U.S. and European law enforcement officials said on Thursday that they had dismantled a global organized cybercrime network, which used malware to steal banking login details in an attempt to pocket about $100 million from thousands of businesses.
A federal grand jury in Pittsburgh charged 10 members of the network, and other criminal prosecutions have begun in Georgia, Moldova, and the Ukraine, the European Union's (EU's) agency for law enforcement cooperation Europol said in a statement. Five Russian nationals charged in the indictment are on the run, the agency said, including the developer of the malware.
In what Europol called a “highly specialized and international criminal network,” the members—spread across Georgia, Moldova, Bulgaria, Ukraine, and Russia—sent spear-phishing emails to infect computers with malware, dubbed GozNym, designed to capture login details. That allowed the members to steal money from the bank accounts and launder the funds using U.S. and foreign bank accounts.
Recommended For You
The network formed after members each advertised their technical skills and services on underground, Russian-speaking online forums and were then recruited by the group's leader, who controlled more than 41,000 computers infected with the GozNym malware. The accomplices used encryption techniques so the malware could avoid detection by antivirus tools and protective software, Europol said.
Once infected, money was then wired to other accounts or withdrawn from ATMs in order to be distributed to members of the network.
Officials from Bulgaria, Germany, Georgia, Moldova, Ukraine, and the United States shared evidence to track down the alleged criminals and were supported by Europol and Eurojust, the EU's judicial cooperation unit.
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.