Share this:
Hiding your money under your mattress may seem like an antiquated idea, but it may be the only way to stop a new hybrid malware monster that is attacking American and Canadian bank accounts. Known as GozNym, the malicious code actually combines two already powerful viruses known as Nymaim and Gozi. The resulting Trojan is as ruthless as it is resilient, and it has already been used to steal $4 million from over 24 U.S. and Canadian banks.
According to the IBM X-Force Research team that first uncovered this dangerous new weapon, which is being wielded by Eastern European hackers, GozNym takes the worst of each of its “parents.” “From the Nymaim malware, it leverages the dropper’s stealth and persistence; the Gozi ISFB parts add the banking Trojan’s capabilities to facilitate fraud via infected Internet browsers,” the IBM team writes. “The end result is a new banking Trojan in the wild.”
GozNym was first unleashed in early April, and has already inflicted considerable damage. It is unclear as of yet as to how many customers thus far have been affected, but the worst doesn’t appear to be over quite yet. IBM says that “GozNym’s operators’ top target is business accounts.” 50 percent of the attacks have been banking and credit unions, and another 17 percent of victims are retail banks.
Related: Hackers hacking hackers for profit and market dominance
This malware is particularly dangerous because it targets the actual consumer. Essentially, GozNym sneaks its way into a computer when an account holder clicks on email attachments or links, and then stays dormant until the user logs on to his or her bank account. Once this happens, GozNym really goes to work, stealing and sending information to hackers. “It all happens without the user seeing anything,” Etay Maor, executive security adviser at IBM Security tells the Wall Street Journal.
“To help stop threats like GozNym, banks and service providers can use adaptive malware detection solutions and protect customer endpoints with malware intelligence,” IBM notes. These tools could provide “real-time insight into fraudster techniques and capabilities, designed to address the relentless evolution of the threat landscape.”
- Ransomware learns the art of customer service to help victims pay up
- Billion dollar bank heist foiled by one spelling mistake
- Protect your PC from the cyber-flu with these awesome free antivirus options
from Planet GS via John Jason Fallows on Inoreader http://ift.tt/1QgaBx0
Lulu Chang
More Stories
‘My 401k Misses You’: Black Woman Pumped To Meet Donald Trump In Philadelphia – July 18, 2023 at 04:56PM
Energy Provider Warns of Impending ‘Crisis,’ ‘Blackout Conditions’ Driven By Biden Plans – July 18, 2023 at 04:20PM
Dog starts barking at cows crossing a bridge, so the cows stop to have a look. – July 17, 2023 at 02:27PM