GozNym – new malware in the banking world
On April 14th the existence of a new malware in the banking world, was reported, the malware is named GozNym. This resulted in theft of 4 million USD within a few days of 24 banks in the US and Canada whose names have not been published yet.
This new malware is named after two previous malwares from which it is compiled, ISFB Gozi and Nymaim; From malware Nymain the secret stealth capabilities were taken, while from malware ISFB Gozi (which there are claims that its code has been published in 2010) were obtained fraud capabilities for infected browsers. When the two sets of malware codes work together they execute the inner performance of the united malware.
Malware investigation shows that it is directed towards 22 US banks and two other financial institutions in Canada, as follows;
The assumption is that the team that developed the Nymaim managed to get the source code of Gozi ISFB and integrated it successfully into a trojan horse for fraud against financial institutions, probably in November 2015. Until then Nymaim served only as ransom malware, which was developed continuously and gradually becoming available worldwide. However it is argued that the first appearance of this integrated malware was at the beginning of April 2016.
