Application Security August 17, 2023

Gozi strikes again, targeting banks, cryptocurrency and more

3 min read - In the world of cybercrime, malware plays a prominent role. One such malware, Gozi, emerged in 2006 as Gozi CRM, also known as CRM or Papras. Initially offered as a crime-as-a-service (CaaS) platform called 76Service, Gozi quickly gained notoriety for…

Malware February 18, 2020

Banking Trojans and Ransomware — A Treacherous Matrimony Bound to Get Worse

6 min read - To combat the threat of banking Trojans and ransomware, organizations should stay up to date with the rapidly evolving threat landscape by utilizing the latest threat intelligence.

Advanced Threats May 16, 2019

GozNym Closure Comes in the Shape of a Europol and DOJ Arrest Operation

4 min read - In an operation crowned "unprecedented," Europol and the DOJ joined forces and successfully dismantled what was left of the GozNym cybercrime gang that attempted to steal well over $100 million.

Malware March 20, 2019

The Business of Organized Cybercrime: Rising Intergang Collaboration in 2018

9 min read - In 2018, IBM X-Force researchers observed organized cybercrime groups collaborating, rather than competing over turf or even attacking each other, for the first time.

December 14, 2018

Malspam Campaign Impersonates UK Businesses to Target Victims With Banking Trojan

2 min read - Security researchers discovered a malspam campaign targeting British computer users with the Ursnif/Gozi/ISFB Trojan.

Banking & Finance April 18, 2018

Q1 2018 Results: Gozi (Ursnif) Takes Larger Piece of the Pie and Distributes IcedID

3 min read - Gozi took a larger slice of the financial malware pie and become the most active banking Trojan in 2017, according to the IBM X-Force Threat Intelligence Index 2018.

Threat Intelligence April 4, 2018

2018 IBM X-Force Report: Shellshock Fades, Gozi Rises and Insider Threats Soar

2 min read - The latest IBM X-Force report highlighted threats stemming from misconfigured cloud servers and inadvertent insider negligence and examined malware trends from 2017 that could continue into 2018.

Malware October 26, 2017

Ursnif Campaign Waves Breaking on Japanese Shores

5 min read - The Ursnif banking Trojan began targeting financial institutions in Japan during Q3 2017 and continues to operate in the region as we enter Q4.

Malware May 4, 2017

Neverquest Gang Takes Leave — Is It the End of the Quest?

5 min read - IBM X-Force researchers recently observed a massive drop in Neverquest malware campaigns. Is it the end of an era for this Trojan?

Advanced Threats January 25, 2017

Anatomy of an hVNC Attack

6 min read - Cybercriminals who rely on remote control tactics to commit financial fraud may use hidden virtual network computing (hVNC) modules to cover their tracks.