News

Brothers Accused of Exploiting $25 Million in Ethereum (ETH) as US Reveals Fraud Allegations

Published

11 months ago

on

Two brothers have been arrested by the US Department of Justice for attacking the Ethereum blockchain and stealing $25 million in cryptocurrency during a 12-second exploit, according to a the indictment was unsealed on Wednesday.

The indictment charges Anton Peraire-Bueno, 24, of Boston, and James Pepaire-Bueno, 28, of New York, with conspiracy to commit wire fraud, wire fraud and conspiracy to commit money laundering.

The charges are significant because they represent a first-of-its-kind criminal action by the U.S. government related to the controversial practice of MEV, or maximum mineable value, whereby operators of Ethereum (and similar blockchains) preview users’ next transactions to gain extra profit for themselves. In the indictment, the government suggests that the very existence of MEV illustrates how Ethereum itself is a vulnerable system.

“[T]Defendants’ scheme calls into question the very integrity of blockchain,” Damian Williams, U.S. Attorney for the Southern District of New York, said in a press release.

According to Wednesday’s indictment, the Pepaire-Bueno brothers exploited MEV-boost, MEV software used by most validators that manage the Ethereum blockchain.

The indictment explains how Ethereum works, highlighting its staking consensus mechanism and the role of validators as participants who protect the network.

When users send transactions to Ethereum, those transactions are not immediately written to the blockchain’s ledger. Instead, they are added to a “mempool,” a waiting area for other transactions yet to be processed.

MEV-boost allows “block builders” to assemble such mempool transactions into official blocks. MEV robots called “researchers” explore the mempool for profitable trading opportunities and sometimes “bribe” builders to enter or reorder transactions in a way that can net them extra profit. (These “MEV strategies” can sometimes impact end-user profits.)

Validators, the operators who ultimately add blocks to the Ethereum blockchain, take the pre-built blocks from MEV-boost and then write them to the chain, where they are permanently cemented.

According to the indictment, the Pepaire-Bueno brothers exploited a bug in MEV-boost’s code that allowed them to preview the contents of blocks before they were officially delivered to validators.

The brothers created 16 Ethereum validators and targeted three specific traders who operated MEV robots, the indictment states. They used decoy transactions to figure out how those bots were trading, lured the bots to one of their validators who was validating a new block, and essentially tricked these bots into proposing certain transactions. The brothers would get ahead of the bots on certain transactions and would also use their validator to “tamper” with the new block by sending a fake digital signature that gave them access to the entire contents of the block and replace the “decoy transactions” with “tampered transactions “. In those tampered transactions, the brothers allegedly sold illiquid cryptocurrencies for which they tricked the victims’ trading robots into placing buy orders.

“In fact, Victim Traders sold approximately $25 million worth of various stablecoins or other more liquid cryptocurrencies to purchase particularly illiquid cryptocurrencies,” the document reads. “In effect, the Tampered Transactions drained the particular liquidity reserves of all the cryptocurrency that Victim Traders had deposited based on their frontrun trades.”

This meant that traders could not sell their new illiquid cryptocurrencies, which were “rendered effectively worthless”, while the defendants made off with $25 million in stablecoins and other “more liquid cryptocurrencies”, the Department of Justice.

The defendants then allegedly laundered the funds through various addresses and series of transactions, including converting the stolen funds into DAI and then into USDC.

“These brothers allegedly committed a first-of-its-kind manipulation of the Ethereum blockchain by fraudulently gaining access to pending transactions, altering the movement of electronic currency, and ultimately stealing $25 million in cryptocurrency from their victims,” he said. said special agent in charge Thomas Fattorusso of the IRS Criminal Investigation (IRS-CI) New York field office said.

The indictment examines some of what investigators found, including “a document laying out their plans,” the launch of shell companies, test transactions to identify best practices for attracting MEV robots, and Internet search histories .

UPDATE (May 15 17:19 UTC): Adds details throughout.

Fuente

Related Topics:

Leave a Reply

Your email address will not be published. Required fields are marked *

Información básica sobre protección de datos Ver más

  • Responsable: Miguel Mamador.
  • Finalidad:  Moderar los comentarios.
  • Legitimación:  Por consentimiento del interesado.
  • Destinatarios y encargados de tratamiento:  No se ceden o comunican datos a terceros para prestar este servicio. El Titular ha contratado los servicios de alojamiento web a Banahosting que actúa como encargado de tratamiento.
  • Derechos: Acceder, rectificar y suprimir los datos.
  • Información Adicional: Puede consultar la información detallada en la Política de Privacidad.

Trending

Exit mobile version