Three members of a Romanian cyber crime gang have been extradited to the US after being arrested in their home country for infecting tens of thousands of computers with malware.
Prosecutors in the US allege that Bogdan Nicolescu, 34, Tiberiu Danet, 31, and Radu Miclaus, 34, sent out as many as 11 million phishing emails to prospective victims, infecting up to 160,000 devices and netting at least €3.82 million in a sophisticated cyber fraud.
The trio, who were flown to the US from their native country last week after being arrested by the Romanian authorities earlier this year, are suspected of creating and distributing the Bayrob virus.
In an indictment filed at a federal court in Cleveland on Friday, the three men were charged with a number of offences, including the operation of a botnet, online auction fraud, wiretapping, money laundering, credit card theft and trafficking counterfeit goods. Both Danet and Miclaus pleaded not guilty, while Nicolescu has yet to enter a plea.
“This case illustrates the sophistication and determination with which cyber criminals seek to harm Americans and American businesses from abroad,” said Assistant Attorney General Caldwell. “But our response demonstrates that, with effective international cooperation, we can track these criminals down and make sure they face justice, no matter where or how they try to hide.”
“These defendants stole millions of dollars from people in the United States through a sophisticated fraud conspiracy they operated in Eastern Europe,” said US Attorney Carole Rendon. “Cybercrime is an ever-growing threat. We will continue to work with both our partners in law enforcement and in the private sector to evolve with the threat and protect our networks and national security.”
According to the prosecution, the three men had been operating the scam from Bucharest since 2007, and may have pocketed up to €33.5 million from their illegal activities. The malware they are accused of creating and distributing mostly targeted Americans, stealing banking and personal information which the gang used to drain victims’ bank accounts.
The three men are also accused of posting hundreds of bogus listings on auction sites such as eBay. These were allegedly infected with malware that redirected victims to fake payment pages from where stolen funds were funnelled back to the gang via wire transfers and money mules. Additionally, the gang used the devices they infected as a large botnet from which to mine cryptocurrencies such as Bitcoin.
Online security firm Symantec, which helped investigators snare the gang, said in a statement that its members even ripped off the money mules they recruited to launder their dirty money.
“Mules in the US were often vulnerable people in difficult circumstances,” the company said. “They appeared to be unwitting pawns of the gang, unaware of what they’d become involved with.”