14 DAY TRIAL // Thirty people were indicted in Romania last week in connection with an international VoIP fraud scheme that involved routing calls to premium numbers through hacked PBX systems.
The criminal operation lasted from October 2009 to December 2010 and, according to prosecutors from the Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT), was masterminded by two men named Catalin Zlate and Cristian Ciuvat.
The two are accused of building a network of individuals who hacked into VoIP systems belonging to companies from numerous countries including Romania, Russia, China, Australia and Peru, and used them to route calls to premium rate numbers set up in Austria, Zimbabwe, Bulgaria or Somalia.
The fraudsters earned money through affiliate programs, prosecutors estimating that their cut was around 10% from the value of the call. The total fraud is estimated at $11 million, out of which the gang earned over $500,000.
In February 2010, in an attempt to hide the source of the money and to eliminate intermediaries for increased profits, Zlate and Ciuvat set up a company in Belize and signed contracts directly with the owners of premium rate numbers.
The two were arrested by Romanian authorities along with 40 other individuals back in December. Out of those detained, thirty were officially put on trial last week on charges of adhering to an organized criminal group, obtaining unauthorized access to a protected computer system with the intent to obtain sensitive information, causing loss with intent to profit and unauthorized possession of computer hacking programs.
VoIP fraud is a very serious problem and one that can prove very costly to the victims. Back in February, Symantec discovered a botnet client designed specifically to brute force VoIP accounts in a distributed manner.
Premium rate numbers are a common monetization technique in the cybercriminal world. For example, mobile trojans that make unauthorized calls or send SMS messages have existed for years.
Last year we also reported about a scheme where SIM cards associated with phone contracts set up with stolen identities in UK were sent out overseas and put into automated dialing machines to call premium rate numbers.