Source: securityboulevard.com – Author: Jeffrey Burt It took two brothers who went to MIT months to plan how they were going to steal, launder and hide millions of dollars in cryptocurrency — and only 12 seconds to actually pull off the heist. The brothers, Anton Peraire-Bueno and James Pepaire-Bueno, were indicted by federal prosecutors this […]
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan The U.S. Department of Justice charged two suspects for allegedly leading a crime ring that laundered at least $73 million from cryptocurrency investment scams, also known as “pig butchering.” In pig butchering scams, criminals approach targets using various messaging apps, dating platforms, or social media platforms to build trust […]
It took two brothers who went to MIT months to plan how they were going to steal, launder and hide millions of dollars in cryptocurrency -- and only 12 seconds to actually pull off the heist.
Gone in 60 seconds is a thing of the past. With the world moving towards digital assets and cryptocurrency, “Gone in 12 seconds” seems to be the new norm for digital heists. The U.S. Department of Justice arrested two siblings for attacking the Ethereum blockchain and siphoning $25 million of cryptocurrency during a 12 second exploit.
Hailing from Boston and New York respectively, Anton Peraire-Bueno, 24, and James Peraire-Bueno, 28, stand accused of a litany of charges including conspiracy to commit wire fraud, wire fraud and conspiracy to commit money laundering.
According to an unsealed indictment on Wednesday the brothers mixed their “specialized skills” from their education at MIT with their expertise in cryptocurrency trading to exploit “the very integrity of the (Ethereum) blockchain,” said U.S. Attorney Damian Williams.
The brothers meticulously planned the exploit scheme for months “and once they put their plan into action, their heist only took 12 seconds to complete,” he added.
“This alleged scheme was novel and has never before been charged.”
Through the Exploit, which is believed to be the very first of its kind, Peraire-Bueno brothers manipulated and tampered with the process and protocols by which transactions are validated and added to the Ethereum blockchain.
The MEV Conundrum from Ethereum Blockchain Exploit
According to the indictment, the Pepaire-Bueno brothers initiated their scheme in December 2022, targeting specific traders on the Ethereum platform through what investigators term a "baiting" operation.
At the heart of the indictment lies the concept of MEV-Boost, a software tool utilized by Ethereum validators to optimize transaction processing and maximize profitability. MEV, or maximal extractable value, has long been a subject of controversy within the cryptocurrency community, with proponents arguing its economic necessity and critics highlighting its potential for abuse.
They exploited a critical flaw in MEV-Boost's code, granting them unprecedented access to pending transactions before their official validation by Ethereum validators.
Leveraging this loophole, the siblings embarked on a sophisticated campaign targeting specific traders utilizing MEV bots. The indictment elucidates the modus operandi employed by the accused duo. The brothers created 16 Ethereum validators and targeted three specific traders who operated MEV bots, the indictment said.
By establishing their own Ethereum validators and deploying bait transactions, they enticed MEV bots from these traders for their illicit scheme.
Subsequently, through a series of meticulously orchestrated maneuvers, including frontrunning and transaction tampering, they siphoned off $25 million of cryptocurrency from unsuspecting victims – all in just 12 seconds.
Following the successful execution of their nefarious scheme, the brothers allegedly laundered the ill-gotten gains through a network of shell companies. Converting the stolen funds into more liquid cryptocurrencies such as DAI and USDC, they attempted to rebuff attempts of victims and Ethereum representatives to recover the stolen cryptocurrency.
Following their arrest on Tuesday, the brothers are set to appear in federal courts in New York and Boston to face charges. If convicted the brothers face a maximum sentence of up to 20 years in prison for each count. Deputy Attorney General Lisa Monaco lauded the Justice Department’s prosecutors and IRS agents, “who unraveled this first-of-its kind wire fraud and money laundering scheme.”
“As cryptocurrency markets continue to evolve, the Department will continue to root out fraud, support victims, and restore confidence to these markets.”
Cryptocurrency Heists and Convictions Growing Every Day
The news of the arrest comes on the heels of another crypto heist from Sonne Finance, the cryptocurrency lending protocol. The team at Sonne Finance is offering an undisclosed bounty to a hacker responsible for a $20 million theft on Tuesday evening. Sonne Finance facilitates lending and borrowing without intermediaries like banks.
The theft, tracked by blockchain security companies, involved digital coins like ether and USDC. Developers paused all markets and later detailed the attack in a postmortem, offering a bounty for the return of funds. They detected the attack within 25 minutes, with some users preventing $6.5 million theft.
The hacker has since been exchanging stolen cryptocurrency for bitcoin and others. Law enforcement focus on crypto theft has intensified in 2024, with notable convictions including a $110 million theft from Mango Markets resulting in up to 30 years in prison and sentences for individuals involved in crypto scams and market manipulation.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan The U.S. Department of Justice has indicted two brothers for allegedly manipulating the Ethereum blockchain and stealing $25 million worth of cryptocurrency within approximately 12 seconds in a “first-of-its-kind” scheme. Anton Peraire-Bueno and James Pepaire-Bueno were arrested in Boston and New York on Tuesday on charges of wire fraud […]
Within approximately 12 seconds, two highly educated brothers allegedly stole $25 million by tampering with the ethereum blockchain in a never-before-seen cryptocurrency scheme, according to an indictment that the US Department of Justice unsealed Wednesday.
In a DOJ press release, US Attorney Damian Williams said the scheme was so sophisticated that it "calls the very integrity of the blockchain into question."
"The brothers, who studied computer science and math at one of the most prestigious universities in the world, allegedly used their specialized skills and education to tamper with and manipulate the protocols relied upon by millions of ethereum users across the globe," Williams said. "And once they put their plan into action, their heist only took 12 seconds to complete."
Source: www.bleepingcomputer.com – Author: Bill Toulas Alexey Pertsev, one of the main developers of the Tornado Cash cryptocurrency tumbler has been sentenced to 64 months in prison for his part in helping launder more than $2 billion worth of cryptocurrency. The 31-year-old Russian national was arrested in Amsterdam in August 2022 for charges of hiding financial flows from criminal […]
A Dutch court ruling on Tuesday found one of the co-founders of the now-sanctioned Tornado Cash cryptocurrency mixer service guilty of laundering $1.2 billion illicit cybercriminal proceeds. He was handed down a sentence of 5 years and 4 months in prison, as a result.
Alexey Pertsev, a 31-year-old Russian national and the developer of Tornado Cash, awaited trial in the Netherlands on money laundering charges after his arrest in Amsterdam in August 2022, just days after the U.S. Treasury Department sanctioned the service for facilitating malicious actors like the Lazarus Group in laundering their illicit proceeds from cybercriminal activities.
“The defendant declared that it was never his intention to break the law or to facilitate criminal activities,” according to a machine translated summary of the judgement.
Instead Pertsev intended to offer a legitimate solution with Tornado Cash to a growing crypto community that craved privacy. He argued that “it is up to the users not to abuse Tornado Cash.” Pertsev also said that given the technical specifications of the cryptocurrency mixer service, it was impossible for him to prevent the abuse.
However, the District Court of East Brabant disagreed, asserting that the responsibility for Tornado Cash's operations lay solely with its founders and lacked adequate mechanisms to prevent abuse.
“Tornado Cash functions in the way the defendant and his cofounders developed Tornado Cash. So, the operation is completely their responsibility,” the Court said. “If the defendant had wanted to have the possibility to take action against abuse, then he should have built it in. But he did not.”
“Tornado Cash does not pose any barrier for people with criminal assets who want to launder them. That is why the court regards the defendant guilty of the money laundering activities as charged.”
Tornado Cash functioned as a decentralized cryptocurrency mixer, also known as a tumbler, allowing users to obscure the blockchain transaction trail by mixing illegally and legitimately obtained funds, making it an appealing option for adversaries seeking to cover their illicit money links.
Tornado Cash laundered $1.2 billion worth of cryptocurrency stolen through at least 36 hacks including the theft of $625 million from the Axie Infinity hack in March 2022 by North Korea’s Lazarus Group hackers.
The Court used certain undisclosed parameters in selecting these hacks due to which only 36 of them were taken into consideration. Without these parameters, more than $2.2 billion worth of illicit proceeds from Ether cryptocurrency were likely laundered. The Court also did not rule out the possibility of Tornado Cash laundering cryptocurrency derived from other crimes.
The Court further described Tornado Cash as combining “maximum anonymity and optimal concealment techniques” without incorporating provisions to “make identification, control or investigation possible.”
It failed to implement Know Your Customer (KYC) or anti-money laundering (AML) programs as mandated by U.S. federal law and was not registered with the U.S. Financial Crimes Enforcement Network (FinCEN) as a money-transmitting entity.
"Tornado Cash is not a legitimate tool that has unintentionally been abused by criminals," it concluded. "The defendant and his co-perpetrators developed the tool in such a manner that it automatically performs the concealment acts that are needed for money laundering."
In addition to the prison term, Pertsev was ordered to forfeit cryptocurrency assets valued at €1.9 million (approximately $2.05 million) and a Porsche car previously seized.
Other Tornado Cash Co-Founders Face Trials Too
A year after Pertsev’s arrest, the U.S. Department of Justice unsealed an indictment where the two other co-founders, Roman Storm and Roman Semenov, were charged with conspiracy to commit money laundering, conspiracy to operate an unlicensed money-transmitting business and conspiracy to violate the International Emergency Economic Powers Act.
Storm goes to trial in the Southern District of New York later in September, while Semenov remains at large.
The case has drawn a debate amongst two sides – privacy advocates and the governments. Privacy advocates argue against the criminalization of anonymity tools like Tornado Cash as it gives users a right to avoid financial surveillance, while governments took a firm stance against unregulated offerings susceptible to exploitation by bad actors for illicit purposes.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
Billy Restey is a digital artist who runs a studio in Seattle. But after hours, he hunts for rare chunks of bitcoin. He does it for the thrill. “It’s like collecting Magic: The Gathering or Pokémon cards,” says Restey. “It’s that excitement of, like, what if I catch something rare?”
In the same way a dollar is made up of 100 cents, one bitcoin is composed of 100 million satoshis—or sats, for short. But not all sats are made equal. Those produced in the year bitcoin was created are considered vintage, like a fine wine. Other coveted sats were part of transactions made by bitcoin’s inventor. Some correspond with a particular transaction milestone. These and various other properties make some sats more scarce than others—and therefore more valuable. The very rarest can sell for tens of millions of times their face value; in April, a single sat, normally worth $0.0006, sold for $2.1 million.
For the victims of the alleged Boneheads scam, it was either McRae-Yu and his rookie lawyer or no one. (Canadian police, unlike their counterparts in the U.S., have shown little interest and even less aptitude when to it comes to investigating this kind of scam.)
The recent crackdown on the crypto mixer money laundering, Samourai, has unveiled a sophisticated operation allegedly involved in facilitating illegal transactions and laundering criminal proceeds. The cryptocurrency community was shocked by the sudden Samourai Wallet shutdown. The U.S Department of Justice (DoJ) revealed the arrest of two co-founders, shedding light on the intricacies of their […]
Continuing its crackdown on cryptocurrency exchanges, the Securities and Exchange Commission (SEC) may potentially sue Robinhood Markets over securities violations alleged in the popular investing app's crypto unit, Robinhood Crypto said Monday.
In a recent SEC filing, Robinhood Markets Chief Financial Officer Jason Warnick confirmed that Robinhood Crypto has received investigative subpoenas from the SEC regarding its "cryptocurrency listings, custody of cryptocurrencies, and platform operations."
Despite Robinhood cooperating with these investigations, the SEC sent a "Wells Notice" on Monday, the filing said. The notice alerted Robinhood that SEC staff had made a "preliminary determination" recommending that the SEC "file an enforcement action" alleging that Robinhood Crypto had violated the Securities Exchange Act of 1934.
The FBI in a Thursday warning emphasized the financial risks associated with using unregistered cryptocurrency transfer services, especially considering potential law enforcement actions against these platforms.
The focus of this public service announcement is on crypto transfer platforms that operate without proper registration as Money Services Businesses (MSB) and fail to comply with anti-money laundering regulations mandated by the U.S. federal law.
Such platforms are frequent targets of law enforcement operations, particularly when criminals exploit them for transferring or laundering unlawfully acquired funds, like in the case of ransomware payments.
FBI’s PSA, released on its Internet Crime Complaint Center, cautioned Americans that,
Using a service that does not comply with its legal obligations may put you at risk of losing access to funds after law enforcement operations target those businesses.
The FBI said it had recently conducted law enforcement operations against unregistered cryptocurrency transfer services “that purposely break the law or knowingly facilitate illegal transactions.” It added that these services will continue to be investigated by law enforcement.
Steps to Avoid Using Unregistered Cryptocurrency Transfer Services
For individuals considering the use of cryptocurrency transfer services, “a few simple steps can prevent unintentional use of non-compliant services,” the FBI said. The agency advised the following security tips:
Checking the registration status as an MSB with the U.S. Treasury Department's Financial Crimes Enforcement Network (FinCEN).
Exercising caution with financial services that do not request KYC information (such as name, date of birth, address, and ID) before facilitating money or cryptocurrency transfers.
Understanding that the presence of an app in an app store does not necessarily signify its legality or compliance with federal requirements.
Refraining from using services that openly advertise themselves for illegal purposes.
Exercising vigilance when using cryptocurrency services known to be utilized by criminals for money laundering.
Samourai Wallet’s Unlicensed Money Transmitting Business Busted
The FBI's warning comes in the wake of the recent crackdown on Samourai, an illicit cryptocurrency transfer platform that offered a crypto mixer service facilitating the laundering of funds obtained through criminal activities.
The Icelandic law enforcement authorities seized Samourai's domains (samourai[.]io and samouraiwallet[.]com) and web servers. The Google Play Store also removed the Samourai Wallet Android mobile app that was downloaded over 100,000 times, before the seizure was initiated.
The U.S. Department of Justice charged Keonne Rodriguez and William Lonergan Hill, the platform's founders and operators, with laundering over $100 million from various criminal enterprises through Samourai's crypto mixing services, accruing approximately $4.5 million in fees.
According to the superseding indictment, "Since the start of the Whirlpool service in or about 2019 and of the Ricochet service in or about 2017, over 80,000 BTC (worth over $2 billion applying the BTC-USD conversion rates at the time of each transaction) has passed through these two services operated by Samourai."
The DOJ stated, "While offering Samourai as a 'privacy' service, the defendants knew that it was a haven for criminals to engage in large-scale money laundering and sanctions evasion.
“Indeed, as the defendants intended and well knew, a substantial portion of the funds that Samourai processed were criminal proceeds passed through Samourai for purposes of concealment,” the unsealed indictment said.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
For decades, fake IDs had roughly three purposes: Buying booze before legally allowed, getting into age-restricted clubs, and, we can only assume, completing nation-state spycraft for embedded informants and double agents.
In 2024, that’s changed, as the uses for fake IDs have become enmeshed with the internet.
Want to sign up for a cryptocurrency exchange where you’ll use traditional funds to purchase and exchange digital currency? You’ll likely need to submit a photo of your real ID so that the cryptocurrency platform can ensure you’re a real user. What about if you want to watch porn online in the US state of Louisiana? It’s a niche example, but because of a law passed in 2022, you will likely need to submit, again, a photo of your state driver’s license to a separate ID verification mobile app that then connects with porn sites to authorize your request.
The discrepancies in these end-uses are stark; cryptocurrency and porn don’t have too much in common with Red Bull vodkas and, to pick just one example, a Guatemalan coup. But there’s something else happening here that reveals the subtle differences between yesteryear’s fake IDs and today’s, which is that modern ID verification doesn’t need a physical ID card or passport to work—it can sometimes function only with an image.
Last month, the technology reporting outfit 404 Media investigated an online service called OnlyFake that claimed to use artificial intelligence to pump out images of fake IDs. By filling out some bogus personal information, like a made-up birthdate, height, and weight, OnlyFake would provide convincing images of real forms of ID, be they driver’s licenses in California or passports from the US, the UK, Mexico, Canada, Japan, and more. Those images, in turn, could then be used to fraudulently pass identification checks on certain websites.
When 404 Media co-founder and reporter Joseph Cox learned about OnlyFake, he tested whether an image of a fake passport he generated could be used to authenticate his identity with an online cryptocurrency exchange.
In short, it did.
By creating a fraudulent British passport through OnlyFake, Joseph Cox—or as his fake ID said, “David Creeks”—managed to verify his false identity when creating an account with the cryptocurrency market OKX.
Today, on the Lock and Code podcast with host David Ruiz, we speak with Cox about the believability of his fake IDs, the AI claims and limitations of OnlyFake, what’s in store for the future of the site— which went dark after Cox’s report—and what other types of fraud are now dangerously within reach for countless threat actors.
Making fake IDs, even photos of fake IDs, is a very particular skill set—it’s like a trade in the criminal underground. You don’t need that anymore.
Login
