An international cybercrime network which used malware to steal an estimated $100 million (€89.3 million) from thousands of victims has been dismantled, Europol announced on Thursday.
The criminal network used GozNym malware to target businesses and financial institutions and capture online banking login credentials.
They then stole money from more than 41,000 victims' bank accounts and laundered the cash using US and foreign beneficiary bank accounts.
Ten members of the network have been charged with conspiracy to steal credentials to fraudulently access bank accounts by a federal grand jury in Pittsburg, US. Five of them — Russian nationals — remain on the run including the developer of the malware.
The defendants were allegedly recruited after advertising their specialised technical skills and services on underground Russian-speaking online criminal forums.
The operation against the network was launched in November 2016 by a German-led investigation to dismantle its servers and infrastructure. Since then, searches were also conducted in Bulgaria, Georgia, Moldova and Ukraine.
The leader of the network and his technical assistant are being prosecuted in Georgia while the administrator of the "Avalanche" network — which provided services to more than 200 cybercriminals and hosted more than 20 different malware campaigns, including GozNym — is facing prosecution in Ukraine.
Another member of the network who encrypted the malware to enable it to avoid detection by anti*-virus tools and protective software of victims' computers is being prosecuted in Moldova.
In a statement, Europol said that "the GozNym network exemplified the concept of “cybercrime as a service,” with different criminal services such as bulletproof hosters, money mules networks, crypters, spammers, coders, organizers, and technical support".