U.S. jury finds two Romanians guilty of stealing credit card info, infecting 400,000 computers

The two men also allegedly stole millions of dollars through online auction fraud.
credit cards, payment cards, data breach
(Getty Images)

A federal jury on Thursday convicted two Romanian nationals of aggravated identity theft and wire fraud, among other charges, for a scheme to use malware to steal credit card information and then sell that data on underground websites.

A 12-day trial found Bogdan Nicolescu and Radu Miclaus guilty on 21 counts. In addition to wire fraud and identity theft, they were convicted on money laundering and counterfeit charges.

The men were accused of infecting and controlling over 400,000 computers, most of which were in the U.S., as part of the long-running fraud scheme that included cryptocurrency mining. The scheme also involved robbing people of millions of dollars by duping them into making fraudulent purchases on supposed auction sites.

Prosecutors described a methodical enterprise that used stolen credit card numbers to rent server space, register domains, and pay for virtual private network services.


Nicolescu and Miclaus, who are both in their 30s and from the Romanian capital of Bucharest, developed proprietary malware over a decade ago, and distributing it with emails purporting to be from the IRS, Norton Antivirus, and Western Union, prosecutors said. The defendants took the credit card information and user names and passwords from the infected computers, and disabled antivirus tools and blocked access to law enforcement websites, prosecutors said.

The malware pulled email addresses from an infected computer, which were then used to distribute it further, according to a Department of Justice press release. By forcing compromised computers to register new email accounts, the men allegedly sent tens of millions of malicious emails.

Nicolescu and Miclaus are due to be sentenced on Aug. 14. They were arrested in Romania in September 2016 and extradited to the U.S. in December 2016, according to a DOJ spokesperson.

Thursday’s conviction follows the bust of a Romanian cybercrime ring that prosecutors say defrauded people of millions of dollars.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts