Brothers arrested for $25 million theft in Ethereum blockchain attack
The U.S. Department of Justice has indicted two former MIT students for allegedly manipulating the Ethereum blockchain and stealing $25 million worth of cryptocurrency within approximately 12 seconds in a "first-of-its-kind" scheme.
Anton Peraire-Bueno and James Pepaire-Bueno were arrested in Boston and New York on Tuesday on charges of wire fraud and conspiracy to commit wire fraud and money laundering. If convicted, each of them faces a maximum penalty of 20 years in prison for each count.
Their case was investigated by IRS Criminal Investigation (IRS-CI) Cyber Investigations Unit in New York, with the assistance of the New York City Police Department and U.S. Customs and Border Protection.
"The brothers, who studied computer science and math at one of the most prestigious universities in the world, allegedly used their specialized skills and education to tamper with and manipulate the protocols relied upon by millions of Ethereum users across the globe. And once they put their plan into action, their heist only took 12 seconds to complete," said U.S. Attorney Damian Williams.
The two former Massachusetts Institute of Technology (MIT) students allegedly manipulated transaction validation processes on the blockchain by accessing pending private transactions, altering them, obtaining victims' cryptocurrency, and rejecting requests to return the stolen funds—instead, they took steps to conceal their illegal gains.
The indictment claims the brothers learned their victims' trading behaviors while preparing the attack (starting December 2022) and took measures to hide their identities and the stolen proceeds.
They also used multiple cryptocurrency addresses and foreign exchanges and set up shell companies. Following the attack, they moved the stolen crypto assets through a series of transactions that would obscure their source and ownership.
While planning and executing the attack, they allegedly took the following steps, among others:
- Establishing a series of Ethereum validators in a manner that concealed their identities through the use of shell companies, intermediary cryptocurrency addresses, foreign exchanges, and a privacy layer network;
- Deploying a series of test transactions of "bait transactions" designed to identify particular variables most likely to attract MEV Bots that would become the victims of the Exploit (collectively the "Victim Traders");
- Identifying and exploiting a vulnerability in the MEV-Boost relay code that caused the relay to release the full content of a proposed block prematurely;
- Re-ordering the proposed block to the defendants' advantage;
- And publishing the re-ordered block to the Ethereum blockchain, which resulted in the theft of approximately $25 million in cryptocurrency from the Victim Traders.
Throughout the process, the brothers also searched online for information on carrying out the attack, concealing their involvement in the Ethereum exploit, laundering the criminal proceeds through cryptocurrency exchanges with lax verification procedures, hiring attorneys with cryptocurrency expertise, extradition procedures, and the crimes outlined in the indictment.
"These brothers allegedly committed a first-of-its-kind manipulation of the Ethereum blockchain by fraudulently gaining access to pending transactions, altering the movement of the electronic currency, and ultimately stealing $25 million in cryptocurrency from their victims," said IRS-CI special agent Thomas Fattorusso.
source: BleepingComputer
Free security scan for your website
Top News:
Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)
November 18, 2024CWE top 25 most dangerous software weaknesses
November 21, 2024Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor
November 21, 2024Hackers now use AppDomain Injection to drop CobaltStrike beacons
August 24, 2024