IBM is warning banks of the emergence of a new malware mutant that stole $4 million from more than 24 American and Canadian banks within days of its release into the wild.
The hybrid combines components of ransomware dropper Nymaim and the Gozi ISFB banking Trojan to create what IBM has termed a 'double-headed beast'.
"The new GozNym hybrid takes the best of both the Nymaim and Gozi ISFB malware to create a powerful Trojan," say IBM X-Force researchers. "From the Nymaim malware, it leverages the dropper’s stealth and persistence; the Gozi ISFB parts add the banking Trojan’s capabilities to facilitate fraud via infected Internet browsers. The end result is a new banking Trojan in the wild."
In terms of its current targets, X-Force notes that the GozNym hybrid’s configuration is presently focused on the US, targeting 22 banks, credit unions and popular e-commerce platforms. Two financial institutions based in Canada are also on the list, with business bank accounts the primary target.