Thursday, November 21, 2024

Brothers Arrested for Allegedly Exploiting Ethereum Blockchain to Steal $25 Million in 12 Seconds

Author: CoinSense

In a landmark case that has to be the first of its kind, two brothers, both graduates of the prestigious Massachusetts Institute of Technology (MIT), were apprehended and charged on May 15 with exploiting a vulnerability in the Ethereum blockchain. 

Their alleged actions resulted in a massive $25 million theft in 12 seconds. Anton Peraire-Bueno, 24, and James Peraire-Bueno, 28, face fraud and money laundering charges

A Well-Planned Exploit Of the Ethereum Blockchain

Federal prosecutors described the scheme as meticulously planned and executed with the precision of a high-stakes digital heist. 

“The brothers, who studied computer science and math at one of the most prestigious universities in the world, allegedly used their specialized skills and education to tamper with and manipulate the protocols relied upon by millions of Ethereum users across the globe,” said Damian Williams, the U.S. attorney for the Southern District of New York.

Anton was taken into custody in Boston, and James was taken to New York. The brothers’ lawyers have not yet commented on the charges.

According to the US Justice Department, the brothers set up validators on the Ethereum network, which are intended to help order transactions and facilitate profitable trades through bots.

 They allegedly used their validators to deceive traders and secure access to pending transactions, however. The manipulation allowed them to alter the flow of electronic currency, effectively stealing the assets. They then moved the stolen funds through complex transactions to obscure their origins.

Over several months, the brothers carefully planned their operation. They allegedly studied the trading patterns of Ethereum bots and established shell companies and identified cryptocurrency exchanges with lax ‘know your customer’ (KYC) procedures to launder their illicit gains. 

Their thoroughness even extended to researching extradition procedures, highlighting the depth of their preparation.

Stolen Funds Going Up This Year

The heist is only the tip of the iceberg of ill-gotten crypto in recent years. United Nations sanctions monitors recently reported that North Korea laundered $147.5 million in stolen cryptocurrency through the Tornado Cash platform in March alone. 

A document submitted to the U.N. Security Council sanctions committee revealed that North Korean suspects have been linked to 97 cyberattacks on crypto firms over the past seven years, amounting to approximately $3.6 billion. 

According to PeckShield, approximately $100 million of stolen cryptocurrency funds were successfully recovered in March, representing 52.8% of the total hacked amount. Despite initial losses of $187.29 million across over 30 hacking incidents, the Munchables incident was particularly notable. Following negotiations, the hacker returned the stolen funds. 

Meanwhile, a recent $71 million wallet impersonation scam resulted in an investor transferring 97% of their assets to a bait wallet address. The hacker swiftly converted the stolen Wrapped Bitcoin (WBTC) into approximately 23,000 ETH and began distributing the funds across multiple wallets after six days. 

In the first quarter of 2024, total losses from hacking and fraudulent activities reached approximately $336.3 million, down from $437.5 million in the same period in 2023. The quarter saw 46 hacking incidents and 15 cases of fraudulent activities. 

Ethereum was the most targeted blockchain, followed by the BNB Chain, with both networks accounting for 73% of the total losses. Hacking incidents accounted for 95.6% of the losses, while scams and rug pulls comprised 4.4%.