Nowadays, international cybercrime gangs model their operations after legitimate business organizations. Security analysts even claim they are giving their newer members training, utilizing collaboration methods, and exercising service agreements with the ‘specialists’ they hire.
Who Are the 5 Most Notorious Organized Cybercrime Gangs?
Cobalt Cybercrime Gang
This Cobalt gang is behind the Carbanak and Cobalt malware attacks that have targeted more than 100 financial institutions in at least 40 countries worldwide. Their hacking campaigns against several banks allowed these hackers to steal more than $11 million per hit and cost the financial industry over a billion dollars in total losses.
Lazarus Gang
Lazarus, which is believed to be from North Korea, was behind many attacks, including the Sony Pictures breach in 2014 and the attack against England’s National Health Service through the WannaCry ransomware attack.
MageCart Syndicate
This big e-commerce hacking syndicate, composed of different groups under one umbrella, has become notorious for stealing credit card data. They have developed a software skimming technique that hijacks payment systems on e-commerce sites and records credit card details.
Evil Corp
This international cybercrime gang, thought to be based in Russia, uses various malware types to attack different kinds of organizations in Europe and the US while managing to evade arrest for years. Evil Corp is notorious for the insidious Dridex banking Trojan that allowed the cybercrime group to harvest login information from hundreds of banks in 40 different countries. At the height of the Dridex heist, Evil Corp managed to steal an estimated $100 million.
GozNym Gang
This international hacking outfit is behind GozNym malware, a powerful Trojan hybrid that was created to avoid detection by anti-malware solutions. GozNym is a hybrid of the Nymaim and Gozi malware that sneaks into the victim’s computer through malicious email attachments or links. At that point, the malware stays virtually undiscoverable, waiting for the user to log in to a bank account and pounce on account details.
