Romeo Vasile Chita, $4M Cyber Fraud, Ohio 2023

A Romanian national, Romeo Vasile Chita, 38, was returned to the United States on Friday to face federal charges that accuse him of being the leader of an international cyber fraud ring that used malware to steal in excess of $4 million after taking people’s passwords, personal identifying information, and bank account information.

Chita was charged in a four-count indictment unsealed in U.S. District Court in Cleveland, Ohio. The charges include racketeering, wire fraud conspiracy, conspiracy to launder money, and conspiracy to traffic in counterfeit services.

“Romeo Vasile Chita allegedly led a multinational criminal enterprise that stole sensitive personal data through deceptive phishing emails and organized fraudulent online auctions, causing millions of dollars in losses to innocent victims,” said Assistant Attorney General Benczkowski. “The Criminal Division will continue to work with our law enforcement partners, both domestic and international, to aggressively disrupt and dismantle international cyber criminal organizations that victimize our citizens and businesses.”

According to the indictment, Chita was based in Romania and led a racketeering enterprise that operated in the United States, Romania, Canada, Croatia, Latvia, Hungary, Bosnia, China, Jordan, Malaysia, and elsewhere. The goal of the enterprise was to generate money through various criminal acts, including wire fraud, trafficking in counterfeit services, and money laundering. It began operating as early as 2007.

Among other things, Chita’s group sent “phishing” emails purporting to be from the Better Business Bureau, the IRS, U.S. Tax Court, the National Payroll Records Center, and others. When a victim clicked on a link in a fraudulent email, specialized malware incorporating a “keylogger” was installed onto the victims’ computers, allowing members of the criminal enterprise to capture sensitive and confidential information, including the victims’ bank account information.

The conspirators, including Chita, then transmitted the sensitive information to each other and others for the purpose of fraudulently withdrawing funds from the victims’ bank accounts. The stolen funds were then transferred to specific accounts in the United States, where the money was withdrawn and transferred to other members of the conspiracy. The conspirators used their own network of accounts and “money mules” to transfer hundreds of thousands of dollars at a time to conceal the origin of the money.