Romanian hackers tried in Ohio to appeal long sentences after swindling millions through malware
CLEVELAND, Ohio — Two Romanian hackers who operated what the Justice Department said was one of the biggest malware-spreading operations in recent memory are expected to appeal a set of long prison sentences a federal judge imposed earlier this month.
Bogdan Nicolescu and Radu Miclaus were key members of the “Bayrob” group, which prosecutors said oversaw a botnet of more than 400,000 infected computers. Most of those computers were in the United States.
The men are expected to ask the 6th U.S. Circuit Court of Appeals in Cincinnati to review the case brought against them in Cleveland. An attorney representing Nicolescu, 37, filed a notice Dec. 17 that he was appealing. Miclaus, also 37, has not yet filed such a notice but his attorney Michael O’Shea said he expects his client will do so.
The Federal Public Defender’s Office was appointed to represent Miclaus in front of the 6th Circuit.
U.S. District Judge Patricia Gaughan sentenced Nicolescu to 20 years in federal prison on Dec. 6, while she gave Miclaus an 18-year prison sentence.
A jury found the pair guilty in April of 21 charges, including wire fraud, conspiracy to traffic in counterfeit service marks, aggravated identity theft and conspiracy to commit money laundering.
The group’s activities spanned from phony online car sales to mining personal data and selling it on the darknet. The FBI conservatively estimates that the schemes resulted in the theft of more than $4.5 million.
The Bayrob group was led by Nicolescu, who went by the online handle “MasterFraud.” It had between three and five members at any given time. Prosecutors said the group’s crimes began in 2007 when it spread malware through emails that purported to be from Western Union, Norton AntiVirus and the IRS.
The group infected computers and controlled them in several ways. One included posting ads on eBay that claimed to sell cars. When prospective customers sent messages with questions, the Bayrob group sent pictures in return, and those pictures contained malware that allowed the group to control the computer.
Once inside, the group redirected users a fake eBay page. When buyers wired money, it went into bank accounts for so-called “money mules" that were unwittingly part of the scheme to transfer to accounts in Europe and eventually put into accounts the Bayrob group controlled.
Buyers never got their cars. Some lost tens of thousands of dollars, the FBI said.
More than 50 people in Northeast Ohio were defrauded by the group, the FBI said in 2016. Agents got involved after a woman in Lake County said in 2007 that she lost just under $10,000 through what she thought was a car purchase.
Tiberiu Danet, a third defendant also brought to the U.S. to be prosecuted, pleaded guilty and testified against his co-defendants. He faces between nine and 12 years in federal prison. His sentencing is set for Jan. 8.
Read more:
Romanian hackers prosecuted in Ohio sentenced to federal prison for malware attack that struck thousands
Romanian hackers found guilty in Ohio federal court of victimizing thousands with malware
Romanian hackers on trial in Ohio stole millions and victimized thousands through malware, feds say
Three Romanians indicted in $4 million cyber fraud ring that targeted dozens in Northeast Ohio
Gloss