US Indicts Romanian and Chinese Cybercriminals

December 2016 brought the US government some progress on prosecuting foreign cybercriminals.  Last month, three Romanians were extradited to face charges in the US for running a cybercrime ring using custom-built malware and money mules to steal at least $4 million.  Chinese authorities also got their hands on one of three Chinese citizens charged by the US with insider trading on confidential information gleaned from the servers and networks of law firms involved in M&A work.  The US is seeking the extradition of the apprehended hacker by the Chinese government.

 

It is reported that the three Romanians were arrested by the Romanian National Police following an eight-year FBI investigation.  A 21-count indictment awaited them upon their extradition to Ohio, unsealed on December 17, 2016, charging them with wire fraud, identity theft, money laundering and trafficking in counterfeit goods or services.  Known as the Bayrob Group, they allegedly used phishing attacks and malware to rob their victims.  Disseminating its Bayrob Trojan through emails made to look like legitimate sources (e.g. Western Union, Norton Antivirus and the U.S. Internal Revenue Service), they prompted the recipient to click on an attached file, which upon clicking released the Bayrob Trojan to roam around their computers.  Later versions of the Bayrob Trojan harnessed the infected computer’s processing power to mine for cryptocurrency.  Symantec’s security response team, which worked in conjunction with the US government on the investigation, estimates the total losses over eight years to be as much as $35 million, sending 11 million malicious emails and running a botnet composed of 300,000 infected PCs.

 

To read the entire blog post, click here.