Skip to content

U.S. government takes action after hacker returns $19 million stolen crypto

U.S. government takes action after hacker returns $19 million stolen crypto
Paul L.

The United States government has taken action after an unidentified hacker returned part of the funds stolen in cryptocurrency from a government-linked wallet.

For context, about $20 million was drained from this wallet on October 24 in a high-profile heist attributed to bad actors.

Following the incident, approximately $19.3 million was remitted back to the wallet, according to on-chain data shared by Arkham Intelligence on October 25.

U.S. government Bitfinex seized funds. Source: Arkham Intelligence

Although only 88% of the funds were recovered, the U.S. government has since transferred the assets to a new wallet. 

Cryptocurrency transactions involving U.S. government-linked wallets. Source: Arkham Intelligence

Interestingly, this is one of the recent high-profile incidents in which hackers have opted to refund stolen funds. As reported by Finbold, in May, a hacker returned $71 million worth of cryptocurrency to a phishing victim.

How the hack unfolded 

Initial analysis indicates that the hackers attempted to quickly launder the funds, moving them through suspicious addresses linked to a money laundering service.

According to Arkham data, $1.25 million in Tether (USDT) and $5.5 million in USD Coin (USDC) were initially moved from the DeFi platform Aave. This was followed by approximately $13.7 million in aUSDC and $446,000 in Ethereum (ETH) transferred to a new wallet.

At the same time, almost $320,000 in Ethereum was sent to various exchanges, and $80,000 was distributed to smaller wallets.

Interestingly, the translations and use of platforms like Coinbase have prompted comments about the perceived irony in the U.S. government’s actions regarding cryptocurrencies. For instance, in an X post on October 24, crypto researcher Zack Voell remarked that it’s “funny” considering the government has cases against crypto service providers while simultaneously benefiting from their products.

“It’s pretty funny that the U.S. government is earning yield onchain while they’re suing Coinbase and Kraken for offering access to the same products,” he said.

It’s worth noting that the affected funds stem from those seized by the U.S. government in the 2016 Bitfinex hack. Interestingly, the perpetrators of the heist— Ilya Lichtenstein and his wife, Heather Morgan—are set to be sentenced in November 2024.

During the hack, Lichtenstein stole 120,000 Bitcoin (BTC), valued at over $8 billion at current market prices.

Gaps in Bitfinex forfeiture documents

Notably, an on-chain analysis by Ergo BTC pointed to inconsistencies and security vulnerabilities in the Bitfinex forfeiture documents regarding the management of seized cryptocurrency.

The analyst pointed out discrepancies between the documentation and the custody agencies, as the U.S. Marshals Service (USMS) did not officially report a compromised Ethereum address transfer.

To this end, Ergo revealed that 74 BTC, allegedly seized by the USMS, had already been spent, along with another 3,100 BTC from related transactions. 

He highlighted a notable gap between reported seized assets and actual on-chain movements. This indicates that the bad actors likely did not compromise all Bitfinex-seized assets, which, in return, called for more improved security measures.

Best Crypto Exchange for Intermediate Traders and Investors

  • Invest in cryptocurrencies and 3,000+ other assets including stocks and precious metals.

  • 0% commission on stocks - buy in bulk or just a fraction from as little as $10. Other fees apply. For more information, visit etoro.com/trading/fees.

  • Copy top-performing traders in real time, automatically.

  • eToro USA is registered with FINRA for securities trading.

30+ million Users
Securities trading offered by eToro USA Securities, Inc. (“the BD”), member of FINRA and SIPC. Cryptocurrency offered by eToro USA LLC (“the MSB”) (NMLS: 1769299) and is not FDIC or SIPC insured. Investing involves risk, and content is provided for educational purposes only, does not imply a recommendation, and is not a guarantee of future performance. Finbold.com is not an affiliate and may be compensated if you access certain products or services offered by the MSB and/or the BD

Read Next:

Finance Digest

By subscribing you agree with Finbold T&C’s & Privacy Policy

Related posts

Sign Up

or

By submitting my information, I agree to the Privacy Policy and Terms of Service.

Already have an account? Sign In

Services

IMPORTANT NOTICE

Finbold is a news and information website. This Site may contain sponsored content, advertisements, and third-party materials, for which Finbold expressly disclaims any liability.

RISK WARNING: Cryptocurrencies are high-risk investments and you should not expect to be protected if something goes wrong. Don’t invest unless you’re prepared to lose all the money you invest. (Click here to learn more about cryptocurrency risks.)

By accessing this Site, you acknowledge that you understand these risks and that Finbold bears no responsibility for any losses, damages, or consequences resulting from your use of the Site or reliance on its content. Click here to learn more.