Romanian hackers convicted of cyber crimes, 400,000 affected

The pair of cyber criminals conducted a sophisticated campaign dating back to 2007

Picture depicting romania being involved in a cyber crime

A US federal court has convicted two Romanian hackers after they targeted more than 400,000 American citizens, infecting them with 'Bayrob' malware and using their systems for crypto mining.

Bogdan Nicolescu, 36, and Radu Miclaus, 37, had been running the operation since 2007 and began by distributing malware through emails purporting to be from legitimate sources such as Western Union or the IRS, which then syphoned other email addresses on the infected system and sent the same malware to them, too.

Once infected, the victims' anti-malware software was disabled and then their own emails were used to register for AOL email accounts, more than 100,000 were created in total, which were then used to send more malicious emails to the victim's original contact list leading to tens of millions of malicious email distributions.

At the height of the sophisticated operation, the pair controlled more than 400,000 systems - mainly in the US - harvesting credit card information, usernames and passwords to sell on darknet marketplaces. They did this by intercepting traffic to popular websites such as Facebook and PayPal and redirecting them to a phishing clone of the site where their login details were stolen.

Advertisement
Advertisement - Article continues below

Gaining control to a network of infected systems allowed the hackers to harness the processing power of said systems for crypto mining, further filling the criminals' virtual swag bag.

If the aforementioned offences weren't enough, we can add wire fraud to that list of 21 felony charges too. The pair injected fake listings into eBay accounts for items such as motorbikes and other high-priced goods but did so using malware-infected images which then redirected buyers to phishing payment pages which used an 'eBay escrow agent' - an individual hired by the cyber criminals - to get the money and run. This technique "resulted in a loss of millions of dollars," according to the court's report.

"The Bayrob group laundered this money by hiring 'money transfer agents' and created fictitious companies with fraudulent websites designed to give the impression they were actual businesses engaged in legitimate financial transactions," the report added. "Money stolen from victims was wired to these fraudulent companies and then in turn wired to Western Union or Money Gram offices in Romania. European 'money mules' used fake identity documents to collect the money and deliver it to the defendants".

The pair won't be sentenced until 14 August 2019 but with a rap sheet as large as this, it's likely that any punishment will be severe.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/malware/33080/hackers-abuse-linkedin-dms-to-plant-malware
malware

Hackers abuse LinkedIn DMs to plant malware

25 Feb 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019
Visit/antivirus/28144/best-antivirus
antivirus

Best antivirus for Windows 10

3 Sep 2019
Visit/security/malware/28083/the-five-best-free-malware-removal-tools
Security

Best free malware removal tools 2019

8 Mar 2019

Most Popular

Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019
Visit/business/business-strategy/354195/where-modernisation-and-sustainability-meet-a-tale-of-two
Sponsored

Where modernisation and sustainability meet: A tale of two benefits

25 Nov 2019