Security Experts:

Connect with us

Hi, what are you looking for?



Bayrob Malware Operators Get Lengthy Prison Sentences

Two Romanian nationals have been sentenced to prison in the United States for their roles in a multi-million dollar online fraud operation.

Two Romanian nationals have been sentenced to prison in the United States for their roles in a multi-million dollar online fraud operation.

The two, Bogdan Nicolescu, 37, and Radu Miclaus, 37, of Bucharest, Romania, will go to prison for developing and operating the Bayrob malware, infecting over 400,000 computers, and stealing credit card and other sensitive information.

The defendants were indicted in December 2016 and were convicted in April 2019. Nicolescu has been sentenced to 20 years in prison, and Miclaus to 18 years.

Nicolescu and Miclaus, along with other co-conspirators, started the criminal enterprise called “Bayrob Group” in 2007. The cybercriminals developed a piece of malware and distributed it via phishing emails claiming to be from entities such as Western Union, Norton AntiVirus, and the IRS.

The malware was designed to steal email addresses from the infected machine, including those stored in contact lists or email accounts, and then send malicious emails to them. Overall, the hackers managed to infect and take control of more than 400,000 computers, primarily in the United States.

The defendants also abused the processing power of the infected computers to mine for cryptocurrency, thus gaining additional financial benefits.

The hackers are also said to have registered over 100,000 email accounts to send tens of millions of malicious emails to harvested email addresses. Additionally, they intercepted requests to Facebook, PayPal, eBay and other websites and redirected victims to lookalike domains to steal their credentials.

The cybercriminals “engaged in persistent and sophisticated data mining of the infected computers” and sold the harvested information on underground online marketplaces. The hackers traded users’ financial information, passwords, and access to their devices.

Overall, the Bayrob Group caused losses of at least $4 million, the U.S. Department of Justice says.

“Today’s sentences underscore the critical work being done to investigate and prosecute to the fullest extent those criminals who think that the presumed anonymity of the Internet can hide their pervasive and extensive criminal activities,” said U.S. Attorney Justin Herdman.

“Regardless of whether the criminals are in Romania, or within our District, these sentences send the clear and resounding message that crimes committed using the Internet will not go unpunished,” Herdman concluded.

Related: Bayrob Malware Operators Convicted in the U.S.

Related: Bayrob Malware Operators Indicted in U.S.

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack


Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.


The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.