Bulgarian Hacker Indicted for Running Million-Dollar Malware Operation

Authorities recently arrested a man of Bulgaria and then deported him to USA on charges he assisted in developing as well as using GozNym malware which intercepts contaminated PCs' keystrokes so as for hacking into victims' bank A/Cs followed with making illegal money withdrawals. Vocativ.com posted this online dated December 13, 2016.

The man, aged 44 and named Krasimir Nikolov, apparently played key role amidst others of a team, which created GozNym followed with deploying it to carry out criminal operation which attempted at stealing $1.5m-or-more, and then effectively transmitting $121,130-or-more out of the accounts of 4 small businesses inside Pennsylvania and California.

As one among 20+ different malware strains, GozNym too fielded one command-and-control infrastructure that Avalanche hosted -the seasoned hosting as well as management system pertaining to criminal software around which once one gigantic multinational cyber-crime venture revolved.

Known as certain hybrid malware, GozNym was developed from the Gozi and Nymaim malicious programs. Its proliferation has been through phishing attacks wherein one fraudulent e-mail gets dispatched towards potential victims' inboxes directing that they should download one given file and execute it which however, surreptitiously intercepts their keyboard typing as they conduct transactions on banking websites. The attackers then wire money from these websites to themselves through an intermediary account of hired "money mules."

GozNym malware, so states Nikolov's indictment, was employed starting late 2015 for attacking USA-based businesses via hijacking their e-mail A/Cs followed with their PCs as well as eventually their bank A/Cs.

According to Soo C. Song Acting U.S. Attorney, victimized users receive phishing electronic mails depicting an attachment/hyperlink created for appearing as an authentic business invoice. By viewing either, the users' PCs get contaminated with GozNym, which filches their banking login details for the crooks to subsequently utilize them for accessing those users' bank accounts followed with conducting illegal wire transfers.

As accords to Song, Nikolov was picked on September 8 from his Varna, Bulgaria home. He was sent over to USA during Saturday-Sunday to face prosecution. In case proved guilty, his sentence would comprise a maximum of 100-yrs imprisonment along with a $3.5m fine.

» SPAMfighter News - 12/16/2016