Europol Arrested GozNym Malware Actors in Simultaneous International Operation

By Bill Toulas / May 16, 2019

In what Europol characterizes as “an unprecedented, international law enforcement operation”, they have managed to dismantle a complex network of cybercrime actors, arresting ten as its members and accusing them of conspirating to commit the following three things:

The actors have an already rich history of extensive action against thousands of victims. More specifically, it is estimated that they have targeted more than 41000, including individuals, organizations, businesses, and financial institutions. Through this targeting, the group tried to steal approximately $100 million, some of which they managed to pocket.

GozNym operation

image source:

The report places the leader in Tbilisi, Georgia, who bought the malware from a developer in Russia. Then the leader recruited accomplices by searching in darknet forums who helped launch the attacks. Those who covered the group’s tracks were in Kazakhstan and Moldova, doing “crypting” work for the malware that was used. Finally, spammers in Russia were responsible for propagating the infection by sending hundreds of thousands of phishing email messages to the potential victims. The group operated like a well-oiled machine, but unfortunately for them, they were racing against the devotion and perspicacity of Europol’s agents.

The international operation that was led by Europol and engaged local police forces in various countries took place in Moldova, Ukraine, Bulgaria, Georgia, and the United States. As Europol points out, this is the result of a long-term collaborative effort with the European Union’s Judicial Cooperation Unit, as well as the law enforcement in the involved countries. Of course, specific banking information was also used by Europol for the tracking of the actors.

What do you consider a fair punishment for the GozNym group? Let us know in the comments section below, and also join the discussion on our socials, on Facebook and Twitter.

For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: