Gozi - Security Intelligence

Security professional monitoring organized cybercrime trends.

article

The Business of Organized Cybercrime: Rising Intergang Collaboration in 2018

In 2018, IBM X-Force researchers observed organized cybercrime groups collaborating, rather than competing over turf or even attacking each other, for the first time.

March 20, 2019 | By Limor Kessem

article

Woman checking her email at work: malspam

news

Malspam Campaign Impersonates UK Businesses to Target Victims With Banking Trojan

Security researchers discovered a malspam campaign targeting British computer users with the Ursnif/Gozi/ISFB Trojan.

December 14, 2018 | By Shane Schick

news

article

Q1 2018 Results: Gozi (Ursnif) Takes Larger Piece of the Pie and Distributes IcedID

Gozi took a larger slice of the financial malware pie and become the most active banking Trojan in 2017, according to the IBM X-Force Threat Intelligence Index 2018.

April 18, 2018 | By Michelle Alvarez

article

IBM X-Force Threat Intelligence Index 2018 banner.

article

2018 IBM X-Force Report: Shellshock Fades, Gozi Rises and Insider Threats Soar

The latest IBM X-Force report highlighted threats stemming from misconfigured cloud servers and inadvertent insider negligence and examined malware trends from 2017 that could continue into 2018.

April 4, 2018 | By Michelle Alvarez

article

article

Ursnif Campaign Waves Breaking on Japanese Shores

The Ursnif banking Trojan began targeting financial institutions in Japan during Q3 2017 and continues to operate in the region as we enter Q4.

October 26, 2017 | By Limor Kessem

article

A white knight chess piece in the foreground with black pieces in the background.

article

Neverquest Gang Takes Leave — Is It the End of the Quest?

IBM X-Force researchers recently observed a massive drop in Neverquest malware campaigns. Is it the end of an era for this Trojan?

May 4, 2017 | By Limor Kessem

article

Anatomy of an hVNC Attack

Cybercriminals who rely on remote control tactics to commit financial fraud may use hidden virtual network computing (hVNC) modules to cover their tracks.

January 25, 2017 | By Lior Keshet

article

The volume of GozNym attacks in Europe rose 3,550 percent between July and August 2016. The project's heightened activity and rapid evolution indicates the strong likelihood that it will spread to other countries in the near future.

article

GozNym’s Euro Trip: Launching Redirection Attacks in Germany

GozNym continued its trip around Europe by launching redirection attacks against 13 German banks. The volume of these attacks has spiked in recent months.

August 23, 2016 | By Limor Kessem

article

Security researchers recently went under the hood of the GozNym banking Trojan, which is launching new capabilities and targeting financial institutions around the world. Learning about this malware can help users avoid it and its consequences.

article

Two Heads Are Better Than One: Going Under the Hood to Analyze GozNym

IBM X-Force researchers recognized that the GozNym banking malware leverages features from two types of malware to make it double the threat.

July 12, 2016 | By Lior Keshet

article

Cybercriminals of the past used a spray-and-pray strategy for their malware campagins, spreading millions of phishing emails to random addresses and hoping for the best. Malicious actors today, however, are going with a more targeted approach.

news

Designer Malware Campaigns: The Rise of Couture Cybercrime?

Cybercriminals are adding some designer touches to their malware campaigns to make them more targeted and increase the overall success rate.

May 5, 2016 | By Douglas Bonderud

news

Attackers Compromise Admin Account to Infect Manufacturing Company With BitPaymer Ransomware

Spear Phishing Report Card: Perfect Scores in School Security Pen Testing

Google 2FA Approach Turns Android Smartphones Into Security Keys

April Scams May Ruin Plans: Threat Actors Ramp Up for Tax Scam Season

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

How a Cunning Remote Overlay Malware Met Its Match

The US Is Slow to Adopt EHRs, But That Might Actually Be a Good Thing for Healthcare Security

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

Credential Dumping Campaign Hits Multinational Corporations

Cybercriminals Spoof Major Accounting and Payroll Firms in Tax Season Malware Campaigns

Buffer Overflow Vulnerability in TP-Link Routers Can Allow Remote Attackers to Take Control

Podcast: Muscle Memory and Cyber Fitness Training

Podcast: Zero Trust and the Evolving Role of Identity and Access Management

Podcast: Digital Identity Trust, Part 3 — Powering Digital Growth With Digital Identity Trust

Podcast: Monitoring National Cybersecurity Trends With Former NSA Deputy Director Bill Crowell

Webinar: MacOS Management Made Easy with MaaS360

Webinar: Encryption is the Fastest Way to Protect Data

Webinar: Under the Radar: Live Webinar and Demo

Webinar: Facilitating Secure Hybrid Cloud Adoption with Guardium

Tag: Gozi

The Business of Organized Cybercrime: Rising Intergang Collaboration in 2018

Malspam Campaign Impersonates UK Businesses to Target Victims With Banking Trojan

Q1 2018 Results: Gozi (Ursnif) Takes Larger Piece of the Pie and Distributes IcedID

2018 IBM X-Force Report: Shellshock Fades, Gozi Rises and Insider Threats Soar

Ursnif Campaign Waves Breaking on Japanese Shores

Neverquest Gang Takes Leave — Is It the End of the Quest?

Anatomy of an hVNC Attack

GozNym’s Euro Trip: Launching Redirection Attacks in Germany

Two Heads Are Better Than One: Going Under the Hood to Analyze GozNym

Designer Malware Campaigns: The Rise of Couture Cybercrime?