Man Phished His Way into Stealing Bitcoin from Dark Web Criminals

This new phishing scam just goes to show that even (some) cyber criminals are not the smartest –regardless of their skill level.

35-year-old tech professional, Michael Richo, was recently arrested for using phishing techniques to steal bitcoin from dark web criminals.

In the official court documents, Richo operated a phishing site masked as popular darknet marketplaces. Although the marketplaces were never identified, one can assume by the sheer amount of profit that the marketplaces were big-named ones like AlphaBay and Dream Market.

Richo’s technique was fairly simple: collect the login information gained via the phishing site and then use that login information to access the real accounts.

“He would post fake links on forums to these markets which would direct users to a fake login page hosted on a laptop at his house. The login page would look exactly like the real login pages for the various market sites. When users would attempt to log in, he would steal their usernames and passwords.”

After logging in, Richo was able to transfer money from his victims’ bitcoin wallet to his own. From there, he’d convert the Bitcoin dollars into real dollars and deposit the funds into his Bank of America account. Richo also obtained the Bitcoin dollars via Green Dot prepaid debit cards, Western Union withdrawals, and MoneyGram transfers.

The profit totaled over $365,000. Richo finally took a fall in 2013, when a criminal complaint was filed against him after he spent time bragging on dark web forums about his illegal business.

After keenly monitoring his activity over the gollowing year, authorities were finally able to gain access to his home. This allowed them to confiscate all electronics; including computers, hard drives, and various other storage devices.

Richo now faces up to 30 years in prison with the charges “access device fraud” and “money laundering”. He was previously on bond with computer monitoring conditions, but now awaits sentencing, which will take place on September 28, 2017.

Related posts

Glove Stealer Emerges A New Malware Threat For Browsers

Halliburton Cyberattack Update: Losses Worth $35 Million Hit The Firm

ANY.RUN Discovers Tricky Phishing Attack Using Fake CAPTCHA