ORX News digest of the month – May 2019

  • 6 June 2019

Every month the ORX News team publishes a featured digest from the ORX News Service. It's a detailed look at one of the losses reported in the media that month, and is handpicked by the team as one of the most interesting stories.

BoA suffers losses of USD 375,000 following cyberattack using GozNym malware

Bank of America lost $375,000 after a transnational cybercrime network used GozNym malware to capture customers’ online banking information by keystroke logging and fake online banking pages. The malware was transmitted through malicious links in phishing emails.

In one instance, the network sent a phishing email to a BoA employee inviting them to click a link to view an invoice. Clicking the link installed GozNym malware, subsequently allowing the criminals to access the employee’s bank account and transfer $76,178. On two other occasions, the network accessed the accounts of BoA business customers, transferring $98,900 and $199,777 respectively.

The network also targeted Brookline Bank, from which it fraudulently transferred $41,000, and Comerica Bank, from which it transferred $28,000. Additionally, it gained access to accounts held at Wells Fargo.

On 16 May, the US Department of Justice announced that the group had attempted to steal $100 million from victims around the world, including attempts to fraudulently transfer $3.2 million in 38 transactions from online bank accounts. The network was formed after its members had advertised their specialised technical skills and services on underground, Russian-language online criminal forums.

ORX News subscribers can read the full story on the ORX News website.

Download May's featured digest

ORX News

Find out more about the ORX News service. 

ORX News