Researchers Find Hybrid GozNym Malware, 24 Financial Institutions Already Affected

An anonymous reader writes: Researchers are warning about a new hybrid Trojan -- dubbed GozNym-- which is a combination of Nymaim dropper and the Gozi financial malware. IBM researchers say that the malware has been designed to target banks, ecommerce websites, and retail banking, adding that GozNym has already targeted 22 financial institutions in the United States and two in Canada. A ComputerWorld report sheds more light into it, "Nymaim is what researchers call a dropper. Its purpose is to download and run other malware programs on infected computers. It is usually distributed through Web-based exploits launched from compromised websites. Nymaim uses detection evasion techniques such as encryption, anti-VM and anti-debugging routines, and control flow obfuscation. In the past, it has primarily been used to install ransomware on computers. The integration between Nymaim and Gozi became complete in April, when a new version was discovered that combined code from both threats in a single new Trojan -- GozNym."

Once again, no discussion of what is vulnerable

[david.emery]

But the discussion of "DLLs" does provide a hint.

Re:Once again, no discussion of what is vulnerable

[fhage]

IBM® Security Trusteer Pinpoint Malware Detection and IBM® Security Trusteer Rapport® is the technical answer.

My burning question; Does installing a Security Trusteer make my iWatch more valuable?

Combo Plate

[fustakrakich]

By "compromised websites", you must mean ad servers, right? The kind the "industry" insist we not block? Well, to be redundant, the safest browser is probably Lynx.

Re:Combo Plate

[KGIII]

Well, elinks isn't too bad - and you can use your mouse!

Hybrid Trojan infects computers?

[khz6955]

There is only one solution, the Government must ban OS X, Android and Linux from the Internet :)