[Gone Phishing] Bitcoin Hacker Manages to Steal Roughly 10K Passwords, $365,000 from Dark Web Users

Blockchain and cryptocurrency related crimes are something heard about in a very scarce quantity. But this week, TheNextWeb uncovered the sentencing of a 37-year-old man from in the United States under charges of fraud and cybercrime, for which he was sentenced to one year and one day in prison.

Where this relates to Bitcoin is from the elaborate phishing scam that he masterminded, all with the purpose of stealing confidential information from unaware victims, including various sums of cryptocurrency which they held.

According to TNW, the suspect, now known as Michael Richo from New Haven, along with the charge of 1 year and one day, was ordered to repay the $352,000 in cash along with a wide range of computers, electronic devices, such as digital and hardware-based wallets, which contained a vast array of different precious metals and virtual coins that he had purchased with the capital that he stole.

After his sentence has been completed, Richo will also be subject to a period of supervised release for a total of three years.

It was during the trial that evidence, such as court documents from the trial in question, as well as supplementary statements, illustrate just where Richo was going in order to target individuals for his Phishing attacks – The Dark Web.

Just how he managed to achieve this was through posting a series of fake links within already existing dark web marketplaces and dedicated forums. Upon clicking one of these links, users would be re-directed to fake login pages used to lull people into believing that they were on the real log-in pages for ‘reputable' marketplaces within the Dark Web.

Much like any fake landing or login page on the ‘conventional' web, these fake pages would then log the victim's information, allowing Richo to steal them, putting them to use in monitoring their balances of various cryptocurrencies, keeping an eye on how they would operate within the real marketplace. All before going ahead to withdraw whatever coins they had.

Upon obtaining these coins, Richo would then go on to deposit these into his own Bitcoin wallet, or immediately sell them on an exchange in order to make off with the fiat currency. Once these dollars were obtained, he managed to get hold of them through deposits to various bank accounts or provided to him through various remittance services like MoneyGram or transfers under Western Union.

In total, Richo was found guilty of the phishing and theft of approximately 10,000 usernames and associated passwords, as well as stealing more than $365,000 in various cryptocurrencies from their accounts.

Richo himself was eventually to be arrested under a federal criminal complaint as of October the 5th, 2016 before going on to attend court, where he subsequently pleaded guilty to counts of access device fraud, as well as money laundering as of June the 27th, 2017.

Bitcoin Scams – The Other Perpetrators

While this is the latest cyber-based criminal activity that we have seen, it's exactly that – the latest. Criminal activity that makes use of Bitcoin isn't a new phenomenon, unfortunately. Bitcoin itself earned notoriety as being the cryptocurrency of choice when the FBI cracked down on drug and weapons trafficking through the now famous Dark Web marketplace – Silk Road in 2014.

The amount of cryptocurrency related crimes has been working in stride over the first quarter of this year. In March, for example, the FBI had managed to publish the results of its recent deep investigation of the Dark Web. Within the report, the Bureau had discovered that more than 4 million dollars worth of cryptocurrency was seized from criminals over the course of the same month.

Known as Operation SaboTor (named after the emulator needed to obtain access to the Dark Web – TOR), the operation was spearheaded by members of the FBI's dedicated task force – the Joint Criminal Opioid and Darknet Enforcement (J-CODE) team. In total, the operation led to more than 61 arrests as well as the closure of some 50 accounts based on the dark web, all of which were directly linked to some scale of online criminal activity.

Along with these arrests, the operation saw the confiscation of approximately 300 kilos of various classifications of narcotics and drugs, 51 firearms of various caliber, and over $4.5 million worth of cryptocurrencies, $2.48 million in cash, as well as $40,000 of gold bullion from bars and coins. In total, Operation SaboTor oversaw the confiscation of approximately $7 million worth of illegal assets.

Along with this operation, there was a similar seizure which took place in Canada this year, with the judge presiding over the case overseeing and ordering the forfeit of $1.4 million (USD) worth of Bitcoin, which was found stored in a software wallet within the drug dealers computer once it was confiscated as part of the criminal investigation.