It took two brothers who went to MIT months to plan how they were going to steal, launder and hide millions of dollars in cryptocurrency - and only 12 seconds to actually pull off the heist.
The brothers, Anton Peraire-Bueno and James Pepaire-Bueno, were indicted by federal prosecutors this week for the sophisticated and novel scheme that took advantage of weaknesses in the Ethereum blockchain processes to steal $25 million in Ethereum crypto.
They then spent more months after the April 2023 theft to conceal the stolen digital assets through such actions as transferring some of them to other privately held crypto addresses and converting them to other a stablecoin.
The two men manipulated processes and protocols that are used to validate transactions and add them to the Ethereum blockchain, according to the indictment.
The amount of crypto lost to cybercrime continues to grow.
In a January report, Blockchain analysis firm Chainalysis said that in 2023, $24.2 billion in cryptocurrency was received by illicit addresses through everything from scams and stolen funds to ransomware and fraud, accounting for.34% of all on-chain transaction volume.
The indictment uses the brothers' action as a guide of sorts through the world of cryptocurrency and blockchains, or at least Ethereum and its blockchain, which is used by millions of people worldwide and in 2023 averaged more than 1 million transactions a day, the prosecutors wrote.
Validators determine that new blocks of recorded transaction information are valid before they're added to the blockchain - a process that ensures the integrity and security of the blockchain - and validators are paid a portion of the maximum extractable value of the transactions that make up the block.
When a transaction is made, it's not immediately put on the blockchain.
It's in a memory pool - or mempool - with other transactions, and it's visible to the public.
The MEV is maximum value available when publishing a new block to the blockchain and, with a lack of block-building protocols, validators compete for MEV opportunities, which causes instability on the network.
MEV-Boost is open source software that was created to bring more order to the process through protocols dictating how transactions are organized into blocks, according to the indictment.
Then there are searchers, builders, and relays, to whom validators give the job of building the blocks, per protocols.
Searchers scan the mempool using automated MEV bots looking for profitable opportunities and then sends builders proposed bundles of transactions, who compiles the bundles from various searchers into a block and proposes it to the relay, who submits the blockheader to the validators containing information like the payment coming to the validator for validating the proposed block.
All this, done automatically in software, takes fractions of a second, according to the indictment.
According to prosecutors, the relay is like an escrow account at a bank, holding the private information about the block as proposed by the builder until the validator commits to putting it on the blockchain.
On April 2, they learned that one of their validators were picked to validate a new block.
They lured the victims' MEV bots by proposing at least eight specific transactions they knew the bots would include in a proposed bot.
Through this, they were able to alter the transactions and grab the traders' crypto, worth about $25 million.
In the months after the heist, the brothers ignored demands by one of the victims, the victim's lawyer, and an Ethereum representative to return the stolen digital assets and worked to launder the crypto.
This Cyber News was published on securityboulevard.com. Publication date: Sat, 18 May 2024 08:43:05 +0000