Two Romanians plead guilty in Subway hack
Charged as part of a conspiracy that led to $10 million in Subway restaurant customer payment card losses
IDG News Service - Two Romanian men have pleaded guilty to participating in a $10 million scheme to hack into the computers of hundreds of Subway restaurants in the U.S. and steal payment card data, the U.S. Department of Justice said.
Iulian Dolan, 28, of Craiova, Romania, pleaded guilty Monday to one count of conspiracy to commit computer fraud and two counts of conspiracy to commit access device fraud, and Cezar Butu, 27, of Ploiesti, Romania, pleaded guilty to one count of conspiracy to commit access device fraud, the DOJ said.
Dolan and Butu were two of four Romanians charged in December in U.S. District Court for the District of New Hampshire with hacking Subway point-of-sale computers.
In his plea agreement, Dolan has agreed to be sentenced to seven years, and Butu has agreed to be sentenced to 21 months in prison.A
The two men, in their guilty pleas, acknowledged participating in a Romanian-based conspiracy, lasting from 2009 to 2011, to hack into hundreds of U.S. point-of-sale (POS) computers, the DOJ said. Co-conspirator Adrian-Tiberiu Oprea is in U.S. custody and awaiting trial in New Hampshire. The group used stolen payment card data to make unauthorized charges or to transfer funds from the cardholders' accounts, the DOJ said.
The scheme involved more than 146,000 compromised payment cards and more than $10 million in losses, the DOJ said.
During the conspiracy, Dolan remotely scanned the Internet to identify vulnerable POS systems in the U.S. with certain remote desktop software applications (RDAs) installed on them, the DOJ said. Using these RDAs, Dolan logged onto the targeted POS systems over the Internet.A The systems were often password-protected and Dolan attempted to crack the passwords to gain administrative access.A
He then installed keystroke logging software onto the POS systems and recorded all of the data that was keyed into or swiped through the POS systems, including customers' payment card data, the DOJ said.
Dolan electronically transferred the payment card data to various electronic storage locations, called dump sites, that Oprea had set up, the DOJ said. Oprea later attempted to use the stolen payment card data to make unauthorized charges on, or transfers of funds from, the accounts, the DOJ alleged, and he attempted to sell the stolen payment card data to other co-conspirators.A
Dolan stole payment card data belonging to approximately 6,000 cardholders, the DOJ said.A Dolan received $5,000 to $7,500 in cash and personal property from Oprea for his efforts, the DOJ alleged.
In his plea agreement, Butu said he repeatedly asked Oprea to provide him with stolen payment card data and that Oprea provided him with instructions for how to access the website where Oprea had stored a portion of the stolen payment card data, the DOJ alleged.
Butu later attempted to use the stolen payment card data to make unauthorized charges on, or transfers of funds from, the accounts.A He also attempted to sell, or otherwise transfer, the stolen payment card data to other co-conspirators. Butu acquired stolen payment card data from Oprea belonging to approximately 140 cardholders, the DOJ alleged.A
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is email@example.com.
- Deep Security +VMware vSphere with Operations Management Most midsize organizations are highly virtualized on VMware, and while this has produced significant savings, it also has created new challenges when it...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- DDoS Infographic: How Are Attacks Evolving? For the third consecutive year, Neustar surveyed businesses across major industries to track the evolution of DDoS attacks. Are they more frequent? Larger?...
- How to Use Crowd-Sourced Threat Intelligence to Stop Malware in its Tracks Threat sharing networks have been around for a long time, however they have typically been "invitation-only", available to only large companies, or those...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Malware and Vulnerabilities White Papers | Webcasts