Goznym

Malware updated 7 days ago (2024-11-29T14:30:13.315Z)
Download STIX
Preview STIX
Goznym is a malicious software, or malware, that gained significant attention in February 2016 after incorporating leaked ISFB code. This potent combination led to its resurgence in the cybercrime market, where it was employed by threat actors to exploit and damage computer systems. The malware could infiltrate systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, Goznym was capable of stealing personal information, disrupting operations, and even holding data for ransom. The GozNym network, consisting of members from Russia, Georgia, Ukraine, Moldova, and Bulgaria, used this malware to conduct highly profitable cybercriminal activities. In fact, they managed to steal over $100 million, making GozNym a frighteningly lucrative tool in the realm of cybercrime. The malware was particularly notorious for launching redirection attacks, similar to those employed by Dridex, another infamous malware. These attacks redirected users to fraudulent websites, furthering the malware's ability to steal sensitive information. Despite efforts to mitigate the impact of GozNym, various forks based on the ISFB code, including GozNym and Dreambot, are still prevalent today. These versions continue to pose a substantial threat to cybersecurity, demonstrating the enduring influence of the original GozNym malware. Therefore, continuous vigilance and robust security measures remain essential to protect against these persistent threats.
Description last updated: 2023-10-10T23:04:28.233Z
What's your take? (Question 1 of 0)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
Isfb is a possible alias for Goznym. ISFB, also known as Gozi or Ursnif, is a form of malware that has been a significant part of the cyberthreat landscape for several years. This malicious software is designed to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites without the user'
2
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Goznym Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more