Young cyber-terrorists hold top US firms to ransom in Transylvania

[InfoSec News <isn () c4i org>]

Forwarded from: William Knowles <wk () c4i org>

http://www.sundayherald.com/34961

Gabriel Ronay
29 June 2003

Several top American companies have been blackmailed to the tune of 
$50,000 a head by Romanian hackers practising 'cyber- terrorism' from 
the backwoods of Transylvania. Astonishingly, the cyber wizards who 
penetrated the databases of security-conscious corporate America 
turned out to be a group of Romanian high school drop-outs, work-shy 
provincials and students manquZ.

Romania is not exactly in the vanguard of the high-tech revolution and 
the medieval Transylvanian town of Sibiu, the hub of the daring 
hacking operation, has hitherto been better known as the birthplace of 
Vlad Dracula the Impaler than the new Silicon Valley of the Balkans.

The modus operandi of the Sibiu 'cyber terrorists,' as they have been 
nicknamed by the FBI, was simple enough: they would hack into the 
server of a big US company, access their protected database, download 
clients' personal files and then demand $50,000 for not publishing the 
confidential documents on the internet.

The young hackers' work paid so well that last April the targeted US 
companies sought the help of the FBI to get on the trail of the 
blackmailers. The ripped-off companies have not been named for fear of 
alarming their clients.

In an operation involving the Special Investigations Unit of the 
Romanian Supreme Court, the directorate-general for combating 
organised crime and drugs trafficking and the Bucharest-based regional 
centre for the trans-border fight against organised crime, officers of 
the FBI tracked the cyber blackmail gang to Sibiu in the Carpathian 
mountains.

In order to identify the blackmailers, two further transfers of ransom 
money from America to Romania were 'overseen' by the FBI and Romanian 
investigators. Upon the lifting of a tranche of $3600 in Sibiu, the 
authorities pounced.

Last week, general Dan Fatuloiu, the deputy director of the 
directorate-general for combating organised crime and drugs 
trafficking revealed that, after two months of surveillance, two 
members of the gang were caught red-handed as they withdrew $3600 with 
a number of credit cards from a specially set up account where the 
blackmailed US firms had been instructed to deposit the payoff.

He named them as Stefan Olaru, aged 21, a high school pupil, and 
Sebastian Nicolae Zeicu, an unemployed man of 25. An investigating 
magistrate helpfully explained that Olaru, 'still a pupil owing to 
certain disciplinary exclusions from school', was the leader of the 
'cyber-terrorists' and the mastermind of the entire heist.

He named the other members of the gang as Florin Lomnasan, a high 
school pupil aged 19, Loredana Nastase, an 18-year-old unemployed 
worker, Emilian Militaru, a student aged 25, and Vasile Somfalean, a 
cyber cafe manager aged 25. They were all charged with complicity in 
blackmail and aiding and abetting cyber crimes.

Olaru was specifically charged with unauthorized accessing of the 
servers of US firms, illegal downloading of confidential files and 
blackmailing the companies. He used the cyber cafe managed by 
Somfalean to carry out the alleged internet crimes. Fatuloiu added 
that Olaru, who controlled the entire operation, faced a number of 
further serious charges.

Loredana Nastase's job was to open an account for the extorted money. 
Sebastian Nicolae Zeicu's task was to withdraw the deposited blackmail 
money from ATMs in Sibiu. Florin Lomnasan and Sebastian Nicolae Zeicu 
were separately charged with the receivership of the American ransom 
money.

Olaru and Zeicu, caught red-handed with some of the blackmail money, 
are being kept for 30 days in a local jail for further investigation. 
To the horror of the Americans, the other members of the cyber terror 
gang have been released on bail.

Somewhat surprisingly, Olaru and his merry 'cyber gangsters' are seen 
locally as some sort of Transylvanian Robin Hoods, who, despite their 
obvious Balkans handicaps, almost managed to beat the authorities of 
the world's most technologically advanced country.

For Romanians at large the Sibiu hackers are the heroes of our time 
and their heist no more than 'a nice little earner'. The fact that 
they had broken the law and resorted to a little injudicious 
blackmailing is being overlooked as the tens of thousands of dollars 
they took from corporate America fits the popular attitude summed up 
in the Bucharest saying: 'Let the rich pay'. 



*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.