14 DAY TRIAL // The US Department of Justice (DoJ) has pressed official charges against a man named Michael Richo, 32, of Wallingford, Connecticut, for stealing Bitcoin using fake login pages from users of Dark Web marketplaces.
According to an FBI affidavit, between November 2013 and October 2014, the suspect collected over 10,000 login credentials for several Dark Web marketplaces, which allowed him to log into the victim's accounts and transfer their Bitcoin to his own wallet.
Richo held these funds in a Bitcoin wallet hosted on the Local Bitcoins service. Whenever he needed cash, he would convert the stolen Bitcoin into dollars and deposit various sums in his Bank of America account or Green Dot prepaid debit cards, or withdraw money via Western Union or MoneyGram transfers.
Richo stole "six figures" worth of Bitcoin
Richo didn't say how much Bitcoin he stole but revealed it was a figure that translated into a "six figure" amount when converted into dollars.
Authorities arrested Richo on November 6, 2014, when they executed a search warrant at his house, where they seized hard drives, thumb drives, and other equipment.
Analysis of this data revealed how Richo logged usernames from Dark Web users. The suspect used two techniques.
Richo stole credentials via phishing pages and port forwarding
In the first case, Richo set up fake login pages for the targeted Dark Web marketplaces, which he hosted on his laptop. After users would enter their credentials on these pages, Richo's script would log the data, and forward the user to the real login form.
The second technique was more advanced, and relied on "port forwarding," with Richo using his laptop as an intermediary point between the user and the real login form, transferring data from the user to the server, but collecting login credentials using a keylogging component.
The FBI says that Richo targeted various Dark Web portals, including ones where other crooks advertised and sold illegal products such as drugs, weapons, and malware.
According to the DoJ, Richo faces up to 57 years in prison for all charges: money laundering - 20 years, wire fraud - 20 years, access device fraud - 10 years, computer fraud - 5 years, and aggravated identity theft - 2 years.
Richo appeared in court last week and was released on a $100,000 bond. More details about Richo's operation are available in the affidavit below.