FBI: ‘IcyEagle’ hacker stole bank passwords, sold them on AlphaBay

Ryan Kruger reports:

He lived in a world of anonymity. Going by the screen name “IcyEagle” he hid in the deep web.

But now Aaron Glende has been exposed as an alleged hacker.

The Winona, Minn. man was arrested by Atlanta-based FBI agents, charged with bank fraud and identity theft.

According to a federal indictment obtained by 11Alive News, Glende hacked into SunTrust customer’s accounts, stole their passwords and then sold that information to the highest bidder.

Read more on 11Alive.

Glende apparently was selling the info on AlphaBay. Here’s the full press release from the U.S. Attorney’s Office for Northern District of Georgia (July 22, 2016);

Aaron James Glende has been arraigned on federal charges of bank fraud, access device fraud, and aggravated identity theft.  The indictment alleges he advertised criminal services on AlphaBay Market, a hidden services marketplace.

“Glende allegedly sold stolen bank account information on a website designed to traffic criminal goods and services, including weapons, stolen credit cards, and illegal narcotics,” said U. S. Attorney John Horn.  “As cyber criminals increasingly trade financial information for cash, citizens must be vigilant with their account information.”

“The threat posed by cyber criminals is a persistently increasing problem for everyday citizens here in the U.S. and abroad. This investigation and resulting arrest clearly illustrates that the FBI, however, will not cease in its effort to identify, locate, arrest and seek prosecution of these criminals regardless of how deep in the digital underground they reside,” said J. Britt Johnson, Special Agent in Charge, FBI Atlanta Field Office.

According to U.S. Attorney Horn, the charges, and other information presented in court: From about November 5, 2015, Aaron Glende, a.k.a. IcyEagle, began advertising criminal services on a TOR hidden services marketplace known as AlphaBay Market (“AlphaBay”).  The AlphaBay website contained a number of features designed to assist prospective buyers who wished to purchase criminal services.

For example, the AlphaBay sales listings contained categories corresponding to various types of criminal services; those categories included “Fraud,” “Drugs & Chemicals,” “Counterfeit Items,” “Weapons,” and “Carded Items.”  Moreover, the website had a search functionality that allowed users to search for items by name.   Much like Amazon or eBay, users of the website could rate sellers and search for certain sellers by name, but purchases were made using Bitcoin.

On May 4, 2016, Glende, using the online nickname “IcyEagle,” allegedly advertised the sale of stolen bank account information on the AlphaBay Market under the “Fraud” category.  In a listing entitled “High Balance SunTrust Logins 30K-150K Available,” using his online nickname, IcyEagle, Glende wrote that “I bring you freshly hacked Sun Trust Bank Account Logins.  The accounts are notorious for having weak security.”  The listing identified the sales price as $66.99 USD and indicated that IcyEagle had sold 11 of the high-balance account logins since November 11, 2015.

On March 19, 2016, Glende allegedly advertised the sale of “Hacked SunTrust Bank Account Logins $100-$500 Balances.”  The listing indicated that the sales price was $9.99 USD, that he had sold 32 since November 5, 2015, and noted that “this listing is for active SunTrust bank account balances of $100-$500.”

On multiple dates in March and April 2016, an FBI agent, acting in an undercover capacity, accessed the AlphaBay website.   While on the website, the agent purchased SunTrust account information from Glende using Bitcoin.  A review of the information purchased from Glende confirmed that it contained usernames, passwords, physical addresses, email addresses, telephone numbers, and bank account numbers that belonged to five different SunTrust Bank customers.

Aaron James Glende, 35, of Winona, Minnesota, was arraigned before U.S. Magistrate Judge Janet F. King.  Glende was indicted by a federal grand jury on June 28, 2016.

Members of the public are reminded that the indictment only contains charges.  The defendant is presumed innocent of the charges and it will be the government’s burden to prove the defendant’s guilt beyond a reasonable doubt at trial.

This case is being investigated by the Federal Bureau of Investigation.  Assistance was provided by Homeland Security Investigations, the U.S. Postal Investigation Service, and the Winona, Minnesota Police Department.

Assistant United States Attorneys Samir Kaushal and Kamal Ghali are prosecuting the case.

About the author: Dissent

Comments are closed.