Ethereum

MIT students stole $25 million in seconds by exploiting ETH blockchain bug, DOJ says

Published

8 months ago

on

In about 12 seconds, two highly educated brothers allegedly stole $25 million by tampering with the Ethereum blockchain in a never-before-seen cryptocurrency scheme, according to a report. charge which the US Department of Justice unsealed on Wednesday.

In a DOJ Press releaseU.S. Attorney Damian Williams said the system was so sophisticated that it “calls into question the very integrity of the blockchain.”

“The brothers, who studied computer science and mathematics at one of the most prestigious universities in the world, allegedly used their specialized skills and education to alter and manipulate the protocols that millions of data users rely on. “Ethereum across the world,” Williams said. “And once they put their plan into action, their heist only took 12 seconds.”

Anton, 24, and James Peraire-Bueno, 28, were arrested Tuesday on charges of conspiracy to commit wire fraud, wire fraud and conspiracy to commit money laundering. Each brother faces “a maximum sentence of 20 years in prison on each count,” the DOJ said.

The alleged project was launched in December 2022 by the brothers, who studied at MIT, after months of planning, the indictment says. The two men apparently relied on their “specialized skills” and expertise in crypto trading to fraudulently access “pending private transactions” on the blockchain, then “used this access to modify certain transactions and obtain the crypto -currency of their victims,” the DOJ said.

The indictment details that the scheme allegedly worked by exploiting the Ethereum blockchain in the moments after a transaction was completed, but before the transaction was added to the blockchain.

These pending transactions, the DOJ explained, must be structured into a proposed block and then validated by a validator before they can be added to the blockchain, which acts as a decentralized ledger keeping track of crypto holdings. It emerged that the brothers tampered with this process by “establishing a series of Ethereum validators” through shell companies and exchanges that concealed their identities and masked their efforts to manipulate blocks and seize assets. Ethereum.

Advertisement

To do this, they allegedly deployed “bait transactions” designed to attract the attention of specialized bots often used to help buyers and sellers find lucrative prospects on the Ethereum network. When the bots took the bait, their validators apparently exploited a vulnerability in the process commonly used to structure blocks to modify the transaction by rearranging the block to their advantage before adding it to the blockchain.

When the victims detected the theft, they attempted to request the funds back, but the DOJ alleged that the brothers rejected these requests and instead hid the money.

The brothers’ online search history shows they studied and “took numerous steps to hide their ill-gotten gains,” the DOJ alleged. These steps included “creating shell companies and using multiple private cryptocurrency addresses and foreign cryptocurrency exchanges” that specifically did not rely on detailed “know your customer” (KYC) procedures. .

They also investigated “the very crimes charged in the indictment,” the DOJ said. Among the search terms found in the brothers’ story during the planning phase of the alleged project were phrases such as “how to wash crypto” and “no-KYC exchanges.” Later, apparently trying to prepare for the legal consequences of this scheme, the brothers allegedly searched for things like “top crypto lawyers” and “money laundering statutes of limitations” and “States -Do they extradite to [foreign country]”.

To uncover the scheme, Special Agent in Charge Thomas Fattorusso of the IRS Criminal Investigation (IRS-CI) New York Field Office said investigators “simply followed the money.”

“Regardless of the complexity of the case, we continue to lead financial crime investigation efforts through cutting-edge technology and old-fashioned investigative work, on and off the blockchain,” Fattorusso said.

The indictment comes the same month the Securities and Exchange Commission (SEC) is expected to decide whether to approve an Ethereum exchange-traded fund (ETF). According to CNBCthe alleged fraud could fuel SEC skepticism as it examines the Ethereum ETF.

SEC Chairman Gary Gensler, a noted crypto skeptic, wants to make sure investors are protected before approving any potentially dangerous listings, CNBC noted.

Fuente

Related Topics:

Leave a Reply

Your email address will not be published. Required fields are marked *

Información básica sobre protección de datos Ver más

  • Responsable: Miguel Mamador.
  • Finalidad:  Moderar los comentarios.
  • Legitimación:  Por consentimiento del interesado.
  • Destinatarios y encargados de tratamiento:  No se ceden o comunican datos a terceros para prestar este servicio. El Titular ha contratado los servicios de alojamiento web a Banahosting que actúa como encargado de tratamiento.
  • Derechos: Acceder, rectificar y suprimir los datos.
  • Información Adicional: Puede consultar la información detallada en la Política de Privacidad.

Trending

Exit mobile version