GozNym malware is proficient in German, new malicious campaign proves
A new GozNym campaign is targeting German banking customers, likely causing feelings ranging from weltschmerz to fuchsteufelswild.
Thirteen German financial institutions and their subsidiaries are probably feeling weltschmerz (look it up) after their customers became targets of the latest campaign from hybrid downloader and banking malware GozNym.
According to an IBM X-Force blog post, GozNym was found launching redirection attacks against infected German banking customers, tricking them into giving away their credentials by sending them to malicious websites that impersonate legitimate banking sites. The X-Force team noted that the redirection schemes "come in addition to web injection-based attacks for all the targeted brands."
Following redirect campaigns against Poland and U.S., the blog continued, GozNym's operators "already have three distinct geographies under attack – in three different languages and in countries that have different banking systems."
IBM X-Force has also reported that GozNym activity so far in August has been 3,550 percent greater than last month, and 526 percent greater than the total number of attacks from GozNym's April debut through July.