CONFERENCE Cyber AI & Automation Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Bayrob Malware Operators Get Lengthy Prison Sentences

Two Romanian nationals have been sentenced to prison in the United States for their roles in a multi-million dollar online fraud operation.

Two Romanian nationals have been sentenced to prison in the United States for their roles in a multi-million dollar online fraud operation.

The two, Bogdan Nicolescu, 37, and Radu Miclaus, 37, of Bucharest, Romania, will go to prison for developing and operating the Bayrob malware, infecting over 400,000 computers, and stealing credit card and other sensitive information.

The defendants were indicted in December 2016 and were convicted in April 2019. Nicolescu has been sentenced to 20 years in prison, and Miclaus to 18 years.

Nicolescu and Miclaus, along with other co-conspirators, started the criminal enterprise called “Bayrob Group” in 2007. The cybercriminals developed a piece of malware and distributed it via phishing emails claiming to be from entities such as Western Union, Norton AntiVirus, and the IRS.

The malware was designed to steal email addresses from the infected machine, including those stored in contact lists or email accounts, and then send malicious emails to them. Overall, the hackers managed to infect and take control of more than 400,000 computers, primarily in the United States.

The defendants also abused the processing power of the infected computers to mine for cryptocurrency, thus gaining additional financial benefits.

The hackers are also said to have registered over 100,000 email accounts to send tens of millions of malicious emails to harvested email addresses. Additionally, they intercepted requests to Facebook, PayPal, eBay and other websites and redirected victims to lookalike domains to steal their credentials.

The cybercriminals “engaged in persistent and sophisticated data mining of the infected computers” and sold the harvested information on underground online marketplaces. The hackers traded users’ financial information, passwords, and access to their devices.

Advertisement. Scroll to continue reading.

Overall, the Bayrob Group caused losses of at least $4 million, the U.S. Department of Justice says.

“Today’s sentences underscore the critical work being done to investigate and prosecute to the fullest extent those criminals who think that the presumed anonymity of the Internet can hide their pervasive and extensive criminal activities,” said U.S. Attorney Justin Herdman.

“Regardless of whether the criminals are in Romania, or within our District, these sentences send the clear and resounding message that crimes committed using the Internet will not go unpunished,” Herdman concluded.

Related: Bayrob Malware Operators Convicted in the U.S.

Related: Bayrob Malware Operators Indicted in U.S.

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.