Romanian gang used malware to defraud international money transfer firms
Romanian and French authorities have dismantled a cybercriminal network that infected computers at money transfer outlets across Europe and used them to perform illegal transactions.
The gang was also involved in the theft of credit card details through skimming, credit card cloning, money laundering and drug trafficking, Europol announced Thursday.
The gang, which was composed mostly of Romanian citizens, infected computers at copy shops that also operated as money transfer franchises in Austria, Belgium, Germany, Norway, the U.K. and other European countries. No details were released about how the computers were infected, but Europol said that the attackers used a remote access Trojan (RAT) program.
The Trojan allowed the gang’s members to control the compromised systems remotely and perform unauthorized transactions through them. The attackers used their illegal access to initiate fraudulent money transfers from fictitious senders to real recipients, who then withdrew the money from different money transfer outlets, primarily in Romania, the Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT) said in a press release.
According to DIICOT, the losses to a single unnamed money transfer franchisor exceeded US$800,000, but the total losses resulting from the gang’s activities are estimated at over €2 million (US$2.7 million).
Police in France and Romania executed 117 house searches Wednesday and seized large sums of money, luxury vehicles, IT equipment and other evidence. Over 115 individuals were questioned and 65 were detained following the raids.