$365,000 dark net phishing scam leads to guilty plea from U.S. hacker

A Connecticut man pleaded guilty to charges of phishing against criminal dark web markets in a scheme that eventually obtained over $365,000 and more than 10,000 stolen user credentials.

Michael Richo, 35 of Connecticut, pleaded guilty on Tuesday in Hartford federal court to hacking and money laundering offenses.

Richo's scheme is familiar to any dark net denizen: In forums on the dark net, he posted fake links to dark net markets where illicit goods and services are on sale. He built fake login pages to fool victims and steal their credentials. Richo then monitored the compromised accounts and withdrew any bitcoin deposited into them before it could be spent. It ended up being deposited in his own bitcoin wallet.

"Richo then sold the stolen bitcoins to others in exchange for U.S. currency, which was deposited into bank accounts that RICHO controlled or was provided to him through Green Dot Cards, Western Union transfers, and MoneyGram transfers," according to a Justice Department release.

AlphaBay, the most popular of extant dark net markets, has dealt with phishing attacks for years. The site's administrators blamed victims for "their own stupidity" when complaints of phishing began to rise earlier this year.

Tracking bitcoins to real money is big business. Firms like Chainalysis and Elliptic work with law enforcement and major enterprises around the world to track and analyze virtual currency through the blockchain and outside of it. It's not clear what if any private firm was involved in the Richo case.

Richo tried to use "Bitcoin Fog" -- a cryptocurrency "tumbler" that mixes coins from various sources with the intention of hiding their tracks -- according to police, before sending the currency to his wallet on LocalBitcoins.com.

Richo had been under investigation since 2013. Police searched his home and arrested him in 2014.

An "access device fraud" charge for the phishing carries a maximum sentence of 10 years, while a money laundering charge could result in a 20-year sentence. A guilty plea will likely significantly reduce Richo's sentence, which will come Sept. 28 from U.S. District Judge Vanessa L. Bryant.

Phishing for dark net credentials is a crime as old as the dark net itself. Phishers target "normal" websites like Wikipedia as well as underground criminal forums -- any digital gathering space, it seems, is a venue for the tactic.

[clearnet] https://www.cyberscoop.com/hacker-pleads-guilty-to-phishing-dark-net-market-crooks-for-over-365000/


Comments


[27 Points] murderhomelesspeople:

But how did the investigation against him even start? My guess is LE actually managed to get themselves phished, LE are noobs.


[14 Points] shillface:

So bitcoinfog is broken?


[5 Points] Jay-__:

Would be hilarious if that guy had a connection with this one:

https://www.reddit.com/r/DarkNetMarkets/comments/6hfabc/alphabay_are_scammers/

Edit: aw, too bad, dude from OP was arrested 2014. :/


[5 Points] MotherSuperieor:

Im suprised that LE is devoting resources to protect people out there using DNM's. Screw this asshole.


[4 Points] penguinmixer:

There was some discussion a few months ago about this guy on The Hub. He was running his hidden service phishing sites on his home computer. Maybe he either misconfigured them (so they leaked the IP address) or they were located as part of Operation Onymous. The criminal complaint seems to indicate that he told LE about the usage of Bitcoin Fog (as well as explaining the other aspects of his operation...some known and some unknown to LE at the time) during the search warrant / interview at his home.


[2 Points] WeedAndLsd:

Anyone know how he got caught?


[2 Points] That_Guy_389:

So I'm not trying to defend this guy at all but he scammed people out of money that they intended to purchase illegal goods with.... how is he being charged with fraud? If a vendor sells you fake blow can he go to jail for fraud lol?

I know he committed a fraud but how do you charge one guy with a crime and ignore the other?


[1 Points] NODestructionF:

From the info I can gather from this complaint: https://www.scribd.com/document/326885226/RICHO-Phising-Complaint

It looks like he was probably blabbing about his operation, or maybe the amount of money he was depositing maybe set off some alarms. Can't exactly tell, as the investigator was unspecific.


[1 Points] Raptor555:

This is legit. Found the case on the court's server.

Case# 3:17-cr--VLB Plaintiff: USA Defendant: RICHO, MICHAEL Count 1: PRODUCES/TRAFFICS IN COUNTERFEIT DEVICE; ACCESS DEVICE FRAUD Count 2: MONEY LAUNDERING - FRAUD, OTHER Bail" $100,000 Also shows his attorney info but I'm not gonna post that info. The lawsuit is 15 pages and "sealed" by a judge so I won't post that PDF either but this fool got knabbed.

This case has also been going on since 10/4/16


[1 Points] 225x:

Was this the "crimewavelovesyou" person?