US authorities have sentenced to prison 3 Romanian men who hacked US servers

Pierluigi Paganini July 24, 2019

Three Romanian men who have been sentenced to prison for a fraud scheme totaling more than $21 million.

US authorities have sentenced to prison three Romanian men who hacked US servers and used them in a fraud scheme that totaled more than $21 million.

The men are Teodor Laurentiu Costea, Robert Codrut Dumitrescu, and Cosmin Draghici, they are all from Ploiesti, Romania.

The suspects have received sentences ranging from four years and three months to eight years and two months in prison on wire fraud conspiracy, computer fraud and abuse, and aggravated identity theft charges.

“These defendants sought to victimize citizens of the Northern District of Georgia and ultimately across the United States,” said U.S. Attorney Byung J. “BJay” Pak.  “We are warning cyber-criminals no matter where they reside, that this office and our law-enforcement partners are committed to finding you, extraditing you to this district, and prosecuting you.”

Romanian men

The Romanian citizens were extradited last year and all pleaded guilty earlier this year to the above crimes. The crooks also carried out a phishing campaign that reached thousands of victims and tricked them into providing social security numbers and bank account information. 

At the time of the arrest, Costea possessed 36,050 fraudulently obtained financial account numbers, Draghici had 3,465 and Dumitrescu had 3,278.

The hackers compromised servers in the US and installed bulk emailing and interactive voice response software to run smishing and vishing attacks.

“[the men] conducted a “vishing” and “smishing” scheme from Romania.  “Vishing” is a type of phishing scheme that communicates a phishing message, or a message that purports to be from a legitimate source, in this case the victims’ banks, through a voice recording. “Smishing” is similar to “vishing,” but communicates a phishing message through text messages. continues the press release published by the DoJ.

The servers made thousands of calls and sent thousands of text messages to victims in the U.S., including people living in the Northern District of Georgia.

When a victim received a telephone call claiming to be a bank, the interactive voice response software would prompt the victim to enter their PII.

When a victim received a text message, the message purported to be from a bank and tricked victims into calling a telephone number hosted by a compromised Voice Over Internet Protocol server. When the victim called the telephone number, they were prompted by the interactive voice response software to enter their PII.

The stolen data were stored on the compromised servers and accessed by Dumitrescu and Costea, that later sold the on the cybercrime underground or used them in fraudulent activities.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Romanian men, cybercrime)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment