Romanian hackers convicted of cyber crimes, 400,000 affected

The pair of cyber criminals conducted a sophisticated campaign dating back to 2007

Picture depicting romania being involved in a cyber crime

A US federal court has convicted two Romanian hackers after they targeted more than 400,000 American citizens, infecting them with 'Bayrob' malware and using their systems for crypto mining.

Bogdan Nicolescu, 36, and Radu Miclaus, 37, had been running the operation since 2007 and began by distributing malware through emails purporting to be from legitimate sources such as Western Union or the IRS, which then syphoned other email addresses on the infected system and sent the same malware to them, too.

Once infected, the victims' anti-malware software was disabled and then their own emails were used to register for AOL email accounts, more than 100,000 were created in total, which were then used to send more malicious emails to the victim's original contact list leading to tens of millions of malicious email distributions.

At the height of the sophisticated operation, the pair controlled more than 400,000 systems - mainly in the US - harvesting credit card information, usernames and passwords to sell on darknet marketplaces. They did this by intercepting traffic to popular websites such as Facebook and PayPal and redirecting them to a phishing clone of the site where their login details were stolen.

Gaining control to a network of infected systems allowed the hackers to harness the processing power of said systems for crypto mining, further filling the criminals' virtual swag bag.

If the aforementioned offences weren't enough, we can add wire fraud to that list of 21 felony charges too. The pair injected fake listings into eBay accounts for items such as motorbikes and other high-priced goods but did so using malware-infected images which then redirected buyers to phishing payment pages which used an 'eBay escrow agent' - an individual hired by the cyber criminals - to get the money and run. This technique "resulted in a loss of millions of dollars," according to the court's report.

"The Bayrob group laundered this money by hiring 'money transfer agents' and created fictitious companies with fraudulent websites designed to give the impression they were actual businesses engaged in legitimate financial transactions," the report added. "Money stolen from victims was wired to these fraudulent companies and then in turn wired to Western Union or Money Gram offices in Romania. European 'money mules' used fake identity documents to collect the money and deliver it to the defendants".

The pair won't be sentenced until 14 August 2019 but with a rap sheet as large as this, it's likely that any punishment will be severe.

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Recommended

HackBoss malware is using Telegram to steal cryptocurrency from other hackers
cryptocurrencies

HackBoss malware is using Telegram to steal cryptocurrency from other hackers

16 Apr 2021
Mastering endpoint security implementation
Security

Mastering endpoint security implementation

16 Apr 2021
US, UK say Russia was behind SolarWinds hack
cyber attacks

US, UK say Russia was behind SolarWinds hack

16 Apr 2021

Most Popular

University of Hertfordshire's entire IT system offline after cyber attack
cyber attacks

University of Hertfordshire's entire IT system offline after cyber attack

15 Apr 2021
Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021