Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics //

Security Monitoring

Florida Sting Nabs Alleged Bitcoin Money Launderers

Florida undercover agents posed as fraudsters seeking to convert cash -- supposedly from stolen credit cards -- into the anonymous, cryptographic currency.

Two men were arrested February 6 in what Florida authorities said was the first state-level money-laundering case in the country that involves bitcoins.

In separate cases, police arrested Pascal Reid ("proy33") and Michel Abner Espinoza ("michelhack") on money-laundering charges after they allegedly offered to turn criminal proceeds into bitcoins for police officers and US Secret Service agents, working undercover, who posed as fraudsters seeking to convert cash obtained by using stolen credit card numbers.

"Criminals are always seeking new ways to make their activities profitable," said Florida's state attorney, Katherine Fernandez Rundle, in a statement. "Bitcoins are just a new tool in the cybercriminal's toolkit."

Bitcoins are a cryptographic currency that's seeing increased use by a number of legitimate businesses, both in the United States and abroad, something the Florida state attorney's charging documents against the two men emphasizes. But those same documents also highlight how the anonymity offered by bitcoins makes them "ideally suited for illegal purchases," because it's "virtually impossible to trace bitcoin transactions to the owner of the bitcoin address."

[Learn from the Target breach. See Target Breach Takeaway: Secure Your Remote Access.]

Accordingly, authorities appear to be targeting people who facilitate the buying and selling of bitcoins for anyone engaged in criminal activities.

In these two cases, authorities said they located both men via an online directory of bitcoin buyers and sellers called www.localbitcoins.com, through which Reid, using the handle proy33 and Esponoza, using the handle "michelhack," allegedly posted listings. In the listing posted by proy33, for example, the seller offered to meet "anytime" to exchange bitcoins, saying he preferred to meet in "public places such as Starbucks, an Internet cafe, a restaurant, a mall, or a bank," and posted a cellphone number where he could be reached.

According to court documents, on December 10, a Secret Service agent working undercover -- and named in the documents only as "Kramer" -- met proy33 at a Starbucks in Sunny Isles, Fla. The man converted $600 into bitcoins for Kramer, taking a commission of 20% above the bitcoins' market value. Authorities said that as part of a surveillance operation they followed proy33 to his home, then identified him as being Reid, who's Canadian.

(Source: zcopley)
(Source: zcopley)

According to court documents, Kramer again met Reid on January 5, this time asking to convert $1,000 into bitcoins. The undercover agent also claimed to be in the business of selling stolen credit card numbers, and offered to sell some to Reid, who allegedly declined. But Reid allegedly didn't balk at continuing to offer bitcoin exchange services, as well as to break deposits up into multiple transactions, to help evade banks' anti-money-laundering controls.

According to court documents, the two men met again on February 4, with Kramer telling Reid that he wanted to convert $30,000 that he claimed to have earned by using credit card numbers obtained via the Target breach into bitcoins.

At that point, "Reid pulled out his Chrome (brand) laptop computer in order to observe the current bitcoin exchange rates," according to the charging documents, after which Kramer showed him a "flash roll" of $30,000 -- composed of $100 bills -- which Reid inspected for authenticity, before selling Kramer $25,000 in bitcoins, minus about $5,000 for his 20% commission. Reid allegedly also expressed interest in purchasing fake US passports and Florida driver's licenses from Kramer. Reid was arrested two days later.

According to court documents, Espinoza's bust went down the same way, with a Miami detective posing as the buyer, except that the suspect didn't believe the proffered roll of $100 bills was real. Instead, he requested that the buyer return with $20 bills. But the detective allegedly talked Espinoza into agreeing that if a Bank of America ATM accepted $2,400 of the cash for deposit into an account to which Espinoza had access, then he would convert the $30,000 into bitcoins. Less than an hour after first meeting the detective, Espinoza was arrested.

Both Reid and Espinoza face two money-laundering charges, as well as one charge of running an unlicensed money service business.

The state angle aside, this isn't the first case to involve bitcoins and money laundering charges. Last month, for example, Robert M. Faiella (a.k.a. "BTCKing") was charged with offering Bitcoin exchange services to users of Silk Road, a notorious "dark net" site -- reachable only via the Tor anonymizing network -- that reportedly facilitated that sale of illegal narcotics. Faiella reportedly sold the bitcoins at a 9% markup.

As part of that case, Charlie Shrem, formerly the CEO and compliance officer of Bitcoin exchange company BitInstant -- which closed shop in October 2013 -- was charged with helping Faiella launder more than $1 million in profits by processing the trades via BitInstant. Prosecutors accused Shrem of allowing people to swap cash anonymously for bitcoins without verifying their identities, as is required by federal law for any transaction that involves $3,000 or more.

InformationWeek Conference is an exclusive two-day event taking place at Interop where you will join fellow technology leaders and CIOs for a schedule packed with learning, information sharing, professional networking, and celebration. Come learn from each other and honor the nation's leading digital businesses at our InformationWeek Elite 100 Awards Ceremony and Gala. You can find out more information and register here. In Las Vegas, March 31 to April 1, 2014.

Mathew Schwartz served as the InformationWeek information security reporter from 2010 until mid-2014. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 2
Lorna Garey
50%
50%
Lorna Garey,
User Rank: Ninja
2/11/2014 | 2:14:39 PM
Re: Impact
Exactly - Bitcoins seem more akin to buying a stock than to currency. Even that analogy is flawed though because a share of stock, like a greenback, has something behind it, even if that "something" is an intangible "full faith and credit" promise that the GOP House doesn't seem to think means much.

What exactly is behind a Bitcoin?
Ariella
50%
50%
Ariella,
User Rank: Apprentice
2/11/2014 | 8:50:59 AM
Re: Impact
@Whoopty it's still worth far more than it was this past summer, and if you had bought it earlier, you'd have made an even bigger killing. However, the huge fluctuations that can make it appealing as an instrument of speculation are not working in favor of it becoming adopted as a mainstream currency. 
Whoopty
50%
50%
Whoopty,
User Rank: Ninja
2/11/2014 | 8:16:17 AM
Impact
I wonder what impact this news had on the current bitcoin value slump compared to the Mt Gox halting of withdrawals? 
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
2/11/2014 | 3:55:14 AM
Hmm...
FWIW, I have to wonder about the moral and legal implications of the setup here on Reid and Espinoza, and what was really going on.  It appears, from the description in the article of the chronology of events, that Reid was not told about the "stolen credit card numbers" until the second meet.  And that (if I am understanding correctly) he was not explicitly told that the money he was changing came directly from stolen credit card numbers until the third meet.

So imagine if you're a totally innocent person in that situation.

Imagine thinking, "Oh, crap, this guy's a criminal.  And I've already done business with him and changed money for him.  And he knows me."

Would you be brave enough to say no?

Maybe I'm being more of an apologist than Reid and Espinoza deserve.  Maybe they're truly bad guys and they were all too happy to help launder money for profit.

Regardless of the situation with these two particular defendants, however, this sequence of events suggests that officials just wanted a bust -- and didn't care if they got a "real" bad guy or just a scared innocent in over his head.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
2/11/2014 | 3:44:27 AM
Re: Chromebooks have arrived
@Thomas: How big an endorsement is this really, though?  After all, he got arrested.  ;)
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
2/11/2014 | 3:41:45 AM
Re: The Purpose of Bitcoins
@Gary: And, for that matter, why are people complaining about things like the Patriot Act and secret FISA courts and widespread NSA phone and email surveillance?  What are these people hiding?

ಠ__ಠ
Gary_EL
50%
50%
Gary_EL,
User Rank: Apprentice
2/11/2014 | 12:15:27 AM
The Purpose of Bitcoins
Aside for making it easier for spouses to keep secrets from each other, what is the purposes of Bitcoin, other than to attempt to hide criminal activity or to commit tax fraud of one type or other??
Thomas Claburn
50%
50%
Thomas Claburn,
User Rank: Ninja
2/10/2014 | 4:32:20 PM
Chromebooks have arrived
When the crypocurrency crowd starts using Chromebooks, that's a sign they approve of the security model.
<<   <   Page 2 / 2
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.