Name of Malware: Gozi (Gozi ISFB, IAP, Pandemyia, Ursnif)

Type of Malware: Banking trojan, keylogger

Affected Operating Systems: Windows

Affected Device Types: PCs, laptops etc.

Impact: high

What is Gozi?

Gozi has existed in various formats since 2006. The malware hides in the infected system and attempts to steal sensitive data, such as usernames and passwords for bank accounts.

How did I get infected with Gozi?

Gozi is generally sent as an attachment to spam e-mails. When the victim opens the attachment, Gozi is installed.

What do I have to do now?

To eliminate Gozi, we recommend scanning the infected system with an anti-virus program. Further information on removing this malware can be found under Removing infections from PCs, laptops etc.

Technical specifications

Further information on this malware can be found on the website of our project partner Fraunhofer FKIE.