Two Romanian nationals have been sentenced to prison in the United States for their roles in a multi-million dollar online fraud operation.
The two, Bogdan Nicolescu, 37, and Radu Miclaus, 37, of Bucharest, Romania, will go to prison for developing and operating the Bayrob malware, infecting over 400,000 computers, and stealing credit card and other sensitive information.
The defendants were indicted in December 2016 and were convicted in April 2019. Nicolescu has been sentenced to 20 years in prison, and Miclaus to 18 years.
Nicolescu and Miclaus, along with other co-conspirators, started the criminal enterprise called “Bayrob Group” in 2007. The cybercriminals developed a piece of malware and distributed it via phishing emails claiming to be from entities such as Western Union, Norton AntiVirus, and the IRS.
The malware was designed to steal email addresses from the infected machine, including those stored in contact lists or email accounts, and then send malicious emails to them. Overall, the hackers managed to infect and take control of more than 400,000 computers, primarily in the United States.
The defendants also abused the processing power of the infected computers to mine for cryptocurrency, thus gaining additional financial benefits.
The hackers are also said to have registered over 100,000 email accounts to send tens of millions of malicious emails to harvested email addresses. Additionally, they intercepted requests to Facebook, PayPal, eBay and other websites and redirected victims to lookalike domains to steal their credentials.
The cybercriminals “engaged in persistent and sophisticated data mining of the infected computers” and sold the harvested information on underground online marketplaces. The hackers traded users’ financial information, passwords, and access to their devices.
Overall, the Bayrob Group caused losses of at least $4 million, the U.S. Department of Justice says.
“Today’s sentences underscore the critical work being done to investigate and prosecute to the fullest extent those criminals who think that the presumed anonymity of the Internet can hide their pervasive and extensive criminal activities,” said U.S. Attorney Justin Herdman.
“Regardless of whether the criminals are in Romania, or within our District, these sentences send the clear and resounding message that crimes committed using the Internet will not go unpunished,” Herdman concluded.
