A federal jury convicted two hackers on 21 counts of cybercrimes including infecting computers with malware to steal credit card information. The culprits also attempted to sell sensitive data on dark web marketplaces, engaged in online fraud and illegally mined digital currencies.
Hackers Attacked Over 400,000 Computers
On April 11, a U.S. jury convicted Romanian nationals, Bogdan Nicolescu, 36, and Radu Miclaus, 37, of wire fraud, conspiracy to commit wire fraud, aggravated identity theft, conspiracy to traffic in counterfeit service marks, and conspiracy to commit money laundering, according to a press release from The United States Department of Justice (DoJ).
The two were involved in a cybercrime ring that began in 2007 with the development of malware that would install itself on its victims’ computers through an email attachment.
Once clicked, the malware stole its victims’ email address, credit card information usernames, and passwords as well as infecting their devices with cryptocurrency mining malware. The operation was run out of Romania’s capital, Budapest, and was primarily targeted at U.S. citizens.
As part of the crime ring, a largescale phishing scams were also operated with the hackers sending their victims to fake versions of PayPal, Facebook, and eBay to steal their login information.
The stolen credit card information and personal details were used to make several purchases to expand the criminal network including VPNs, renting servers, and registering domain names.
The criminals engaged in widespread online fraud by posting fraudulent listings for expensive goods such as cars and motorcycles on eBay and other auction sites. The images of the goods were infected with malware that redirected their victims to fake websites that looked like legitimate eBay pages.
Using these fictitious websites, the criminals were able to steal money from their victims who believed they were dealing with real sellers on eBay. These actions resulted in millions of dollars in stolen funds.
To launder these illicit funds, the criminal organization hired individuals who created false companies to wire the money from the U.S. to the defendants in Romania, who used “money mules” with fake identities to collect the funds at Western Union and MoneyGram offices to deliver the money to them.
The FBI collaborated with the Romanian National Police in this investigation to bring the cybercriminals to justice. Sentencing has been set for August 14, 2019.
The convictions of Nicolescu and Miclaus should act as a reminder to many – especially those who hold digital asset private keys on their devices – to pay utmost attention to cybersecurity as cryptocurrency users are one of the most popular targets of cybercriminals in the current day and age.