Romanian Hackers Extradited to U.S. over $18M Vishing Scam

The two have been arraigned in a Georgia district court on charges relating to an elaborate voice- and SMS-phishing (i.e., vishing/smishing) scheme.

A pair of Romanian hackers have been extradited to the U.S. after allegedly bilking unwitting victims out of more than $18 million in an elaborate voice- and SMS-phishing (i.e., vishing/smishing) scheme.

Teodor Laurentiu Costea and Robert Codrut Dumitrescu were named in the 31-count federal grand jury indictment on August 16 last year; they were arraigned last week in the Northern District of Georgia following their extradition. Another co-defendant, Cosmin Draghici, is in custody in Romania awaiting his own extradition to the U.S. They face federal charges of wire fraud conspiracy, wire fraud, computer fraud and abuse, and aggravated identity theft.

“While in Romania, the defendants allegedly targeted victims throughout the U.S., including in the Northern District of Georgia, stealing personal information and possibly causing millions of dollars in losses,” said U. S. Attorney Byung J. “BJay” Pak. “These extraditions send a strong warning to cybercriminals and fraudsters worldwide, that we, along with our law-enforcement partners, will work tirelessly to bring you to justice.”

Pak said that from October 2011 until February 2014, Costea and Dumitrescu lived in Ploiesti, Romania but allegedly spent their time compromising vulnerable computers in the U.S. from which they mounted an automated vishing and smishing scam. The court documents allege that they installed interactive voice response software on victim computers in the Atlanta area to initiate thousands of automated telephone calls and text messages to victims across country. Those messages purported to be from a financial institution and directed victims to call a telephone number due to a supposed problem with their respective financial account.

When victims called the telephone number, they were prompted by the IVR software to enter their bank account numbers, PINs, and full or partial Social Security numbers. The stolen account numbers were stored on the compromised computers and then accessed by Costea and Dumitrescu, who then allegedly sold or used the fraudulently obtained information with the assistance of Draghici.

At the time of his arrest in Romania, Costea possessed 36,051 fraudulently obtained financial account numbers, the court documents alleged.

“Our message to the victims of cyber-fraud is that the FBI won’t let geographic boundaries stop us from pursuing and prosecuting the persons who cause them tremendous financial pain,” said David LeValley, special agent in charge of FBI Atlanta. “Our message to the perpetrators of these crimes is that cybercriminals cannot hide in the shadows of the internet. We will identify them and bring them to justice.”

Suggested articles

It’s Not the Trump Sex Tape, It’s a RAT

Criminals are using the end of the Trump presidency to deliver a new remote-access trojan (RAT) variant disguised as a sex video of the outgoing POTUS, researchers report.

biggest headlines 2020

The 5 Most-Wanted Threatpost Stories of 2020

A look back at what was hot with readers — offering a snapshot of the security stories that were most top-of-mind for security professionals and consumers throughout the year.