Bitcoin Forum

Bitcoin => Legal => Topic started by: audaciousbeing on December 10, 2019, 12:44:58 PM



Title: Cryptojacking Malware Devs Sentenced to 20 Years in Prison
Post by: audaciousbeing on December 10, 2019, 12:44:58 PM
Quote
Two members of the prolific Romanian hacker gang Bayrob Group were sentenced to two decades in U.S. prison apiece after their malware mined crypto on 400,000 infected computers.

Group leader Bogdan Nicolescu and co-conspirator Radu Miclaus were sentenced to 20 and 18 years respectively after being found guilty on 21 different counts of wire fraud, money laundering aggravated identity theft and other crimes, a press release announced Friday. The gang was also accused of developing malware which mined bitcoin and monero using their host computers' processing power.

Tiberiu Danet, a third Bayrob Group member, pleaded guilty in Nov. 2018 to eight charges. His sentencing is scheduled for Jan. 8.

From its founding in 2007 to its members’ apprehension and eventual extradition in late 2016, the Bayrob Group, which operated out of Bucharest, Romania, ran a sprawling hacking and malware operation. They deployed trojan malware in seemingly mundane emails from well-known companies and groups, but when victims attempted to download attachments apparently from Norton, the IRS and Western Union, their computers instead became infected with the Bayrob botnet, according to an indictment.

https://www.coindesk.com/cryptojacking-malware-devs-sentenced-to-20-years-in-prison (https://www.coindesk.com/cryptojacking-malware-devs-sentenced-to-20-years-in-prison)


How the authorities went about getting these guys to pay for their actions remains unknown but its still sending a message that someone is watching and people can be made to pay for whatever they do in the crypto sphere...


Title: Re: Cryptojacking Malware Devs Sentenced to 20 Years in Prison
Post by: squatter on December 10, 2019, 07:42:58 PM
Don't run a botnet from a country (like Romania) that has an extradition treaty with the US. That seems to be the overall lesson here.

How the authorities went about getting these guys to pay for their actions remains unknown

Presumably, they tracked the malware distribution to Romania and then worked with Romanian law enforcement to identify, arrest and extradite the offenders.


Title: Re: Cryptojacking Malware Devs Sentenced to 20 Years in Prison
Post by: CryptoBry on December 11, 2019, 12:40:38 AM
How the authorities went about getting these guys to pay for their actions remains unknown but its still sending a message that someone is watching and people can be made to pay for whatever they do in the crypto sphere...

The message should be clear to all people who are into the hacking and scamming industry to stop whatever they are doing because the arms and force of the law will one day get into them. What is the use of wealth when you are spending many years of your life in jail?  Right now, hacking has become a very lucrative industry with the popularity of the cryptocurrency and this is not going to stop soon but will even be accelerating. The cryptocurrency industry is getting victimized by these hackers as many people now assumed that this very industry equals scams. In fact, I believe that the whole cryptocurrency community should be helping and cooperating with authorities so that hackers and scammers will all be prosecuted to the strongest potency of the law.


Title: Re: Cryptojacking Malware Devs Sentenced to 20 Years in Prison
Post by: audaciousbeing on December 11, 2019, 08:40:56 AM
Don't run a botnet from a country (like Romania) that has an extradition treaty with the US. That seems to be the overall lesson here.

How the authorities went about getting these guys to pay for their actions remains unknown

Presumably, they tracked the malware distribution to Romania and then worked with Romanian law enforcement to identify, arrest and extradite the offenders.

If its to go by your submission, then its ok to go hack or even scam people of their resources with only one caveat, ensure you do it in a country outside the United States and also be sure that the country you are in does not have an extradition agreement with the United States. But it will also interest you that its not only in the United States that people are being made to pay for their actions even some countries with the most crude level of technology have been able to made individuals pay for the crime they committed under the anonymity of crypto. The point is, it does not pay to be involved in crime. Its as simple as that...


Title: Re: Cryptojacking Malware Devs Sentenced to 20 Years in Prison
Post by: 1Referee on December 11, 2019, 02:14:13 PM
The message should be clear to all people who are into the hacking and scamming industry to stop whatever they are doing because the arms and force of the law will one day get into them. What is the use of wealth when you are spending many years of your life in jail? 
Do criminals generally have a short lived 'career'? Yes they do, but that doesn't prevent them from stealing money. I doubt governments care much either because they can seize their assets to enrich themselves. Instead of giving the funds back to the community it's just ending up in their pockets. Both criminals stealing money from innocent people. No difference.

In fact, I believe that the whole cryptocurrency community should be helping and cooperating with authorities so that hackers and scammers will all be prosecuted to the strongest potency of the law.
Only when ponzi schemes grow large enough the authorities will step in and act in whatever fashion, but the smaller ones will stay up and running until they decide to exit scam to launch a brand new ponzi scheme to scam the same fools that lost money to them before.

In the end, it's nearly impossible to get the community to do anything when you know that they are contributing to these scams by investing in them.


Title: Re: Cryptojacking Malware Devs Sentenced to 20 Years in Prison
Post by: squatter on December 11, 2019, 08:04:33 PM
Don't run a botnet from a country (like Romania) that has an extradition treaty with the US. That seems to be the overall lesson here.

How the authorities went about getting these guys to pay for their actions remains unknown

Presumably, they tracked the malware distribution to Romania and then worked with Romanian law enforcement to identify, arrest and extradite the offenders.

If its to go by your submission, then its ok to go hack or even scam people of their resources with only one caveat, ensure you do it in a country outside the United States and also be sure that the country you are in does not have an extradition agreement with the United States.

First, I was speaking with tongue in cheek. Second, it wasn't a comment on morality anyway, just a comment on what got them caught. To put it another way: Good luck extraditing a botnet operator from Russia.


Title: Re: Cryptojacking Malware Devs Sentenced to 20 Years in Prison
Post by: Baofeng on December 11, 2019, 11:22:00 PM
How the authorities went about getting these guys to pay for their actions remains unknown

Here is how they caught them (well at least this is what the authorities says), they made mistakes along the way,

Quote
He said the men used America Online and that Miclaus accidentally logged in one day in 2013 with his personal account, instead of the one used in the scheme. As a result, AOL linked the two accounts to the same internet service provider address, Levine said.

The second one was in 2015, when Dinet traveled to Miami to visit friends. While going through customs at the airport, the FBI covertly seized his cellphone and, acting on a search warrant, reviewed it. There they found messages between the three defendants chatting about the computer programs at the heart of the case.

Levine also said three email accounts the men used to discuss the scheme went silent after their arrests. He told the jury that the evidence are like puzzle pieces that can be put together to show a complete picture of the crimes the group committed.


https://www.cleveland.com/court-justice/2019/03/romanian-hackers-on-trial-in-ohio-stole-millions-and-victimized-thousands-through-malware-feds-say.html

So I guess criminals are not that really intelligent after all, because sooner or later they can make a slip up that will lead to their arrest.


Title: Re: Cryptojacking Malware Devs Sentenced to 20 Years in Prison
Post by: Kemarit on December 12, 2019, 09:28:19 AM
So I guess criminals are not that really intelligent after all, because sooner or later they can make a slip up that will lead to their arrest.

Obviously, these criminals are very sloppy in covering their tracks, and one way or another, they are going to make a lot of mistakes that will eventually reveal their identify or at least give law enforcement a clue and started their investigation that will eventually lead to their arrest.

And I agree with the OP here, US are sending a strong signal, don't messed with them, regardless from what country you are, because they're going to haunt you down.


Title: Re: Cryptojacking Malware Devs Sentenced to 20 Years in Prison
Post by: HeRetiK on December 12, 2019, 10:32:02 AM
Do criminals generally have a short lived 'career'? Yes they do, but that doesn't prevent them from stealing money.

I wouldn't be so sure of that, to me it seems that for every criminal with a "short lived career" there's many more out there that never get caught. Let's not forget that malware is a huge global industry and those guys are just the tip of the iceberg.

Here's another interesting article on said operation:
https://www.zdnet.com/article/the-bayrob-malware-gangs-rise-and-fall/

According to this article they made tens of millions of US dollars before they got caught and apparently it took law enforcement 8 years before they got a trace on them. Had they stopped after the first couple of millions they probably would have gotten away with it.


Title: Re: Cryptojacking Malware Devs Sentenced to 20 Years in Prison
Post by: eaLiTy on December 12, 2019, 02:42:58 PM
How the authorities went about getting these guys to pay for their actions remains unknown but its still sending a message that someone is watching and people can be made to pay for whatever they do in the crypto sphere...
The team was smart enough to infect all the computers and start mining using other people's computing power but they were not smart enough to hide their loot and so is the reason they were caught, FBI knew that the money was going to Romania through wire transfer and they had a collective investigation with the help of Romanian police and it made things easier for them as they were using fake identities to cover their tracks but when you are pinned to the point where your loot is withdrawn then it is a matter of time to snatch them and that is what happened here.

According to this article they made tens of millions of US dollars before they got caught and apparently it took law enforcement 8 years before they got a trace on them. Had they stopped after the first couple of millions they probably would have gotten away with it.
When you are running a criminal enterprise this long you are bound to get caught and the confidence they had running all this years will have some lapses here and there and that is what the investigators will be looking.


Title: Re: Cryptojacking Malware Devs Sentenced to 20 Years in Prison
Post by: HeRetiK on December 12, 2019, 03:30:14 PM
How the authorities went about getting these guys to pay for their actions remains unknown but its still sending a message that someone is watching and people can be made to pay for whatever they do in the crypto sphere...
The team was smart enough to infect all the computers and start mining using other people's computing power but they were not smart enough to hide their loot and so is the reason they were caught, FBI knew that the money was going to Romania through wire transfer and they had a collective investigation with the help of Romanian police and it made things easier for them as they were using fake identities to cover their tracks but when you are pinned to the point where your loot is withdrawn then it is a matter of time to snatch them and that is what happened here.

Got any more info than that? According to the ZDNet article their slip-up was actually more technical in nature:

The three were arrested in late 2016 after the FBI and Symantec had silently stalked their malware servers for years, patiently waiting for the highly skilled group to make mistakes that would leave enough of a breadcrumb trail to follow back to their real identities.

Those errors came in 2015, when of the group's proxy servers began leaking details about the group's traffic, eventually leading investigators on the right path, and later that year one of the hackers made an unfortunate trip to Miami, where the FBI secretly searched his phone at the border.

Reading through the article their money mule / laundering infrastructure seems to have worked surprisingly well, but I'd be interested to read about any trails they left behind on this front.


Title: Re: Cryptojacking Malware Devs Sentenced to 20 Years in Prison
Post by: eaLiTy on December 12, 2019, 05:10:14 PM
Got any more info than that? According to the ZDNet article their slip-up was actually more technical in nature:
The first failure of these hackers were they were using the same modus operandi for a long time and even though they were using VPN to mask their identity the time they were active will breach those identity even with the level of security they were having as they took things easily with two VPN, the problem with these is that when you log into the VPN you are exposed to your initial address and they capture those logs even if they tell you they do not have any logs and voila the FBI has those details and that is how they captured the digital proofs and when they monitored their transactions they knew that every transaction is cashed out using fake identity and hence the FBI was stationed to snatch the people who were cashing out the wire transaction and if you look at the case one individual accepted the crime and he will be a pardoned-witness and he wont be getting the same sentence as others because he helped the FBI to crack the entire case.