Romania world's latest cybercrime hotbed
Computer-savvy criminals emerging as bold menace
By William J. Kole
Associated Press
Sunday, October 26, 2003 - BUCHAREST, Romania -- It was nearly 70 degrees below
zero outside, but the e-mail on a computer at the South Pole Research Center
sent a different kind of chill through the scientists inside.
"I've hacked into the server. Pay me off or I'll sell the station's data to
another country and tell the world how vulnerable you are," the message warned.
Proving it was no hoax, the message included scientific data showing the
extortionist had roamed freely around the server, which, according to Drew
Logan, didn't involve life-support systems. And the FBI subsequently issued a
statement concurring that "it does not appear that the life-support systems were
compromised when the extortion e-mail was received."
Nevertheless, said Gabrielle Burger, who runs the FBI's office in Bucharest and
is working with Romanian authorities to arrest suspects, "It's one of the
leading places for this kind of activity."
Law enforcement documents obtained by The Associated Press portray a loosely
organized but increasingly aggressive network of young Romanians conspiring with
accomplices in Europe and the United States to steal millions of dollars each
year from consumers and companies.
Their specialties: defrauding consumers through bogus Internet purchases,
extorting cash from companies after hacking into their systems, and designing
and releasing computer-crippling worms and viruses.
Alarmed authorities say the South Pole case underscores the global impact of
this new breed of cyber-outlaw.
Frustrated with the employment possibilities offered in Romania, some of the
world's most talented computer students are exploiting their talents online, the
U.S.-based Internet Fraud Complaint Center, run by the FBI and the National
White Collar Crime Center, says in a new report.
Computer crime flourished in Romania because the country lacked a cybercrime law
until earlier this year, when it enacted what may be the world's harshest. The
new law punishes convicts with up to 15 years in prison -- more than twice the
maximum for rape.
Varujan Pambuccian, a lawmaker and former programmer, helped draft the new law
after Romania's government realized the nation, which is racing to join the
European Union by 2007, was getting a bad online reputation.
"We want a good name for our country," he said. "I'm very angry that Romania is
so well-known for ugly things -- for street dogs, street children and hackers."
Pambuccian said there was a noticeable decline in criminal activity in the first
three months since the law took effect.
More than 60 Romanians have been arrested in recent joint operations involving
the FBI, Secret Service, Scotland Yard, the U.S. Postal Inspection Service and
numerous European police agencies.
They include the two suspects implicated in the South Pole extortion attempt
last May. Both are awaiting trial. Another Romanian pair was arrested on
suspicion of extorting cash from Integrity Media of Mobile, Ala., after
information on 30,000 credit card accounts was stolen in March.
Police say several hackers have been convicted, though in lower-profile cases.
Although the Russians are better known for online extortion, Romanians have
become major players in the scam, a specialty also favored by criminals from
Bulgaria, Poland and Slovenia.
Information technology is a Romanian forte dating to the former regime, when the
late dictator Nicolae Ceausescu saw computers as a way to advance communist
ideology. Software piracy took firm hold during the Soviet era, when Romanians
too poor to buy licensed software simply copied it.
Today, Romanians get their first computer lessons in nursery school.
Universities have top-notch IT programs whose graduates are heavily recruited by
Western companies. Microsoft Corp. recently acquired GeCAD, a leading Bucharest
data-security firm.
But all that know-how has spawned a dark side: Internet vampires who prey on
victims half a world away.
The classic scam: Offer high-end electronics or other goods for sale or auction,
take the order, confirm the shipment -- and simply vanish the moment the
consumer has wired payment.
The Internet Fraud Complaint Center said it gets hundreds of complaints daily
from defrauded Americans. Many cases trace to Romania, where criminals use
Internet cafes to elude capture and avoid leaving a digital trail to their home
PCs.
Some have developed Web pages that mimic legitimate sites such as eBay,
diverting them into the cyberspace equivalent of a back alley. Buyers think
they're dealing with eBay, but their money ends up in criminal hands and the
goods are never shipped.
The most brazen hack into protected corporate databases, where they copy
proprietary information and demand cash on threats of publishing the findings on
the open Internet.
This summer, authorities aided by FBI experts arrested six young Romanians in
the Transylvania town of Sibiu after they successfully extorted $50,000 from
several leading American corporations, which were not identified.
Virgil Spiridon, chief inspector of Romania's national police and head of a
newly launched computer crime task force, said authorities have intercepted
online traffic, tracked Internet headers and addresses, searched suspects' homes
and seized hard drives.
But Mihai Radu of Bucharest-based BitDefender, a data security company, says
criminals are smarter than local authorities. Romanian police asked BitDefender
to help track down a 24-year-old university student suspected of creating and
releasing a version of the crippling MSBlaster worm in August. The suspect, Dan
Ciobanu, has not been arrested but remains under investigation.
"The Romanian police aren't qualified," Radu said as young analysts in jeans,
T-shirts and sneakers disassembled strings of code to detect possible viruses.
"They don't have the tools, the skills, the software."
Pointing up the criminals' knack for staying one step ahead of the law, FBI
documents note that because consumers are reluctant to do business with
Romanians, some scammers have found accomplices in other countries. Others pass
themselves off as coming from elsewhere.
When police caught on that criminals were getting paid through Western Union
transactions, they switched to direct bank-to-bank transfers, which are trickier
to trace. Lately, they've set up bogus PayPal-style escrow accounts.
In an astonishing show of bravado, some cybercriminals dare even to toy with
those tracking them.
Radu recalls logging on to his PC at home, only to watch in horror as the cursor
moved independently around the screen and the CD-ROM tray slid in and out as
though possessed by a poltergeist. "I was hacked," he said. "There's a fight
between the dark side and the light side."
Gesturing toward BitDefender's football field-sized room of programmers, he
added cryptically: "They can do anything. If they weren't working for us, who
knows what they'd be up to."
