Romanians Indicted for Cyber Fraud

Tuesday, December 20, 2016 @ 02:12 PM gHale

Three Romanian nationals will face charges for operating a cyber fraud conspiracy in which they infected between 60,000 and 160,000 computers, sent out 11 million malicious emails and stole at least $4 million, according to a 21-count indictment unsealed Friday.

Bogdan Nicolescu, 34, Tiberiu Danet, 31, and Radu Miclaus, 34, ended up extradited to the United States last week after being taken into custody in their native Romania earlier this year.

Another Arrest in Wall St. Hack
Teens Held over DDoS Attacks
UK Teen Pleads Guilty in DDoS Service
PA Man Sentenced for Celeb Photo Hack

They each face charges of 12 counts of wire fraud, as well as one count each of conspiracy to commit wire fraud, conspiracy to traffic in counterfeit service marks, aggravated identity theft, conspiracy to commit money laundering and conspiracy to violate the Computer Fraud and Abuse Act.

Assistant Attorney General Leslie R. Caldwell of the Justice Department’s Criminal Division, U.S. Attorney Carole S. Rendon of the Northern District of Ohio and Special Agent in Charge Stephen D. Anthony of the FBI’s Cleveland Division issued the release.

“This case illustrates the sophistication and determination with which cyber criminals seek to harm Americans and American businesses from abroad,” Caldwell said. “But our response demonstrates that, with effective international cooperation, we can track these criminals down and make sure they face justice, no matter where or how they try to hide.”

“These defendants stole millions of dollars from people in the United States through a sophisticated fraud conspiracy they operated in Eastern Europe,” said U.S. Attorney Rendon. “Cybercrime is an ever-growing threat. We will continue to work with both our partners in law enforcement and in the private sector to evolve with the threat and protect our networks and national security.”

“This indictment and subsequent arrests reveal the dynamic landscape in which international criminals utilize sophisticated cyber methods to take advantage of and defraud unsuspecting victims,” Anthony said. “Despite the complexity and global character of these investigations, these arrests demonstrate the commitment by the FBI and our partners to aggressively pursue these individuals and bring justice to the victims.”

According to the indictment, Nicolescu, Danet and Miclaus collectively operated a criminal conspiracy from Bucharest, Romania, which began at least as early 2007 with the development of proprietary malware used to infect and control more than 60,000 computers, primarily in the United States. The co-conspirators used the computers to harvest personally identifiable information, such as credit card information, user names and passwords; disable malware protection; and solve complex algorithms to accrue valuable cryptocurrency for the financial benefit of the group, a process known as cryptocurrency mining, officials said.

To spread their malware, the defendants activated files that forced infected computers to register over 100,000 email accounts with public email providers, according to the indictment.

The co-conspirators sent more than 11 million emails containing the malware from these accounts to email contacts copied from victim computers. When victims with infected computers visited websites such as Facebook, PayPal or eBay, the co-conspirators would redirect the computers to a nearly identical website they had created to steal account credentials. The defendants then used stolen credit card information to fund their criminal infrastructure while concealing their identities.

In addition, the indictment said the defendants placed more than 1,000 fraudulent listings for automobiles, motorcycles and other high-priced goods on eBay and similar auction websites. Photos of the items ended up infected with malware, which, when clicked, redirected victims to fictitious webpages designed by the co-conspirators to resemble legitimate eBay pages, officials said. The fictitious webpages prompted users to pay for their goods through a nonexistent “eBay Escrow Agent,” and payments would then be funneled back to the co-conspirators. This scheme resulted in at least $4 million – though the actual total may be tens of millions more – in losses to victims, which the defendants laundered through wire transfers under the names of fictitious companies and then collected and delivered to the co-conspirators by “money mules.”

An indictment is merely an allegation and the defendants are presumed innocent unless and until proven guilty beyond a reasonable doubt in a court of law.

The FBI investigated the case with assistance from the Romanian National Police.  Senior Counsel Brian Levine of the Criminal Division’s Computer Crime and Intellectual Property Section and Assistant U.S. Attorneys Duncan T. Brown and Om Kakani of the Northern District of Ohio are prosecuting the case.  The Criminal Division’s Office of International Affairs provided substantial assistance in this matter.

Leave a Reply

You must be logged in to post a comment.