Brothers Allegedly Steal $25M from Ethereum Blockchain

Two brothers, both students at the Massachusetts Institute of Technology (MIT), have been accused by the US Department of Justice of interrupting the operations of the Ethereum blockchain and reportedly stealing digital assets valued at $25 million within 12 seconds, implementing an unprecedented criminal scheme.

Criminal Scheme Questions Integrity of Blockchain

The scheme is so complex, that it “puts into question the very integrity of the blockchain,” noted prosecutor Damian Williams. “The brothers, who were studying computer science and mathematics at one of the world’s most prestigious universities, allegedly used their special skills and education to intervene and manipulate the protocols that millions of Ethereum users rely on worldwide. Once they put their plan into action, the heist took only 12 seconds,” Williams stated.

MIT Students Arrested on Fraud Charges

24-year-old Anton and 28-year-old James Peraire-Bueno were arrested on May 14th, charged with conspiracy to commit fraud using electronic means, fraud with electronic means, and conspiracy to launder money. Each faces up to 20 years in prison for each charge. The implementation of the scheme began in December 2022 after several months of planning, according to the indictment. Using their “unique skills” and experience in cryptocurrency trading, the MIT students accessed “pending private transactions” in the blockchain and “utilized this access to alter individual transactions and obtain their victims’ cryptocurrency”.

Precise Exploitation of Ethereum Vulnerability

The indictment offers a detailed explanation of how the scheme operated, exploiting a vulnerability in the Ethereum blockchain in the first moments following a transaction but before it was added to the blockchain. These pending transactions were structured into a block, validated, and then added to the blockchain—a decentralized ledger tracking crypto assets. The brothers intervened in this process by “creating a series of Ethereum validators” through dummy companies and foreign crypto exchanges to hide their identities.

Source image: A M Hasan Nasim / pixabay.com

Implementing Deceptive Transactions

The brothers initiated “decoy transactions” to attract the attention of bots that are used to identify profitable possibilities for sellers and buyers in the Ethereum network. When the bots took the bait, the validators controlled by the brothers exploited a vulnerability in the block-building process, altered the transactions, rearranged the block in the criminals’ favor before its addition to the blockchain. When the victims detected the theft, they attempted to demand restitution, but their requests were rejected, and the money was concealed.

Digital Footprint of Criminal Intent

An online search history of the brothers revealed that they studied information and “took numerous steps to hide their illegal earnings,” asserts the Department of Justice. This included the “establishment of dummy companies, the use of multiple private cryptocurrency addresses, and overseas computer exchanges” that did not apply KYC (Know Your Customer) verification schemes. They searched for terms related to criminal activity, such as “how to launder cryptocurrency.” They even attempted to prepare for the results of their operation with queries such as “leading cryptocurrency lawyers,” “statute of limitations for money laundering,” and even “does [a specific country] extradite to the United States.”

In uncovering the criminal scheme, Special Agent Thomas Fattorusso of the US Internal Revenue Service’s Criminal Investigation Division reported that law enforcement simply “followed the money,” using a combination of advanced technology and traditional investigative operations both within and outside the blockchain.