Romanian duo convicted of fraud Scheme infecting 400,000 computers

Pierluigi Paganini April 14, 2019

Two Romanian hackers are convicted of infecting 400,000 computers in the U.S. with malicious code and stole millions of dollars from the victims.

Bogdan Nicolescu and Radu Miclaus are convicted of infecting 400,000 computers, most of them in the U.S.. The malware was developed to steal credentials, financial data, personal information, then the crooks offered them on the dark web marketplaces.

The crooks used malicious emails purporting to be legitimate from such entities as Western Union, Norton AntiVirus and the IRS to spread the malware. The spam messages used an attached file that once executed installed onto their computer.

“The defendants used stolen email credentials to copy a victim’s email contacts. They also activated files that forced infected computers to register email accounts with AOL.” continues the DoJ. “The defendants registered more than 100,000 email accounts using this method. They then sent malicious emails from these addresses to the compromised contact lists. Through this method, they sent tens of millions of malicious emails.”

When victims with infected computers visited websites such as Facebook, PayPal, eBay or others, the defendants would intercept the request and redirect the computer to a nearly identical website they had created. The defendants would then steal account credentials.

The two men also advertised fraud using email accounts created using the stolen credentials on behalf of the victims, mined cryptocurrency and stole money and cryptocurrency through credit card fraud.

The duo has been convicted of conspiracy to commit wire fraud, conspiracy to traffic in counterfeit service marks, aggravated identity theft, conspiracy to commit money laundering, and 12 counts each of wire fraud.

“A federal jury today convicted two Bucharest, Romania, residents of 21 counts related to their scheme to infect victim computers with malware in order to steal credit card and other information to sell on dark market websites, mine cryptocurrency and engage in online auction fraud, announced Assistant Attorney General Brian” reads the press release published by the DoJ.

“According to testimony at trial and court documents, Nicolescu, Miclaus, and a co-conspirator who pleaded guilty, collectively operated a criminal conspiracy from Bucharest, Romania.”

According to the authorities, the Romanian duo, along with a third co-conspirator who has pled guilty, operated their criminal conspiracy from Bucharest since 2007.

Sentencing is scheduled for August 24 before Chief Judge Patricia A. Gaughan in the Northern District of Ohio.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Romanian Duo, cybercrime)

[adrotate banner=”5″]

[adrotate banner=”13″]

Cybercrime Dark Web malware Pierluigi Paganini Romanian Duo Security Affairs

Pierluigi Paganini June 27, 2025

APT42 impersonates cyber professionals to phish Israeli academics and journalists

Pierluigi Paganini June 26, 2025