Two Romanian nationals thought to have been part of a gang that stole 500,000 credit cards from an Australian business have pleaded guilty to intercepting CCs from 150 US Subway restaurants.
The gang attacked both an unnamed Australian business and Subway by exploiting open remote desktop protocol (RDP) connections and planting keyloggers on payment terminals.
It was suspected the attack on the Australian business could result in more than $25 million in fraudulent transactions.
Iulian Dolan, 28, pleaded guilty to one count of conspiracy to commit computer fraud and two counts of conspiracy to confide access device fraud, and Cezar Butu, 27, pleaded guilty to one count of conspiracy to commit access device fraud.
A third man, Adrian-Tiberiu Oprea, is in US custody expecting trial. Dolan would try to crack the passwords of RDP servers and then install keyloggers onto the payment systems. Stolen CC data was channeled to online caches. He was responsible for stealing information from 6000 cardholders and was paid between $5000 to $7500 from Oprea.
The US Department of Justice has released a statement on the case.
