On Thursday, April 11, a federal jury in Ohio convicted two cybercriminals from Bucharest, Romania on 21 counts in relation to an elaborate malware scheme.
According to an announcement from the US Department of Justice, the malware was used to steal personal information, including credit card information, which was then sold on the darknet, used to mine cryptocurrency and to engage in online auction fraud.
Two Romanian Cybercriminals Convicted of All 21 Counts Relating to Infecting Over 400,000 Victim Computers with Malware and Stealing Millions of Dollars https://t.co/sH1wI6uLjq
— Justice Department (@TheJusticeDept) April 11, 2019
The three men involved in the trial – Bogdan Nicolescu, 36, and Radu Miclaus, 37, and a third co-conspirator who pled guilty – have reportedly been involved in the conspiracy since 2007, when the group developed its first piece of malware.
CEO Spotlight: Alon Rajic on the Future of UK/EU Trade and EconomicsGo to article >>
Millions of Dollars Were Stolen Through a Plethora of Scams
The malware sent emails to victims “purporting to be legitimate from such entities as Western Union, Norton AntiVirus and the IRS”; when the links in the emails were clicked, the malware would be installed on the users’ computers.
The announcement of the conviction also said that the team, known as the Bayrob Group, was able to “inject fake pages into legitimate websites” such as eBay that would mislead unsuspecting users: “they placed more than 1,000 fraudulent listings for automobiles, motorcycles and other high-priced goods on eBay and similar auction sites.”
The money that was stolen by the group was then laundered by “money transfer agents” who routed the cash first through shell companies and then to Western Union or Money Gram offices in Romania. “Money mules” then collected the cash and then delivered it to the defendants.
A report from Cleveland.com said that it only took “two mistakes” for law enforcement to identify members of the group. At the time of their conviction, millions of dollars had been stolen.
Cybercrime is “Easy”
In June of last year, Carbon Black Security strategist Rick McElroy told CNBC that $1.1 billion had been stolen by cybersecurity thieves in the first six months of 2018 – and that it was “easy.”
He also said that many cybercriminals are not evil, but that they are simply people who may need money for basic necessities. “You have nations that are teaching coding, but there’s no jobs,” McElroy said. “It could just be two people in Romania needing to pay rent.”
However, the scale of the Bayrob group’s crimes suggests that they used the stolen cash to pay for more than just the cost of living.