cyber-crime will continue to be a problem till we actively reduce our cyber exposure.”
