Careers & People
10/30/2017
10:35 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Romanian Men Convicted for Role in ATM Skimming Crew

HOUSTON – Two Romanian men have pleaded guilty for traveling to Houston to place card skimmers on ATMs and stealing money from bank accounts, announced Acting U.S. Attorney Abe Martinez.

Crisian Viorel Ciobanu, 30, of Romania, was part of a group that traveled to Pennsylvania, Virginia and Texas to steal money from victims’ bank accounts. In each state, Ciobanu and his co-conspirators used card skimmers to steal ATM card numbers as customers inserted their cards into the machines. They also used hidden cameras to record customers as they entered their PINs.

Armed with this stolen data, they then made their own fake ATM cards. They then used those fake cards and stolen PINs to withdraw at least $390,495.84 from customer accounts. Bogdan Mirel Constantin, 40, of Romania, joined the group in Houston.

Ciobanu pleaded guilty to conspiracy to commit access device fraud and aggravated identity theft. He faces up to 7.5 years for the conspiracy as well as a mandatory two years for the identity theft which must be served consecutively to any other sentence imposed. Constantin pleaded guilty to theft aggravated identity theft and faces the same two mandatory years in federal prison. The charges also carry a possible $250,000 maximum fine. They have agreed to pay full restitution. 

Ciobanu’s sentencing has been set for Jan. 8, 2018, before U.S. District Judge Ewing Werlein, while Constantin is set for Jan. 26, 2018. They will both remain in custody pending that hearing.

The FBI conducted the investigation. Assistant U.S. Attorney Michael Chu is prosecuting the case.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
121 Pieces of Malware Flagged on NSA Employee's Home Computer
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/16/2017
Mobile Malware Incidents Hit 100% of Businesses
Dawn Kawamoto, Associate Editor, Dark Reading,  11/17/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Managing Cyber-Risk
An online breach could have a huge impact on your organization. Here are some strategies for measuring and managing that risk.
Flash Poll
Surviving the IT Security Skills Shortage
Surviving the IT Security Skills Shortage
Cybersecurity professionals are in high demand -- and short supply. Find out what Dark Reading discovered during their 2017 Security Staffing Survey and get some strategies for getting through the drought. Download the report today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.