Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Crime

The Rise and Fall of the Bayrob Malware Gang (zdnet.com) 54

Three Romanians ran a complicated online fraud operation -- along with a massive malware botnet -- for nine years, reports ZDNet, netting tens of millions of US dollars, but their crime spree is now over. But now they're all facing long prison sentences.

"The three were arrested in late 2016 after the FBI and Symantec had silently stalked their malware servers for years, patiently waiting for the highly skilled group to make mistakes that would leave enough of a breadcrumb trail to follow back to their real identities."

An anonymous Slashdot reader writes: The group started from simple eBay scams [involving non-existent cars and even a fake trucking company] to running one of the most widespread keylogger trojans around. They were considered one of the most advanced groups around, using PGP email and OTR encryption when most hackers were defacing sites under the Anonymous moniker, and using multiple proxy layers to protect their infrastructure. The group operated tens of fake websites, including a Yahoo subsidiary clone, conned and stole money from their own money mules, and were of the first groups to deploy Bitcoin crypto-mining malware on desktops, when Bitcoin could still be mined on PCs.

The Bayrob group was led by one of Romania's top IT students, who went to the dark side and helped create a malware operation that took nine years for US authorities and the FBI to track and eventually take down. Before turning hacker, he was the coach of Romania's national computer science team, although he was still a student, and won numerous awards in programming and CS contests.

This discussion has been archived. No new comments can be posted.

The Rise and Fall of the Bayrob Malware Gang

Comments Filter:
  • by Anonymous Coward

    hackers, and other criminals:

    Ensure your collegiate performance is dead average, because after this they will be keeping a file on you if you are top 10-25 percent. Better yet don't go to school at all so they won't have a public record of homework submissions they can mine to look for patterns matching up in your malware code either.

    These apply to anyone who teetering on the bring. If you might EVER do a criminal act, you need to start preparing now, because otherwise by the time you do, you won't be able

  • by gweihir ( 88907 ) on Monday April 15, 2019 @02:56AM (#58438650)

    I would have considered that standard procedure. At work, it is completely standard for anything confidential.

    • Comment removed based on user account deletion
      • by Anonymous Coward

        None of the places I have worked uses pgp. And how many public anouncements have you seen that have a pgp signature?

        Most companies think 'zip' is encryption.

        To be fair, most people are idiots when it comes to crypto or security. That said, popular zip programs have 256-bit AES encryption, and since I'm forced to use encryption schemas that are FIPS compliant, it qualifies.

        I've deployed PGP twice now in two different companies. Not just PGP desktop either. Those who aren't idiots understand the value-add, and in one case, we were asked to by our customer who wisely wanted to communicate securely.

      • by gweihir ( 88907 )

        Not everybody is terminally incompetent with regards to security. But many are, sure. That does not make competent use "advanced" though.

  • Okay, so don't do criminal shit for 9 years. Better cut it short at 5 years. Okay, got it.

    In other words, like all crime* - be unexpected, be awesome at it, and do it well enough that you have so much money you never need to do it again.

    * Doesn't include stock trading, banking, insurance - the rules are different there.

He who has but four and spends five has no need for a wallet.

Working...