Two Romanians from Bucharest have been found guilty by a jury of their peers after a scheme they orchestrated from 2007 resulted in the loss of millions of dollars from unsuspecting users.
The two Radu Miclaus, 37 and Bogdan Nicolescu, 36 received their conviction after a 12-day trial and are set to appear before the Chief Judge of the Northern District of Ohio, Judge Patricia, for sentencing on August 14. The two created malware in 2007 and infected more than 400,000 computers to steal personal information from their victims and mine cryptocurrency from their computers.
How Scheme Worked
To pull off their well-orchestrated scheme after creating the malware, they sent several emails to their targets purporting to be legit emails from firms such as IRS, Norton AntiVirus and Western Union.Clicking on the emails led to the installation of the malware. Many of the computers infected were from the US.
After installation, the malware gets to work and collects data such as passwords plus usernames and credit card information. The latter would be sold on the dark web. The malware blocked its victim’s computer from accessing law enforcement sites to prevent them from getting any assistance from local authorities. Moreover, it would also disable the malware protection software. Besides the above, the victim’s computers would also be used to mine crypto for the two.
Further on, they would proceed to initiate transactions to create new email accounts with AOL after copying their victim’s email address. Through the latter technique, they were able to register over 100,000 emails which were used to send malicious emails to more users further infecting more computer together with redirection traffic from their user’s computers to fake sites which would collect more info from them.
Victim’s traffic was redirected to identical fake sites when one wanted to access sites such as eBay, Facebook, and PayPal leading to them getting more personal information. Funds from their activities were used to expand and pay for VPNs to further hide their identity, get domains under fake names together with renting server space. They also placed fake ads for different products in identical e-commerce sites leading to them stealing from shoppers. Money was transferred under fake names and even used rogue escrow agents to transfer the cash to them.
