The E-banking Trojan Gozi hits the 20min news portal!

The largest news portal in Switzerland has involuntarily spread a dangerous E-banking Trojan. A warning message appeared on the “20 min” ( website on Thursday, announcing that the news portal has been attacked by the dangerous Trojan named “Gozi”. As an unfortunate result the largest news portal of Switzerland has infected the computers of unsuspecting visitors with the malicious software. Many large enterprises visiting blamed the Tamedia employees for the late alert about the threat.


How dangerous is this E-banking Trojan Gozi?

Among the malicious programs “Gozi” is known as a Trojan e-banking threat. This Trojan attempts to access the bank accounts of the affected users. “Gozi” is already active, and there were already financial damages registered. This was announced by Pascal Lamia, the Head of the Reporting and Analysis Centre for Information Assurance – MELANI.

After the most recent attack of the Gozi virus against the “20 Min” news portal no bank accounts irregularities have been found yet. The number of the infected computers is still not known. However, it could take two to three months until “Gozi” tries to withdraw money and cause real financial harm to the unsuspecting victims.

Tamedia spokesman Christoph Zimmer has officially stated that there are no documented cases of the virus actually affecting any user. “We regret if users were exposed to malware risk by visiting our desktop portal”, he said. “The company holds back from further comments and speculations without further researching the matter” is another of his statements.
The Gozi Trojan has kept the IT world on its toes for many years. The malicious software that infects computers secretly and spies bank customers’ data first appeared in 2007. In 2010, a Russian hacker group used the Trojan in an attempt to gain access to different accounts in Swiss banks. In 2013, the Gozi Trojan appeared on US “soil: for the first time and the threat became even more serious.

Who has been infected?

Everyone who has visited the website of “20 Min” may have been potentially infected. It is extremely difficult to determine whether a computer is infected by a Trojan right away. This type of malware is known to be perfectly “happy” to stay dormant and wait for the perfect opportunity to activate itself. Some symptoms may include a very slow connection, a blue screen or a repeated request to enter your password. However, as others of its kind the Gozi Trojan may remain idle for a while and activate when it is the least expected.

The good news is that according to Tamedia spokesman Christoph Zimmer, only users, who have accessed the website from desktop computers and laptops are vulnerable to the attack. Those, who have used the mobile app, roughly about 80 % of the people, are not in danger. Until now, there is no indication that other news portals of the media have been affected by the Gozi Trojan attack.

According to Tamedia spokesman attackers succeed every few months to break through the security systems. So one must wonder – How many “successful” attacks have there been in the past six months for example? Tamedia spokesman Christoph Zimmer said that the Cyber attacks are constantly changing and increasing in number, but nothing comparable to the one on 07.04.2016. Apparently, the IT specialists of the company are working together with experts from abroad and continuing to analyze the attack in order to improve and better their security measures.

What should users do if they suspect they got infected?

MELANI’s head Pascal Lamia advises that people who suspect they might have been infected should immediately call the hotline of their bank in relation to this matter. Our “How to remove” team may also advice you on some basic tips on how you should protect your computer from virus attacks. To keep safe from Gozi and other nasty Trojans, it is a good idea to regularly update your system as well as all applications and extensions you currently use, especially browser plug-ins, which are most vulnerable. It is important to stay informed about hazards and use a reputable anti-spyware software. This applies in particular to the Windows OS computers, but also, Macs aren’t immuned to malware threats. Keeping a backup of all important personal data may also save you from a headache, especially when it comes to malware such as ransomware, which is commonly spread through Trojans.

Will the Gozi Trojan attack again?

Yes. Because there is no 100 % proofed security in the digital world. That’s why our team is dedicated to fighting against all malware threats and will keep giving you free and useful tips and guides on how to remove any suspicious software which may compromise your security. Stay safe and share with others. Let’s be smarter than the hackers and protect ourselves and our friends!


About the author

Lidia Howler

Lidia is a web content creator with years of experience in the cyber-security sector. She helps readers with articles on malware removal and online security. Her strive for simplicity and well-researched information provides users with easy-to-follow It-related tips and step-by-step tutorials.

Leave a Comment