GAVRIL Sandu, 53, was extradited to the United States for his role in a cybercrime scheme carried out 17 years ago. According to the DOJ, he was indicted by a federal grand jury in 2017, arrested in Romania in January 2026, and extradited to the US in late April.
The alleged offences occurred earlier, between May 2009 and October 2010, when Sandu and others hacked into small businesses’ VoIP systems and deployed scripts to contact customers and steal sensitive information, including login credentials and payment card details. The DOJ says his part in the vishing operation included using the stolen information to clone payment cards and acting as a money mule to withdraw funds.
He remains in custody and faces up to 30 years in prison; Reid Davis, special agent in charge of the FBI in North Carolina, noted that “justice has no timeline.” This case stands out for the long gap between the alleged crimes and extradition, a feature highlighted alongside other Romanian-linked investigations.