Inactive ransomware operator
← All groupsgoznym
1 victims indexed · first seen 12 years ago · last activity 12 years ago
At a glance
- Status
- inactive
- First seen
- 12 years ago
- Last activity
- 12 years ago
- Primary sector
- Government Facilities · 1 hits
About
References
4 linksExternal sources curated by the MISP threat-intel community.
- securityintelligence.com/meet-goznym-the-banking-malware-offspring-of-gozi-isfb-and-nymaim/
- threatpost.com/attackers-behind-goznym-trojan-set-sights-on-europe/117647/
- threatpost.com/goznym-banking-trojan-targeting-german-banks/120075/
- europol.europa.eu/newsroom/news/goznym-malware-cybercriminal-network-dismantled-in-international-operation
Timeline
1 monthsTop countries
Top sectors
MITRE ATT&CK
3 techniques · 3 tacticsTactics
Recent victims
Loading…
Source
Updated 12 years agoData on this page is sourced from the group's own leak posts, cross-checked with public ransomware trackers (RansomLook, ransomware.live, RansomWatch), MITRE ATT&CK, and our own Tor and Telegram crawlers. This is a public observatory page — share freely.
Get alerted the next time goznym posts a victim.
Add goznym to your watchlist — Pro pings you within 5 minutes of any new goznym leak-site post, Telegram callout, or affiliate-rebrand inference.

