FBI arrests man for phishing DNM accounts

Glad to see that the feds are looking out for us.

https://www.justice.gov/usao-ct/pr/wallingford-man-charged-stealing-bitcoins-dark-web-phishing-scheme

Deirdre M. Daly, United States Attorney for the District of Connecticut, and Patricia M. Ferrick, Special Agent in Charge of the New Haven Division of the Federal Bureau of Investigation, announced that MICHAEL RICHO, 34, of Wallingford, was arrested today on a criminal complaint charging him with access device fraud, computer fraud, wire fraud, identity theft and money laundering offenses in connection with a scheme to steal bitcoins in an online phishing scheme.

According to the criminal complaint, RICHO engaged in an online phishing scheme to steal bitcoins from individuals on the dark web. Bitcoins are a form of electronic currency and online marketplaces on the dark web typically accept them as a payment method.

The complaint alleges that RICHO posted fake links to online marketplaces on dark web forums. The links directed individuals to a fake login page that looked like the real login pages for the various online marketplaces. When individuals attempted to log in, RICHO stole his or her username and password. Once he had an individual's username and password, RICHO monitored the individual's bitcoin balance at the real marketplace. If the individual later deposited bitcoins with the real marketplace, RICHO withdrew the bitcoins before the individual could spend them and caused the stolen bitcoins to be deposited into his own bitcoin wallet. RICHO then sold the stolen bitcoins to others in exchange for U.S. currency, which was deposited into a bank account that RICHO controlled.

The complaint alleges that RICHO had over 10,000 stolen usernames and passwords saved on his computer.

RICHO appeared this afternoon before U.S. Magistrate Judge Sarah A. L. Merriam in New Haven and was released on a $100,000 bond.

Money laundering carries a maximum term of imprisonment of 20 years, wire fraud carries a maximum term of imprisonment of 20 years, access device fraud carries a maximum term of imprisonment of 10 years, computer fraud carries a maximum term of imprisonment of five years, and aggravated identity theft carries a mandatory term of imprisonment of two years.


Comments


[44 Points] ForLol_Serious:

The feds got phished by him which is what sparked the investigation.


[17 Points] SporeBomber:

The feds now have over 10k usernames and passwords.


[4 Points] blockmains:

MICHAEL RICHO

Maybe he is from a family of RICO offenders, that's how they latched onto him


[6 Points] vaperman1:

RICHO then sold the stolen bitcoins to others in exchange for U.S. currency, which was deposited into a bank account that RICHO controlled.

Knowing only what I read above, I bet this is how they got him.


[3 Points] HushUp7:

Well stealing peoples hard earned drug money deserves rape jail.


[1 Points] nuhyM:

So it's ok now, we are under protection at last.


[1 Points] Liltittyboy:

I had no idea it was illegal to steal from criminals.


[1 Points] dnmuser1234:

Almost 100% positive this was the person that posted the link to Voat here on Reddit, saying it was Alphabays official Voat or whatever the hell that crap is.


[1 Points] weedandsyrup:

Lol it's funny cause they think they came up


[1 Points] Booz_Allen:

But what doesnt make sense about this whole thing is dont you need the PIN number for most accounts to withdraw the balance? I mean when you get the password and user thats fine, but isnt the pin number required to withdraw I know alpha does.


[1 Points] None:

[deleted]


[1 Points] lamoustache:

Criminal Complaint (PDF)

Investigation "started" in November 2013.

Search warrant issued on November 4th, 2014, raided on the 6th.

Looks like another vendor deanonymised by CMU and busted by Operation Onymous.

That phishing story sounds rubbish. If anything the FBI took advantage of him to learn more about the phishing technics and what not, probably setting up as well some fake sites to gather creds and in exchange agreed to charge him with that bullshit phishing instead of whatever he was initially caught for. It lasted 2 years between the initial search warrant/raid and his arrest few days ago.

The dates would fit an SR2 vendor but the criminal complaints mention that the dude was "involved" in an hidden marketplace specialised in the sale of illegal narcotics and stolen credit cards so could be any other market offering stolen credit card in November 2013.

Edit: Added link to criminal complaint


[1 Points] exmachinalibertas:

Seems like a win win win for the feds. Free money, a list a DMN users and their account login info, and to put the icing on the cake, they get to publish a story that will scare people away from the big bad dark web. That's about as perfect a bust as they can get.


[1 Points] None:

Damn it Uncle Richo!


[0 Points] Morvu:

U.S. Attorney Daly stressed that a complaint is only a charge and is not evidence of guilt. Charges are only allegations, and a defendant is presumed innocent unless and until proven guilty beyond a reasonable doubt.


[0 Points] Clix828:

[deleted]

What is this?


[0 Points] Selectivescammer1:

I've got no sympathy for this dude, he will definitely see some time in prison, but i doubt all the charges will stick