The internet is by no means a safe place and two Romanian residents have been that kind to remind us malware is here to corrupt computers.
The internet is by no means a safe place and two Romanian residents have been that kind to remind us malware is here to corrupt computers. Bogdan Nicolescu (36) and Radu Miclaus (37) have been found guilty of running a malware campaign that effectively infected more than 400,000 computers. The campaign did not only aim to install cryptojacking software on these computers but to steal private data.
After a 12-day trial, the US jury convicted Nicolescu and Miclaus of an attempt to conduct a wire fraud, identity theft, and money laundering. The case attracted a lot of public attention since the better part of those 400,000 computers infected belong to US citizens. Nevertheless, the cybercriminals pulled the strings of their conspiracy from the Romanian capital of Bucharest.
Notably, it all started back in 2007 when Nicolescu and Miclaus developed their malicious software. The two spread the malware via email campaigns, impersonating legitimate businesses such as Western Union, Norton AntiVirus, and the IRS. Needless to say, the attached file contained the virus that got automatically installed when clicked upon.
The malware utilized simple yet effective principle – it contacted the mail list of the victim, thus spreading itself even faster. It recorded the activity logs of the recipients and when they aimed to reach websites such as Facebook and PayPal it immediately redirected them to fraudulent copycats. Obviously, the goal was to harvest as more credentials as possible. The stolen credit card information was then used to fund the campaign – renting server space, purchasing domains, etc.
Of course, the baddies had to pay for Virtual Private Networks (VPNs) to further cover their tracks.
And as if that wasn’t enough Nicolescu and Miclaus compromised legitimate websites as well. They did so by inserting fake pages filled with instructions that only appeared to be “real”.
The culprits published fake listings on auction sites such as eBay and many similar ones. When they placed their for sale items, they infected the images with links redirecting to fraudulent webpages. Reportedly, the two made as much as $4 million from the scheme. However, it all stopped in 2016, when they were extradited to the US. The sentencing will take place on August 14.