The heart of tech is coming to the heart of the Mediterranean. Join TNW in València this March 🇪🇸

This article was published on April 12, 2019

Romanian duo convicted in US for using cryptocurrency malware-mining to steal millions

Romanian duo convicted in US for using cryptocurrency malware-mining to steal millions
Yessi Bello Perez
Story by

Yessi Bello Perez

Former Senior Writer, Growth Quarters

Two Romanian residents have been convicted of infecting over 400,000 individual computers with malware in order to mine cryptocurrency and steal victims’ data to sell on the dark web.

Bogdan Nicolescu, 36, and Radu Miclaus, 37, were convicted by a US jury following a 12-day trial of conspiracy to commit wire fraud, conspiracy to traffic in counterfeit service marks, aggravated identity theft, conspiracy to commit money laundering, and 12 counts each of wire fraud.

The majority of the 400,000 computers Nicolescu and Miclaus hijacked reportedly belonged to US residents

Nicolescu and his co-conspirator Miclaus, who pleaded guilty to the charges, operated the criminal operation from Bucharest (Romania).

Their operation began in 2007 with the creation of proprietary malware, which was then distributed using malicious emails purporting to be legitimate entities such as Western Union, Norton AntiVirus, and the IRS. The malware would then be surreptitiously installed onto their computer when recipients clicked on an attached file.

The malware would then harvest email addresses from the infected devices, and send malicious emails to those recipients.

When individuals, whose computers had been infected, visited websites such as Facebook and PayPal, or others, the defendants would intercept the request and redirect the computer to an almost identical website they had created.

They would then proceed to steal account credentials and use stolencredit card information to fund their criminal infrastructure, which included renting server space, registering domain names using fake identities.

The would also use the funds to pay for Virtual Private Networks (VPNs), which helped them to further conceal their identities.

Nicolescu and Miclaus also injected spoof pages into legitimate websites,  making victims believe they were receiving and following instructions from licit websites, when they were actually following the defendants’ instructions.

Overall, the men placed over 1,000 fraudulent listings for automobiles, motorcycles and other high-priced goods on eBay and similar auction sites.  The photos of the listed items were infected with malware, which redirected computers that clicked on the image to fictitious webpages.

The defendants made headlines in 2016 after Reuters reported they had been extradited to the United States to face charges that they operated an online fraud scheme in which they stole at least $4 million.

Nicolescu and Miclaus’ sentencing has been set for August 14. The men will appear before Chief Judge Patricia A. Gaughan of the Northern District of Ohio.

The news comes after 12 Romanian citizens were extradited to the US for selling fake cars on eBay in exchange for Bitcoin, as previously reported by Hard Fork in February.

Did you know? Hard Fork has its own stage at TNW2019, our tech conference in Amsterdam. Check it out.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with