The US, five other countries and Europol have dismantled an elaborate cybercrime ring that relied on one piece of malware to pull off heists. Officials have charged 10 people across five countries with using GozNym malware to grab banking login credentials in a bid to steal about $100 million from over 41,000 target computers, most of them linked to US businesses and their associated banks. It’s not certain how much money the team obtained.
Five of the accused have been arrested and come from the countries of Georgia, Moldova and the Ukraine. They oversaw a range of tasks including account takeovers, operating services (such as the GozNym network itself) and providing access to bank accounts. The other five hail from Russia and remain fugitives due to the lack of extradition treaties.
The charges primarily revolve around bank, computer and wire frauds as well as money laundering. The group’s downfall began in December 2016, when account takeover specialist Krasimir Nikolog was extradited to the US. He pleaded guilty to his involvement with GozNym on April 10th of this year.
The bust stands out not just for the scale of the crimes, but for the level of cooperation. It required an “unprecedented” level of cooperation between countries and organizations to take down the criminal network, even if half of the accused remain at large. That’s good news for future crackdowns, although it also illustrates the difficulty of fighting online crime. Perpetrators can be spread around the world, and they won’t always be within reach of law enforcement.