The ringleader of selling stolen payment cards on the dark web pleaded guilty: selling the financial information of tens of thousands of people

According to the U.S. Department of Justice, a U.S. citizen pleaded guilty in a Missouri court, admitting to operating a dark web site selling stolen payment cards and selling the financial information of tens of thousands of victims in the United States.

Michael D. Mihalo, also known as Dale Michael Mihalo Jr., allegedly set up a dark web trading site called Skynet Market specializing in the sale of credit card and debit card data using the alias "ggmccloud1".

Between February 22, 2016, and October 1, 2019, Mihalo and his accomplices also peddled their cards on other dark web markets including AlphaBay Market, WallStreet Market, and Hansa Market. Each market required users to trade in digital currencies including Bitcoin.

In a press release issued on May 16, 2023, the U.S. Department of Justice said: "Mihalo organized and directed a team that helped him sell this stolen financial information on the dark web. Each accomplice benefited from Mihalo's reputation as ggmccloud1, enabling them to sell more stolen financial information than they could individually."

"Mihalo personally possessed, transmitted, and received information related to 49,084 stolen payment cards for the purpose of selling payment card information on dark web sites, all in furtherance of the stolen conspiracy."

One of the defendant's accomplices, Taylor Ross Staats, acted as a "card checker" to ensure that the financial information sold was still valid and had not been canceled by the relevant financial institutions.

Staats is estimated to have earned at least $21,000 worth of Bitcoin for these services. On December 14, 2022, he pleaded guilty to playing this role in the action, committing an offense of conspiring to commit access device fraud. He faces up to five years in prison.

The Justice Department added that the 40-year-old Illinois man Mihalo gained more than $1 million in cryptocurrency from these schemes.

The defendant pleaded guilty to one count of conspiracy to commit access device fraud, punishable by up to five years in prison, and one count of access device fraud and six counts of money laundering, each punishable by up to 10 years in prison. He was also ordered to forfeit all illegal proceeds.

Under the terms of his plea agreement, Mihalo was also ordered to forfeit any personal property he acquired through crime, including cryptocurrencies, financial accounts, and real estate worth millions of dollars, and agreed to a sum determined by the judge at sentencing.

The announcement was made by Assistant Attorney General Kenneth A. Polite, Jr. of the Criminal Division of the U.S. Department of Justice, U.S. Attorney Teresa A. Moore of the Western District of Missouri, Assistant Director Bryan Vorndran of the FBI's Cyber ​​Division, and Special Agent in Charge Charles Dayoub of the FBI's Kansas City Field Office.

The FBI's Kansas City Field Office investigated the case.

Senior Counsel Louisa Becker of the Computer Crime and Intellectual Property Section of the U.S. Department of Justice's Criminal Division and Assistant U.S. Attorney Matthew Blackwood of the Western District of Missouri are prosecuting the case. The Department of Justice's Office of International Affairs provided substantial assistance.

The U.S. Department of Justice also thanked law enforcement partners at the Royal Canadian Mounted Police for their assistance in this case.

Earlier this month, U.S. authorities also shut down the Try2Check dark web market, a popular Russian platform used by cybercriminals to validate stolen credit card information.