Romanian duo convicted in US for using cryptocurrency malware-mining to steal millions
Romania cryptocurrency
Two Romanian residents have been convicted of infecting over 400,000 individual computers with malware in order to mine cryptocurrency and steal victims’ data to sell on the dark web.
The majority of the 400,000 computers Nicolescu and Miclaus hijacked reportedly belonged to US residents
Their operation began in 2007 with the creation of proprietary malware, which was then distributed using malicious emails purporting to be legitimate entities such as Western Union, Norton AntiVirus, and the IRS. The malware would then be surreptitiously installed onto their computer when recipients clicked on an attached file.
The malware would then harvest email addresses from the infected devices, and send malicious emails to those recipients.
When individuals, whose computers had been infected, visited websites such as Facebook and PayPal, or others, the defendants would intercept the request and redirect the computer to an almost identical website they had created.
They would then proceed to steal account credentials and use stolencredit card information to fund their criminal infrastructure, which included renting server space, registering domain names using fake identities.
The would also use the funds to pay for Virtual Private Networks (VPNs), which helped them to further conceal their identities.
Nicolescu and Miclaus also injected spoof pages into legitimate websites, making victims believe they were receiving and following instructions from licit websites, when they were actually following the defendants’ instructions.
Overall, the men placed over 1,000 fraudulent listings for automobiles, motorcycles and other high-priced goods on eBay and similar auction sites. The photos of the listed items were infected with malware, which redirected computers that clicked on the image to fictitious webpages.
The defendants made headlines in 2016 after Reuters reported they had been extradited to the United States to face charges that they operated an online fraud scheme in which they stole at least $4 million.
Nicolescu and Miclaus’ sentencing has been set for August 14.
Romania cryptocurrency
Two Romanian residents have been convicted of infecting over 400,000 individual computers with malware in order to mine cryptocurrency and steal victims’ data to sell on the dark web.
The majority of the 400,000 computers Nicolescu and Miclaus hijacked reportedly belonged to US residents
Their operation began in 2007 with the creation of proprietary malware, which was then distributed using malicious emails purporting to be legitimate entities such as Western Union, Norton AntiVirus, and the IRS. The malware would then be surreptitiously installed onto their computer when recipients clicked on an attached file.
The malware would then harvest email addresses from the infected devices, and send malicious emails to those recipients.
When individuals, whose computers had been infected, visited websites such as Facebook and PayPal, or others, the defendants would intercept the request and redirect the computer to an almost identical website they had created.
They would then proceed to steal account credentials and use stolencredit card information to fund their criminal infrastructure, which included renting server space, registering domain names using fake identities.
The would also use the funds to pay for Virtual Private Networks (VPNs), which helped them to further conceal their identities.
Nicolescu and Miclaus also injected spoof pages into legitimate websites, making victims believe they were receiving and following instructions from licit websites, when they were actually following the defendants’ instructions.
Overall, the men placed over 1,000 fraudulent listings for automobiles, motorcycles and other high-priced goods on eBay and similar auction sites. The photos of the listed items were infected with malware, which redirected computers that clicked on the image to fictitious webpages.
The defendants made headlines in 2016 after Reuters reported they had been extradited to the United States to face charges that they operated an online fraud scheme in which they stole at least $4 million.
Nicolescu and Miclaus’ sentencing has been set for August 14.