Police smash ‘GozNym’ cybercrime network that stole US$100m

Suspects of cybercrime are seen on the screen at the news conference to announce a major law enforcement action against a transnational organised cybercrime at the Europol’s headquarters in The Hague, Netherlands, May 16, 2019. — Reuters pic
Suspects of cybercrime are seen on the screen at the news conference to announce a major law enforcement action against a transnational organised cybercrime at the Europol’s headquarters in The Hague, Netherlands, May 16, 2019. — Reuters pic

THE HAGUE, May 16 — Police in six countries have dismantled a complex cybercrime network that operated from Eastern Europe and fleeced victims — including small businesses and charities — of some US$100 million (RM416.3 million), Europe’s police agency said on today.

The GozNym network, led by a man from Tbilisi, Georgia, used phishing emails to infect the computers of more than 41,000 victims with malware. Specialised members of the group in Bulgaria and Ukraine then seized control of victims’ online bank accounts and transferred their funds to laundering accounts.

Ten of the network’s members have been charged with conspiracy to steal online banking credentials and deposits under a US grand jury indictment.

“The victims included mom and pop busineses..., law firms, international corporations,...non-profit organisations that worked with disabled children,” US Attorney Scott Brady told a news conference in The Hague.

Brady said the collaboration between American, Georgian, Ukrainian, German, Bulgarian and Moldovan law enforcement that was required to dismantle the crime group would prove a “blueprint” for future operations.

GozNym featured the Georgian ringleader, a Russian software developer, encryption experts in Moldova and Kazakhstan, “account takeover specialists” in Bulgaria and Ukraine, as well as assorted spammers, money launderers and “mules” (money carriers).

The defendants allegedly advertised their specialised technical skills and services on underground, Russian-speaking online forums.

The operation against the group began in 2016 with a German-led action in Ukraine that shut down the network’s servers.

Its alleged leader is being prosecuted in Georgia. Other prosecutions are underway in Moldova, Ukraine and the US.

Five Russians charged in the US indictment, including the man accused of having developed the malware, remain at large, according to Europol. — Reuters