The Rise and Fall of the Bayrob Malware Gang (zdnet.com) 54
Three Romanians ran a complicated online fraud operation -- along with a massive malware botnet -- for nine years, reports ZDNet, netting tens of millions of US dollars, but their crime spree is now over. But now they're all facing long prison sentences.
"The three were arrested in late 2016 after the FBI and Symantec had silently stalked their malware servers for years, patiently waiting for the highly skilled group to make mistakes that would leave enough of a breadcrumb trail to follow back to their real identities."
An anonymous Slashdot reader writes: The group started from simple eBay scams [involving non-existent cars and even a fake trucking company] to running one of the most widespread keylogger trojans around. They were considered one of the most advanced groups around, using PGP email and OTR encryption when most hackers were defacing sites under the Anonymous moniker, and using multiple proxy layers to protect their infrastructure. The group operated tens of fake websites, including a Yahoo subsidiary clone, conned and stole money from their own money mules, and were of the first groups to deploy Bitcoin crypto-mining malware on desktops, when Bitcoin could still be mined on PCs.
The Bayrob group was led by one of Romania's top IT students, who went to the dark side and helped create a malware operation that took nine years for US authorities and the FBI to track and eventually take down. Before turning hacker, he was the coach of Romania's national computer science team, although he was still a student, and won numerous awards in programming and CS contests.
"The three were arrested in late 2016 after the FBI and Symantec had silently stalked their malware servers for years, patiently waiting for the highly skilled group to make mistakes that would leave enough of a breadcrumb trail to follow back to their real identities."
An anonymous Slashdot reader writes: The group started from simple eBay scams [involving non-existent cars and even a fake trucking company] to running one of the most widespread keylogger trojans around. They were considered one of the most advanced groups around, using PGP email and OTR encryption when most hackers were defacing sites under the Anonymous moniker, and using multiple proxy layers to protect their infrastructure. The group operated tens of fake websites, including a Yahoo subsidiary clone, conned and stole money from their own money mules, and were of the first groups to deploy Bitcoin crypto-mining malware on desktops, when Bitcoin could still be mined on PCs.
The Bayrob group was led by one of Romania's top IT students, who went to the dark side and helped create a malware operation that took nine years for US authorities and the FBI to track and eventually take down. Before turning hacker, he was the coach of Romania's national computer science team, although he was still a student, and won numerous awards in programming and CS contests.
Hint for future malware writers... (Score:2, Interesting)
hackers, and other criminals:
Ensure your collegiate performance is dead average, because after this they will be keeping a file on you if you are top 10-25 percent. Better yet don't go to school at all so they won't have a public record of homework submissions they can mine to look for patterns matching up in your malware code either.
These apply to anyone who teetering on the bring. If you might EVER do a criminal act, you need to start preparing now, because otherwise by the time you do, you won't be able
Re: (Score:2)
Bullshit. That's not how they were tracked down. RTFA
Using PGP is now "advanced"? (Score:5, Informative)
I would have considered that standard procedure. At work, it is completely standard for anything confidential.
Re: (Score:2)
Re: (Score:1)
None of the places I have worked uses pgp. And how many public anouncements have you seen that have a pgp signature?
Most companies think 'zip' is encryption.
To be fair, most people are idiots when it comes to crypto or security. That said, popular zip programs have 256-bit AES encryption, and since I'm forced to use encryption schemas that are FIPS compliant, it qualifies.
I've deployed PGP twice now in two different companies. Not just PGP desktop either. Those who aren't idiots understand the value-add, and in one case, we were asked to by our customer who wisely wanted to communicate securely.
Re: (Score:3)
Re: (Score:2)
Not everybody is terminally incompetent with regards to security. But many are, sure. That does not make competent use "advanced" though.
Re: (Score:2)
The tor "onion" network mode goes through 6 proxies. So what? This is some pretty old state-of-the art.
Re:Romainian == Gypsy (Score:5, Informative)
Loads of Romanians are not part of the ethnic group of gypsies or "Roma". And it's been racists like you who have contributed to a lot of the problems with the ones that are gypsies, or Roma. Members of those groups are doing quite well in a lot of countries. But they are thoroughly marginalized in Romania and other Eastern European countries where they are living below subsistence level and are forced to be criminals just to survive. As this has been going on for centuries, it's become a vicious cycle: they are discriminated against for being criminal when distrust and exile forced them into it in the first place. Or vice versa - who can tell after centuries?
Re: (Score:1, Interesting)
are forced to be criminals just to survive.
Its a choice, Finland ran a small experiment on them giving them jobs; utter failure, they didn't show up for work after a few days
Re: (Score:1)
As much as I despise most of Hitler's agenda, he was right about the gypsies. Gypsies deserve to be thrown into the gas chambers and then incinerated. Gypsies cause nothing but pain and misery for non-gypsies. And gypsies are non-reformable. Given the choice of honest work or grifting, and gypsy will always choose grifting. I can say nothing good about a gypsy. Nothing.
Re:Romainian == Gypsy (Score:4, Informative)
Members of those groups are doing quite well in a lot of countries.
LOL! Please tell me 2/two countries where Gypsies integrated / "do quite well" by any standard. That means the majority of the population taking a job, going through the education system, etc.
But they are thoroughly marginalized in Romania and other Eastern European countries where they are living below subsistence level and are forced to be criminals just to survive
Nobody is forcing anyone in Eastern Europe to be criminal, that's a ridiculous claim. So many Gypsies in Eastern Europe live in poverty because those countries are, by European Union standards, quite poor themselves. A lot of people there live in poverty - some of them are Gypsies.
Re: (Score:2)
Ah yes. Nice of you to leave out her name. But here is the more detailed information: https://en.wikipedia.org/wiki/... [wikipedia.org]
Readers here can now verify your claims.
Re: (Score:1)
lies, gypsies are integrated in 2 countries
imaginary country 1
and
imaginary country 2
pd, fuck gypsies
Re: (Score:2)
So many Gypsies in Eastern Europe live in poverty because those countries are, by European Union standards, quite poor themselves.
That is a common misunderstanding, touted by the government and other parties responsible, to excuse their own behaviour.
"The World Bank report indicates that Roma in Romania are "poor, vulnerable and socially excluded" (28 Feb. 2014, 5). A report produced by the European Union Agency for Fundamental Rights (FRA) and the United Nations Development Program (UNDP) that "draws on the results of the UNDP/World Bank/ European Commission regional Roma 2011 survey [4]", reports that approximately 81 percent of Rom
Re: (Score:2)
Nobody is forcing anyone in Eastern Europe to be criminal, that's a ridiculous claim. So many Gypsies in Eastern Europe live in poverty because those countries are, by European Union standards, quite poor themselves. A lot of people there live in poverty - some of them are Gypsies.
Poverty IS the major cause of crime.
There's no better proof of that than observing exact same practices as done by the poor and by the rich.
In the case of the poor it's a crime.
In the case of the rich, at worst it's a "legal issue". At best it's "aggressive and shrewd business practice".
And that's disregarding the epigenetic burden of generations of poverty (all them fun diseases that weren't really a burden on poor people before all food became cheap processed carbs and fats), inherited psychological [wikipedia.org] traum [nih.gov]
Re: (Score:3)
Disclaimer: Romanian here.
It's more complicated than this. It is true that Gypsies have been marginalized for a long time. It's not really clear whether the marginalization is a cause or an effect. After studying the subject for quite some time, I am inclined to say it's both - kind of like egg-versus-hen. Nobody could tell which was first.
The bigger problem is that efforts to integrate Gypsies have failed. Particular success cases do exist, but all of them (from what I have researched) are based on a genui
Re: (Score:1)
"Romanian" is politically correct European euphemism for gypsies. Yes, the same filthy gypsies that you see hanging around airports and train stations in Europe, waiting to steal your luggage, laptop, or pick your pocket. Gypsies are inbred genetic scum, inbreeding century after century to produce the perfect genetic criminal without a trace of empathy for their fellow man. The are unreformable, and adept at every form of criminal activity imaginable: prostitution, gambling, welfare fraud, home services scams, check forgery, and burglary.
No, you are wrong. Gipsys is more of a life style, a culture and a tradition. There are gipsies in many countries. Romanian people are not gipsies. Gipsies are a minority in Romanian, and the the Romanians don't like them anymore than you do.
The Bayrob gang are an elite group of Romanians, they are not gipsies. Gipsies could never accomplish what these Romanians have.
Re:Romainian == Gypsy (Score:5, Interesting)
The Roma name was applied when they were falsely thought to have originated in Romania. Though at the time, during the Cold War, that nation was unable to object, today's Romania wants no more to do with them than does any other part of Europe.
The English word comes from an even earlier era, when they were falsely thought to have come from Egypt.
Re: (Score:2)
Absolutely wrong. "Roma" in their own language means "men". The word has nothing to do with the city of Rome/Roma (where Romania's name comes from) - it is just a coincidence.
Re: (Score:2)
"Romanian" is politically correct European euphemism for gypsies.
Not in the UK. Here the euphemism is "The travelling community" even though they only travel when they are moved on by a court order. I say "euphemism", but the word "community" is now so over-used for any crap that it acts negatively with me, but perhaps that's just me. I believe the gypsies (the true ones, not general drop-outs), call themselves "Romany".
Re: (Score:2)
Most "Travellers" in the UK are probably Irish Travellers, not Romany "gypsies".
Lesson learned (Score:2)
Okay, so don't do criminal shit for 9 years. Better cut it short at 5 years. Okay, got it.
In other words, like all crime* - be unexpected, be awesome at it, and do it well enough that you have so much money you never need to do it again.
* Doesn't include stock trading, banking, insurance - the rules are different there.
Re: (Score:2)
"Bayrob" in English, according to Google Translate.
So that explains the name.
Bayrob was founded by a guy named Rob, who liked to sit at the bay.