Romanian hackers pose increasing international threat

22/05/2008

The much touted case of Romanian hacker Vladuz who taunted e-Bay for years is just the tip of the iceberg of a phenomenon in Romania. It is drawing the attention of international authorities and the media.

By Paul Ciocoiu for Southeast European Times in Bucharest – 22/05/08

Romanian hackers are targeting foreign victims. [File]

It took US authorities years to catch Romanian hacker Vladuz, whose real name is Vlad Constantin Duiculescu, a young gymnasium-school graduate from Bucharest, who illegally accessed the e-Bay database from 2005 to 2007 and caused $2m in damage to the online sales site.

The US Secret Service notified Romanian authorities as far back as 2005 concerning the online sale of an application that contained the source code for the log-in internet page of e-Bay.com, and requested the user account and the password. E-Bay representatives tried to identify who the seller was by pretending to be an interested buyer for the application.

Just last month, Vladuz was arrested in a joint operation by the Romanian anti-organised crime unit and the Home Intelligence Service. He told the judge that he hacked the e-Bay servers because he wanted to be famous and had abandoned school because he had nothing to learn there.

This is just the latest case in a series of online frauds originating in Romania. The Internet Fraud Complaint Centre receives hundreds of notifications daily, most of them concerning cyber attacks coming from Romania.

Last year, US authorities accused Romanian Florin Fechete of stealing more than $120,000 from three people in a scam where he allegedly sold them goods that they never received. According to a federal prosecutor in Illinois, Fechete was also part of a network which, between November 2003 and August 2006, deceived more than 2,000 people out of $5m.

The foreign press has started to focus on this growing phenomenon. The Washington Post recently covered a case in which Romanian hackers targeted 2,000 corporate executives in identity-theft scams. A bogus e-mail sent to the executives masqueraded as a subpoena that ordered them to appear in court. The e-mails contained an add-on, a component created to steal usernames and passwords the victims used later, when accessing a bank site.

According to the Los Angeles Times, a group of hackers in Dragasani, Romania, which has been dubbed the internet fraud centre, was targeted by e-Bay anti-fraud experts and Secret Service agents. Almost 500 hackers in Dragasani put the town hall and local schools and churches up for sale on the internet, and even a MIG air fighter, according to the local media. Police said they had hundreds of files under investigation, but there is little they can do, because most of the foreign victims refuse to be part of a lawsuit in Romania.

The largest internet fraud ever committed occurred in the spring of 2007, according to a report in The Wall Street Journal. Romanian hackers compromised the database of US trade company TJX and stole over 40 million records about its customers.