NEWS
NEWS
NEWS
New advanced hybrid malware GozNym said to be targeting bank accounts
A new form of malware has been discovered that is believed to have stolen more than $4 million from American and Canadian banks, according to research published late last week.
Dubbed GozNym by International Business Machine Corp. (IBM) security researchers, the malware is said to be a hybrid version of two previous types of malware known as Nymaim and Gozi and takes the best of both; from Nymaim it leverages a “dropper” capability that allows additional malware to be installed on an infected machine, while from Gozi it adds Trojan capabilities to facilitate fraud via infected Internet browsers.
The program is largely targeting business accounts, mostly in the United States, and also oddly enough credit union accounts and “popular e-commerce platforms.”
Targets of the malware are said to be customers and not banks directly with the malware infecting a computer quietly with the person targeted not knowing they have been infected; once infected the malware is able to deploy a number of different methods to steal and transmit information, and is also able to log keystrokes to steal usernames and passwords.
Although they cannot be entirely certain, the IBM team believe that the malware originated from East Europe and the team behind the original Nymaim malware given that they are the only people who have access to the code to create the hybrid to begin with.
Detection
IBM says that because this is a case of a hybrid trojan, it is as stealthy and persistent as its parent Nymaim, while possessing the Gozi trojan ability to manipulate web sessions, resulting in advanced online banking fraud attacks.
The company says that it has informed banks that have been targeted so for, but other service providers should “use adaptive malware detection solutions and protect customer endpoints with malware intelligence that provides real-time insight into fraudster techniques and capabilities, designed to address the relentless evolution of the threat landscape.”
More details on GozNym can be found on the IBM X-team security post here.
Image source: miniyo73/Flickr/CC by 2.0
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
