A break finally came when a Bayrob participant accidentally logged into his personal email instead of his criminal one. AOL, who was investigating his abuse of their network, connected the two accounts. That personal account led to online profiles in Romania and on social media—essentially the first action tying one of the suspects to the crimes.
That small mistake helped set investigators, in partnership with the Romanian National Police, on a path toward discovering the identities of all three hackers. And after much further investigation, including undercover buys from the group on Darknet marketplace Alphabay, the FBI had enough evidence to work with Romanian authorities on the arrests.
By the time the hackers were arrested in 2016, the Bayrob Group had become one of the top senders of malicious email.
“We were essentially taking down this entire infrastructure and arresting the three individuals at one time,” Macfarlane said. “And the Romanian National Police were key partners in this effort. They stuck with us year after year. We couldn’t have done this without them.”
Bayrob Group members Bogdan Nicolescu and Radu Miclaus were both convicted on wire fraud, money laundering, and identity theft charges. In December 2019, Nicolescu was sentenced to 20 years and Miclaus to 18 years in prison.
A third member of the group, Tiberiu Danet, pleaded guilty to similar charges. He was sentenced in January to 10 years in prison.
While it was years in the making, putting a stop to these prolific thieves was worth the time and effort for the investigators—even when the hackers were as elusive as a gangster on the run.
“We stuck with it because these guys weren’t stopping,” Macfarlane said. “They continued to evolve, and they were becoming a bigger and bigger threat.”
Although many of the victims had no way of knowing their computers were compromised, there are steps you can take to protect yourself and your devices, such as making sure your antivirus and operating systems are always up to date. Also be careful of what you click on, even if it’s coming from someone you know.
“A lot of people don’t think that someone they know will be compromised,” said FBI Special Agent Stacy Diaz, who also worked on the case. “These hackers know how social networks work, and they use those relationships to grow their network.”