Key Takeaways:
Two American brothers, who studied at the prestigious Massachusetts Insitute of Technology (MIT), were arrested by federal authorities on Wednesday after executing a cutting-edge exploit on Ethereum, which saw them steal $25 million worth of cryptocurrencies from the blockchain.
Former MIT Students Orchestrate “Cutting-Edge” Exploit on Ethereum to Steal $25 Million in Crypto
Anton Peraire-Bueno, 24, and James Peraire-Bueno, 28, who orchestrated the crime in April 2023, have been charged by the US Department of Justice (DoJ) for wire fraud and money laundering. Federal prosecutors called the scheme perpetrated by the brothers “novel”, stating it was the first time they had witnessed such a fraud.
The brothers’ elaborate heist saw them steal $25 million from traders on the Ethereum blockchain by fraudulently gaining access to pending transactions and altering them to obtain the victims’ cryptocurrencies. Their meticulously planned operation involved studying the trading patterns of Ethereum bots and was executed in 12 seconds.
Both Anton and James Peraire-Beuno studied computer science and math at MIT and Cambridge University and are said to have developed the skills necessary to carry out their plot by exploiting Ethereum’s process for validating transactions.
Peraire-Beuno Brothers Exploited an Ethereum Vulnerability to Alter Transaction Route
Prosecutors allege that the brothers exploited a vulnerability in the code of an Ethereum software called MEV-boost, which is used by a majority of the network’s “validators”, who are responsible for verifying whether new transactions are valid before they are added to the blockchain. This software helps order transactions and facilitate profitable trades through bots.
The brothers set up validator clients on the Ethereum network, which they allegedly used to deceive traders and secure access to victims’ pending transactions. This manipulation allowed them to alter the movement of cryptocurrencies from the victim’s wallet, effectively stealing the money.
The duo then proceeded to move the stolen funds through complex crypto transactions and multiple exchanges that did not require know-your-customer (KYC) verification, in an attempt to obscure their origins.
Following the hack, a representative for Ethereum contacted the brothers, but they declined to return the stolen funds, and instead took steps to launder and hide the ill-gotten gains. The DoJ said they set up shell companies and used multiple private cryptocurrency addresses and foreign cryptocurrency exchanges to move the crypto.
US Deputy Attorney General Lisa Monaco stated that the technology used by the Peraire-Bueno brothers was so sophisticated and cutting-edge that it was “plotted for months and executed in seconds”.
Meanwhile, US attorney Damian Williams used the opportunity to question the very integrity of blockchain technology.
An indictment was charged against them with conspiracy to commit wire fraud, wire fraud, and conspiracy to commit money laundering. Anton Peraire-Bueno was arrested on Tuesday in Boston, while James Peraire-Bueno was arrested in New York.
They are scheduled to appear before US magistrate judges in Manhattan, New York. Anton and James each face a maximum of 20 years behind bars if convicted of their crimes.
$336 Million Worth of Crypto Stolen in 2024 So Far, and 50% of the Loot Has Been Recovered
Despite a massive reduction in crypto hacks and fraud schemes compared to last year, the total loss suffered by crypto users in the first quarter of 2024 reached approximately $336.3 million, down from $437.5 million during the same period in 2023. 46 hacking incidents and 15 fraudulent activities were reported in the last quarter.
Ethereum (ETH) has been the primary target of crypto hackers, followed by the BNB Chain (BNB). Both decentralized networks accounted for 73% of the total losses suffered by crypto platforms this year.
Blockchain security firm PeckShield reported that approximately $100 million in stolen cryptocurrency funds were successfully recovered in March, accounting for 50% of the total amount lost to hacks.
Almost 96% of the losses were attributed to hacking incidents on crypto platforms, while scams and rug pulls were responsible for 4.4%.
At the time of writing, Ether (ETH) is trading at $3,010 – up 3.72% over the last 24 hours.
