Bogdan Nicolescu and Radu Miclaus are convicted of infecting 400,000 computers, most of them in the U.S.. The malware was developed to steal credentials, financial data, personal information, then the crooks offered them on the dark web marketplaces.
The crooks used malicious emails purporting to be legitimate from such entities as Western Union, Norton AntiVirus and the IRS to spread the malware. The spam messages used an attached file that once executed installed onto their computer.
“The defendants used stolen email credentials to copy a victim’s email contacts. They also activated files that forced infected computers to register email accounts with AOL.” continues the DoJ. “The defendants registered more than 100,000 email accounts using this method. They then sent malicious emails from these addresses to the compromised contact lists. Through this method, they sent tens of millions of malicious emails.”
When victims with infected computers visited websites such as Facebook, PayPal, eBay or others, the defendants would intercept the request and redirect the computer to a nearly identical website they had created. The defendants would then steal account credentials.
The two men also advertised fraud using email accounts created using the stolen credentials on behalf of the victims, mined
The duo has been convicted of conspiracy to commit wire fraud, conspiracy to traffic in counterfeit service marks, aggravated identity theft, conspiracy to commit money laundering, and 12 counts each of wire fraud.
“A federal jury today convicted two Bucharest, Romania, residents of 21 counts related to their scheme to infect victim computers with malware in order to steal credit card and other information to sell on dark market websites, mine
“According to testimony at trial and court documents, Nicolescu, Miclaus, and a co-conspirator who pleaded guilty, collectively operated a criminal conspiracy from Bucharest, Romania.”
According to the authorities, the Romanian duo, along with a third co-conspirator who has pled guilty, operated their criminal conspiracy from Bucharest since 2007.
Sentencing is scheduled for August 24 before Chief Judge Patricia A. Gaughan in the Northern District of Ohio.
(SecurityAffairs – Romanian Duo, cybercrime)