[stock-market-ticker symbols="FB;BABA;AMZN;AXP;AAPL;DBD;EEFT;GTO.AS;ING.PA;MA;MGI;NPSNY;NCR;PYPL;005930.KS;SQ;HO.PA;V;WDI.DE;WU;WP" width="100%" palette="financial-light"]

FBI: three Romanian nationals indicted in cyber fraud case have stolen $4 million

22 decembrie 2016

A 21-count indictment was unsealed in which three Romanian nationals were charged for operating a cyber fraud conspiracy in which they infected 60,000 computers, sent out 11 million malicious emails and stole at least $4 million, said U.S. Attorney Carole S. Rendon and FBI Special Agent in Charge Stephen D. Anthony. “These defendants stole millions of dollars from people in the United States through a sophisticated fraud conspiracy they operated in Eastern Europe,” Rendon said.

Bogdan Nicolescu, 34, Tiberiu Danet, 31, and Radu Miclaus, 34, were extradited to the United States this week after being taken into custody in their native Romania earlier this year. They are each charged with conspiracy to commit wire fraud, conspiracy to traffic in counterfeit service marks, aggravated identity theft, conspiracy to commit money laundering and 12 counts each of wire fraud.

According to the indictment filed in U.S. District Court in the Northern District of Ohio:

Nicolescu, Danet and Miclaus collectively operated a criminal conspiracy from Bucharest, Romania. It began in 2007 with the development of proprietary malware, which they disseminated through malicious emails purporting to be legitimate from such entities as Western Union, Norton AntiVirus and the IRS. When recipients clicked on an attached file, the malware was surreptitiously installed onto their computer.

This malware harvested email addresses from the infected computer, such as from contact lists or email accounts, and then sent malicious emails to these harvested email addresses. The defendants infected and controlled more than 60,000 individual computers, primarily in the United States.

Controlling these computers allowed the defendants to harvest personal information, such as credit card information, user names and passwords. They disabled victims’ malware protection and blocked the victims’ access to websites associated with law enforcement.

Controlling the computers also allowed the defendants group to use the processing power of the computer to solve complex algorithms for the financial benefit of the group, a process known as cryptocurrency mining.

The defendants used stolen email credentials to copy a victim’s email contacts. They also activated files that forced infected computers to register email accounts with AOL. The defendants registered more than 100,000 email accounts using this method. They then sent malicious emails from these addresses to the compromised contact lists. Through this method, they sent more than 11 million malicious emails.

When victims with infected computers visited websites such as Facebook, PayPal, eBay or others, the defendants would intercept the request and redirect the computer to a nearly identical website they had created. The defendants would then steal account credentials. They used the stolen credit card information to fund their criminal infrastructure, including renting server space, registering domain names using fictitious identities and paying for Virtual Private Networks (VPNs) which further concealed their identities.

The defendants were also able to inject fake pages into legitimate websites, such as eBay, to make victims believe they were receiving and following instructions from legitimate websites, when they were actually following the instructions of the defendants.

They placed more than 1,000 fraudulent listings for automobiles, motorcycles and other high-priced goods on eBay and similar auction sites. Photos of the items were infected with malware, which redirected computers that clicked on the image to fictitious webpages designed by the defendants to resemble legitimate eBay pages.

These fictitious webpages prompted users to pay for their goods through a nonexistent “eBay Escrow Agent” who was simply a person hired by the defendants. Users paid for the goods to the fraudulent escrow agents, who in turn wired the money to others in Eastern Europe, who in turn gave it to the defendants. The payors/victims never received the items and never got their money back.

This resulted in a loss of at least $4 million.

The Bayrob group laundered this money by hiring “money transfer agents” and created fictitious companies with fraudulent websites designed to give the impression they were actual businesses engaged in legitimate financial transactions. Money stolen from victims was wired to these fraudulent companies and then in turn wired to Western Union or Money Gram offices in Romania. European “money mules” used fake identity documents to collect the money and deliver it to the defendants, according to the indictment.

The case was investigated by the FBI, with assistance from the Romanian National Police.
Source: FBI

Noutăți
Cifra/Declaratia zilei

Anders Olofsson – former Head of Payments Finastra

Banking 4.0 – „how was the experience for you”

So many people are coming here to Bucharest, people that I see and interact on linkedin and now I get the change to meet them in person. It was like being to the Football World Cup but this was the World Cup on linkedin in payments and open banking.”

Many more interesting quotes in the video below:

Sondaj

In 23 septembrie 2019, BNR a anuntat infiintarea unui Fintech Innovation Hub pentru a sustine inovatia in domeniul serviciilor financiare si de plata. In acest sens, care credeti ca ar trebui sa fie urmatorul pas al bancii centrale?