Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Bayrob Malware Operators Get Lengthy Prison Sentences

Two Romanian nationals have been sentenced to prison in the United States for their roles in a multi-million dollar online fraud operation.

Two Romanian nationals have been sentenced to prison in the United States for their roles in a multi-million dollar online fraud operation.

The two, Bogdan Nicolescu, 37, and Radu Miclaus, 37, of Bucharest, Romania, will go to prison for developing and operating the Bayrob malware, infecting over 400,000 computers, and stealing credit card and other sensitive information.

The defendants were indicted in December 2016 and were convicted in April 2019. Nicolescu has been sentenced to 20 years in prison, and Miclaus to 18 years.

Nicolescu and Miclaus, along with other co-conspirators, started the criminal enterprise called “Bayrob Group” in 2007. The cybercriminals developed a piece of malware and distributed it via phishing emails claiming to be from entities such as Western Union, Norton AntiVirus, and the IRS.

The malware was designed to steal email addresses from the infected machine, including those stored in contact lists or email accounts, and then send malicious emails to them. Overall, the hackers managed to infect and take control of more than 400,000 computers, primarily in the United States.

The defendants also abused the processing power of the infected computers to mine for cryptocurrency, thus gaining additional financial benefits.

Advertisement. Scroll to continue reading.

The hackers are also said to have registered over 100,000 email accounts to send tens of millions of malicious emails to harvested email addresses. Additionally, they intercepted requests to Facebook, PayPal, eBay and other websites and redirected victims to lookalike domains to steal their credentials.

The cybercriminals “engaged in persistent and sophisticated data mining of the infected computers” and sold the harvested information on underground online marketplaces. The hackers traded users’ financial information, passwords, and access to their devices.

Overall, the Bayrob Group caused losses of at least $4 million, the U.S. Department of Justice says.

“Today’s sentences underscore the critical work being done to investigate and prosecute to the fullest extent those criminals who think that the presumed anonymity of the Internet can hide their pervasive and extensive criminal activities,” said U.S. Attorney Justin Herdman.

“Regardless of whether the criminals are in Romania, or within our District, these sentences send the clear and resounding message that crimes committed using the Internet will not go unpunished,” Herdman concluded.

Related: Bayrob Malware Operators Convicted in the U.S.

Related: Bayrob Malware Operators Indicted in U.S.

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

James Phillips has been promoted to the role of Vice President, Cybersecurity Risk Management at AT&T.

Rafal Los has joined Binary Defense as Chief Strategy Officer.

Tracey Mustacchio has joined Everfox as Chief Marketing Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.