A jury in Ohio convicted two Romanian cybercriminals in April of wire fraud and aggravated identity theft in an international cyber crime scheme. The cybercriminals from Bucharest were convicted for implementing an intricate malware scheme. The malware was used by the hackers to steal sensitive information like credit card information, according to an announcement from the US Department of Justice.
What did the cybercriminals do?
They sold the private data on the dark web; subsequently, it was used to mine cryptocurrency as well as to participate in online auction fraud.
The malware was used to send emails to victims claiming to be legitimate from entities like the IRS, Western Union, and Norton AntiVirus. The emails tricked the victims into clicking on links that installed malware on their computers. The group of hackers, called “the Bayrob Group,” also inserted fake pages into legitimate websites like eBay, Facebook, and PayPal, which misled unsuspecting users.
The hackers had placed more than a thousand fraudulent listings for motorcycles, automobiles and several other expensive goods on auction sites like eBay as part of the scheme. The cybercriminals laundered the stolen money using money transfer agents who first routed the money via shell companies and then to Money Gram or Western Union offices based in Romania. Then the cash was collected by money mules and delivered to the defendants.
Millions of dollars were stolen by the group at the time of conviction
The cyber criminals, who infected and controlled around 400 thousand computers, tricked people into making fraudulent purchases on auction sites. The conviction announcement described a well-organized enterprise that was using stolen credit card numbers to register domains, rent server space and pay for virtual private network service. According to prosecutors, the criminals infected computers, disabled antivirus software and blocked access to law enforcement websites.
According to the Department of Justice, the hackers sent approximately 11 million malicious emails in total and stole about $4 million.
