You have reached your limit of free articles this month.

Enjoy unlimited access to myDaytonDailyNews.com

Starting at just 99¢ for 8 weeks.

GREAT REASONS TO SUBSCRIBE TODAY!

  • IN-DEPTH REPORTING
  • INTERACTIVE STORYTELLING
  • NEW TOPICS & COVERAGE
  • ePAPER
X

You have read of premium articles.

Get unlimited access to all of our breaking news, in-depth coverage and bonus content- exclusively for subscribers. Starting at just 99¢ for 8 weeks

X

Welcome to myDaytonDailyNews.com

This subscriber-only site gives you exclusive access to breaking news, in-depth coverage, exclusive interactives and bonus content.

You can read free articles of your choice a month that are only available on myDaytonDailyNews.com.

How the bad guys did it: Thousands of Ohioans hacked, up to $35M stolen


One errant button click. That’s all it takes for a computer or mobile device to be infected or hacked.

Just by getting people to click on malicious e-mail attachments, an international crime ring set in motion a scheme that infected more than 60,000 individual computers, sent out 11 million malicious emails and defrauded people of up to $35 million, according to federal authorities and security experts.

The case illustrates that malicious software lurks in cyberspace, disguised as innocent-looking links and programs.

It also underscores the fact that consumers have little room for error online, considering their devices and personal information are at stake.

“You as a consumer — you have to be right every time,” said Mike Tobin, spokesman with the U.S. Attorney’s Office for the Northern District of Ohio. “You click on something once, and you’re hit with it.”

RELATED: These passwords will get you hacked

The e-mails looked legitimate, as they so often do in criminal hacking cases.

They purported to be from Western Union, Norton and the IRS. The messages contained attachments, alleging to be cash receipts and other notices.

But when people clicked on the attached files, they unknowingly installed malicious software on their devices, which was dubbed the “Bayrob Trojan,” according to the U.S. Attorney’s Office for the Northern District of Ohio.

The Bayrob Trojan allowed a group of Romanian nationals to infect between 60,000 and 160,000 computers and send out 11 million malicious emails, according to Symantec, a leading cybersecurity firm that assisted authorities with the case.

The victims, which included residents from many Ohio communities, were defrauded of at least $4 million, federal authorities said. Symantec says the losses actually could be as much as $35 million over eight years.

RELATED: Millions feel the sting of identity theft

The malicious software obtained people’s stored contacts and sent out infected e-mails or instant messages to those targets.

The Trojan also allowed the suspects to intercept user names and passwords and helped them steal the credit card information of more than 500 people, authorities said.

When victims would try to log onto Facebook, PayPal, eBay and other websites, they were redirected to nearly identical but fake sites created by the hackers, authorities said.

When victims tried to purchase goods that were listed on the phony pages, they were charged for items they never received, court documents show. The malware helped steal people’s login credentials and passwords.

“The group is responsible for stealing up to $35 million from victims through auto auction scams, credit card fraud and computer intrusions,” Jeff Greene, senior director of government affair and policy with Symantec Corp., told a Congressional subcommittee earlier this month.

RELATED: Identity theft victims tell their stories

Last year, Romanian nationals Bogdan Nicolescu, Tiberiu Danet and Radu Miclaus were extradited to the United States after being arrested overseas.

They were charged with conspiracy to commit wire fraud, money laundering and trafficking in counterfeit service marks.

They also were charged with aggravated identity theft and wire fraud.

The Bayrob malware had multiple versions that evolved from online fraud to a botnet of 300,000 computers that primarily mined digital currency at the victims’ expense, Greene said.

Botnets are networks of private computers infected with malicious software that are controlled as a group without their owners’ knowledge.

Symantec through a decade-long research campaign helped uncover the Bayrob crime ring and assist federal and Romanian authorities build their case against its members, Greene said.

The gang recruited money mules and went to great lengths to make the scams appear legitimate, officials said.

Their fake eBay pages included fictitious feedback about sellers, and they set up phony phone lines and voicemail service to string victims along until their payments went through, according to Symantec.

Technology is wondrously useful, but it also gives criminals in distant places, like Romania, opportunities to trick and steal from Ohioans, Tobin said.

“You rob banks, because that’s where the money is,” Tobin said. “Well, the money is now on our phones and our computers.”

Ohio Attorney General Mike DeWine urges Ohioans to be cautious when they connect to and browse the Internet.

DeWine, who was not speaking about this particular case, said citizens should ignore and delete links and messages from unknown sources and be wary of messages directing people to verify an account or enter their passwords.

“If you don’t know what something is before you click it, don’t click it,” DeWine said. “Don’t automatically click things.”

MORE: Hacking the ballot: How safe is your vote?



Reader Comments ...


Next Up in Local

Author J.D. Vance returns to Middletown for grads, reveals plans
Author J.D. Vance returns to Middletown for grads, reveals plans

Middletown High School graduate and internationally famous author J.D. Vance closed a highly personal circle in his life Tuesday when he delivered the commencement speech to graduates from his former school. But before he took the stage in front of the overflowing audience at Princeton Pike Church, Vance talked exclusively with the Journal-News. The...
Memorial Day weekend means ‘Click It or Ticket’ campaign in full force
Memorial Day weekend means ‘Click It or Ticket’ campaign in full force

The Ohio Highway Patrol is enforcing the "Click It or Ticket" program heavily this holiday weekend. To combat the increase in the possibility of accidents because of heavy traffic brought on by Memorial Day, seat belt focus will be emphasized by troopers until the end of May.  "Troopers see the deadly results that follow when motorists...
4 Miami Twp. businesses busted for alcohol sales to underage customers
4 Miami Twp. businesses busted for alcohol sales to underage customers

Four retail liquor establishments in Miami Twp. have been accused of selling alcohol to minors, the Miami Twp. Police Department said in a statement Tuesday afternoon. The names of the businesses have not been released, but police department officials said a supervised compliance check of 11 "places that distribute alcohol" turned up the...
Adult court may await accused shooter of Fairmont teen in homicide
Adult court may await accused shooter of Fairmont teen in homicide

Two psychologists are among 12 listed witnesses who may testify today at a hearing to see if a 17-year-old will face adult murder charges in the Sept. 4 fatal Kettering shooting of a Fairmont High School junior. Both defense counsel for Kylen Jamal Gregory of Kettering and prosecutors seeking to try him as an adult in the homicide of 16-year-old Ronnie...
Mom, boyfriend under investigation for putting her son in car trunk
Mom, boyfriend under investigation for putting her son in car trunk

A 10-year-old boy found in the trunk of a car in Darke County on Monday night has prompted a criminal investigation focused on the actions of his mother and her boyfriend.  A passer-by, who saw what appeared to be someone putting a child in the trunk of a four-door sedan about 8:30 p.m., called 9-1-1 and followed the car until sheriff's deputies...
More Stories