Six countries, including the U.S., shut down a cybercrime network that stole around $100 million from victims.
According to a report in Reuters, the Eastern European GozNym network, whose leader resides in Tbilisi, Georgia, sent phishing emails to install malware on more than 41,000 computers. Members of the group located in Bulgaria and Ukraine then took control of victims’ online bank accounts and stole money out of their accounts. Reuters reported that 10 of the network’s members have been charged with conspiracy to steal online banking credentials.
“The victims included mom-and-pop businesses … law firms, international corporations … nonprofit organizations that worked with disabled children,” U.S. Attorney Scott Brady said at a news conference in The Hague. He added that the collaboration between the countries – which included America, Georgia, Ukraine, Germany, Bulgaria and Moldova – is a blueprint for future takedowns of cybercrime networks.
In addition to its Georgia-based leader, the GozNym network is made up of a Russian software developer, Moldovan and Kazakhstan encryption experts and account takeover experts in Bulgaria and Ukraine. The scam started in 2016 with an attack in Ukraine. The ringleader is reportedly being prosecuted, while other prosecutions are in process in the U.S., Moldova and Ukraine. Five Russians charged by the U.S. have not yet been apprehended, reported Reuters, citing Europol.
Cybercriminal groups aren't only using phishing emails to trick users. In April, Cisco Systems’ Talos security unit warned that dozens of cybercriminal groups have found a home on Facebook, using the platform’s online marketplace to sell illegal services such as stolen credit card information and spamming tools. Through its research, Talos discovered 74 groups that had about 385,000 members. Facebook confirmed that the groups, some of which had been on the social media site for as long as eight years, have been removed.