A federal jury has convicted two Romanian alleged cybercriminals of spreading malware to steal credit card credentials and illicitly mine cryptocurrency, an announcement from the official website of the United States Department of Justice revealed on April 11.
The malware allegedly spread by the suspects was reportedly used for cryptojacking and to steal credit card and other data that the suspects would have sold on darknet markets and used to engage in online auction fraud.
As the Justice Department press release reports, Bogdan Nicolescu, 36, and Radu Miclaus, 37, were convicted after a 12-day trial.
The two individuals were charged with wire fraud, conspiracy to traffic in counterfeit service marks, aggravated identity theft, conspiracy to commit money laundering and 12 counts each of wire fraud.
The two are scheduled to be sentenced on August 14 this year in the Northern District of Ohio.
The activity was allegedly conducted as a “criminal conspiracy” from Bucharest, Romania, by the aforementioned suspects and another person who pleaded guilty. The malware itself was reportedly developed in 2007 and then spread via emails posing as legitimate communications from entities like Western Union, Norton AntiVirus and the Internal Revenue Service.
As the press release explains, the recipients that clicked on the attached file in such an email had malware installed on their devices. The malware also harvested email addresses from the contact lists of the victims. The infected computers also reportedly registered over 100,000 AOL email accounts that were used to spread the malware further with millions of emails sent to the stolen addresses.
The virus also purportedly redirected traffic to major websites such as Facebook, PayPal, eBay to a near identical version meant for phishing to obtain access credentials. The stolen credentials were reportedly used to rent server space, register domain names and pay for anonymization services.
Lastly, the report also specifies that the case was jointly investigated by the U.S. Federal Investigation Bureau and the Romanian National Police.
At the end of March, news broke that a new strain of Trojan malware for Android phones is targeting global users of top crypto apps such as Coinbase, BitPay and Bitcoin Wallet, as well as banks including JPMorgan, Wells Fargo, and Bank of America.