U.S., international authorities disrupt cybercrime organization responsible for $100M in damages

May 16, 2019 GMT

A transnational criminal organization that used malware to steal more than $100 million from more than 41,000 victims has been dismantled, U.S. and international law enforcement officials said Thursday.

Police in the United States, Bulgaria, Georgia, Moldova and Ukraine took down the GozNym malware criminal network, Scott Brady, U.S. attorney in Pittsburgh said at a press conference in The Hague, Netherlands.

“It was truly the scope of this organization that made this campaign so dangerous,” Mr. Brady said.

The GozNym gang’s alleged victims included mom-and-pop businesses, law firms, international corporations and nonprofit organizations that benefited disabled children. Victims were both in the United States and Europe.


Mr. Brady said 10 defendants will face criminal charges in Pittsburgh on a range of counts including money laundering. Other defendants will face charges in four other countries. One member who seized bank accounts for the network has been extradited to the U.S. from Bulgaria to face trial.

The leader of the network, along with his technical assistant faces charges in the country of Georgia. Another member will be prosecuted in Moldova.

Five Russians remain on the run from authorities.

Mr. Brady described the operation as “unprecedented” with U.S. Bulgaria, Georgia, Moldova and Ukraine authorities cooperating to bring down the network.

“The only way to truly dismantle and disrupt these transnational networks is to do so in partnership,” he said. “In this case, simultaneous prosecution in four partner nations represents a paradigm change in how we prosecute cybercrime.”

The gang infected computers with malware through spearfishing attacks that captured online banking information, including account numbers.