• Friday, May 24, 2019
  • Last Update : 11:33 pm

Police smash ‘GozNym’ cybercrime network that stole $100 million

  • Published at 09:28 pm May 16th, 2019
United States Attorney Scott W Brady-Europol
United States Attorney Scott W Brady takes part in a news conference to announce a major law enforcement action against a transnational organized cybercrime at the Europol's headquarters in The Hague, Netherlands on May 16, 2019 Reuters

The GozNym network, led by a man from Tbilisi, Georgia, used phishing emails to infect the computers of more than 41,000 victims with malware

Police in six countries have dismantled a complex cybercrime network that operated from Eastern Europe and fleeced victims - including small businesses and charities - of some $100 million, Europe's police agency said on Thursday.

The GozNym network, led by a man from Tbilisi, Georgia, used phishing emails to infect the computers of more than 41,000 victims with malware. Specialized members of the group in Bulgaria and Ukraine then seized control of victims' online bank accounts and transferred their funds to laundering accounts.

Ten of the network's members have been charged with conspiracy to steal online banking credentials and deposits under a US grand jury indictment.

"The victims included mom and pop businesses..., law firms, international corporations,...non-profit organizations that worked with disabled children," US Attorney Scott Brady told a news conference in The Hague.

Brady said the collaboration between American, Georgian, Ukrainian, German, Bulgarian and Moldovan law enforcement that was required to dismantle the crime group would prove a "blueprint" for future operations.

GozNym featured the Georgian ringleader, a Russian software developer, encryption experts in Moldova and Kazakhstan, "account takeover specialists" in Bulgaria and Ukraine, as well as assorted spammers, money launderers and "mules" (money carriers).

The defendants allegedly advertised their specialized technical skills and services on underground, Russian-speaking online forums.

The operation against the group began in 2016 with a German-led action in Ukraine that shut down the network’s servers.

Its alleged leader is being prosecuted in Georgia. Other prosecutions are underway in Moldova, Ukraine, and the US.

Five Russians charged in the US indictment, including the man accused of having developed the malware, remain at large, according to Europol.