Romanian cybergang infects over 400,000 computers with crypto mining malware

A sophisticated cybergang has deployed malware to mine cryptocurrency and steal personal details from over 400,000 victims, according to a press release from the US Attorney’s Office for the Northern District of Ohio.

The group, based in Bucharest, Romania, sold the stolen details on the dark web.

It’s believed the crimes were perpetrated by members of the ‘Bayrob Group’, an infamous Romanian hacking group that has been operating since 2007.

Bayrob Group members Bogdan Nicolescu and Radu Miclaus, both 37, were extradited to the US to face charges of cybercrime and fraud, for which they received 20 and 18-year federal prison sentences respectively.

FBI special agent Eric Smith, who led the case, said:

“These sentences handed down today reflect the dynamic landscape in which international criminals utilise sophisticated cyber methods to take advantage of and defraud unsuspecting victims anywhere in the world.”

The group mainly targeted computers belonging to US citizens, which they used to provide the processing power for cryptocurrency mining.

Data stolen during the years the hackers had access to victims’ computers included financial information, passwords, emails, and other personal details.

The users normally downloaded the malware by clicking on legitimate-looking emails purporting to be from banking and antivirus providers.

It is believed that the group stole more than $4 million using the scheme, although how much of this was derived from cryptocurrency mining is unclear.

Victim of cybercrime? Report it, say officials

The fraudsters were extradited after a Northern Ohio resident, who had been a victim of the gang, contacted US authorities.

The press release emphasises the importance of this individual coming forward to authorities. Without the key piece of information they provided, the criminals would have continued their nefarious activities unchecked.

After a lengthy joint investigation by the FBI, the Romanian National Police, and the Romanian Directorate for the Investigation of International Organised Crime and Terrorism, the pair were brought to justice.

Agent Smith said the location of the hacking group made no difference in bringing those responsible to justice. Smith explained:

“Despite the complexity and global character of these investigations, this investigation and prosecution demonstrate the commitment by the FBI and our partners to aggressively pursue these individuals and bring justice to the victims.”

It’s unclear whether the pair were high-ranking members of the criminal organisation they worked for.

You can read more about the dangers of crypto-mining malware and measures to protect your machine here.