Bogdan
Nicolescu, 37, and Radu Miclaus, 37, both from Bucharest, Romania, were
sentenced to 20 years and 18 years, respectively, for their roles in a scheme
to, among other things, infect more than 400,000 computers with malware and
gain access to credit card and other information for later sale on dark market
websites.
According
to testimony at trial and court documents, Nicolescu, Miclaus, and others
operated a criminal enterprise referred to as the “Bayrob Group” from Bucharest,
Romania. It began in 2007 with the
development of proprietary malware, which they disseminated through malicious
emails purporting to be legitimate emails from entities and agencies such as
Western Union, Norton AntiVirus, and the IRS. When recipients clicked on an
attached file, the malware secretly installed itself onto their computers.
This
malware harvested email addresses from the infected computer, such as from
contact lists or email accounts, and then sent malicious emails to these harvested
email addresses. By using the infected
computers to reach out and control additional computers, the defendants
infected and controlled more than 400,000 individual computers, primarily in
the United States.
In
addition to using the infected network to expand its size, Nicolescu, Miclaus,
and other members of the Bayrob Group used the collective processing power of
the computer network to solve complex algorithms for the financial benefit of
the group, a process known as cryptocurrency mining.
Finally,
trial testimony and evidence revealed that these defendants engaged in
persistent and sophisticated data mining of the infected computers, selling
information gleaned from infected computers repeatedly over time on the Dark Web. Investigators discovered evidence on the Dark
Web of trafficking in users’ personal financial information, passwords, and
access to their computers.
In total,
this criminal enterprise resulted in losses of at least $4 million.
Notably, this investigation started with a
complaint from a victim in the Northern District of Ohio. But for that victim contacting law
enforcement to report suspicious activity and potential theft of information,
the defendants’ malware would have likely continued to infect thousands of
additional computers and harmed thousands of additional individuals.
“Today’s
sentences underscore the critical work being done to investigate and prosecute
to the fullest extent those criminals who think that the presumed anonymity of
the Internet can hide their pervasive and extensive criminal activities,” said
U.S. Attorney Justin Herdman.
“Regardless of whether the criminals are in Romania, or within our
District, these sentences send the clear and resounding message that crimes
committed using the Internet will not go unpunished.”
"These
sentences handed down today reflect the dynamic landscape in which
international criminals utilize sophisticated cyber methods to take advantage
of and defraud, unsuspecting victims anywhere in the world,” said FBI Special
Agent in Charge Eric Smith. “Despite the complexity and global character of
these investigations, this investigation and prosecution demonstrate the
commitment by the FBI and our partners to aggressively pursue these individuals
and bring justice to the victims.”
The FBI
investigated the case, with assistance from the Romanian National Police and
the Romanian Directorate for the Investigation of International Organized Crime
and Terrorism. The case was prosecuted
by Assistant U.S. Attorneys Duncan T. Brown and Brian McDonough, along with the
Computer Crime and Intellectual Property Section of the Department of
Justice. The prosecution was assisted by
the Department of Justice’s Office of International Affairs.
If you or
a family member believe you have been a victim of online fraud, theft, or
criminal activity, please contact local law enforcement and make a report with
the Internet and Cyber Crime Complaint Center at www.IC3.gov.
Posts
No comments:
Post a Comment