Phone : +91 95 8290 7788 | Email :

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Romanian Duo Convicted of Malware Scheme Infecting 400,000 Computers

Romanian Duo Convicted of Malware Scheme Infecting 400,000 Computers

The duo are convicted of infecting 400,000 computers in the U.S. with malware and scamming victims out of millions of dollars.

A Romanian duo has been convicted for infecting hundreds of thousands of computers with malware that scooped up credentials and financial information, and scamming victims out of millions of dollars.

The two, Bogdan Nicolescu, 36, and Radu Miclaus, 37, were convicted by a federal jury in Ohio on Thursday for allegedly developing and spreading malware that infected more than 400,000 computers in the U.S. The malware scooped up credentials, financial data, personal information and more.

Nicolescu and Miclaus “were convicted after a 12-day trial of conspiracy to commit wire fraud, conspiracy to traffic in counterfeit service marks, aggravated identity theft, conspiracy to commit money laundering and 12 counts each of wire fraud,” according to a press release by the Department of Justice (DoJ).  “Sentencing has been set for Aug. 14, 2019 before Chief Judge Patricia A. Gaughan of the Northern District of Ohio.”

The two allegedly began developing and spreading the malware in 2007, the DoJ said, Computers were first infected via malicious emails purporting to be from legitimate entities such as Western Union, Norton AntiVirus and the IRS.

But when recipients clicked on an attached file, the malware was installed onto their systems. From there, it harvested personal data, credit card information, user names and passwords, disabled victims’ malware protection tools, and blocked their access to websites associated with law enforcement.

The pair were able to copy victims’ email contacts using the malware, and consequently sent those contacts  malicious emails as well. In addition, the malware activated files forcing victims’ systems to register AOL accounts, and then sent more victims malicious emails from these legitimate email addresses.

The two registered more than 100,000 email accounts using this method, and were able to send tens of millions of malicious emails, according to the DoJ.

Nicolescu and Miclaus also injected fake webpages into legitimate websites, such as eBay, to intercept victims’ visits to these legit websites and trick them into entering credentials into the spoofed webpage.

“When victims with infected computers visited websites such as Facebook, PayPal, eBay or others, the defendants would intercept the request and redirect the computer to a nearly identical website they had created,” said the DoJ. “The defendants would then steal account credentials.  They used the stolen credit card information to fund their criminal infrastructure, including renting server space, registering domain names using fictitious identities and paying for Virtual Private Networks (VPNs) which further concealed their identities.”

Finally, the two placed more than 1,000 fraudulent listings for automobiles, motorcycles and more on eBay. The two put malware-ridden photos on the listings, which then redirected victims who clicked on them to spoofed webpages that looked like the legitimate eBay page. These webpages tricked victims into paying for the “items” through a nonexistent “eBay Escrow Agent” – which turned out simply to be a person hired by the pair to collect the money and give it to them. This scam resulted in a loss of millions of dollars, according to DoJ.

The duo are only the latest to be indicted as part of the DoJ’s cybercrime crackdown over the past year. In December, the DoJ charged two Chinese hackers with stealing “hundreds of gigabytes” of data from more than 45 other governmental organizations and U.S.-based companies. And in August, the DoJ nabbed three suspected members of the FIN7 cybercrime group, accused of hacking more than 120 U.S.-based companies with the intent of stealing bank cards.

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India













What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.


Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.


Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : | Support Email :

Register & Request Quote | Submit Support Ticket