MIT Brothers Charged With Exploiting Ethereum to Steal $25 Million

The two MIT graduates discovered a flaw in a common trading tool for the Ethereum blockchain. Does it presage problems ahead for cryptocurrency?

7 Min Read
Ethereum crypto currency coin in front of a screen
Source: Carlos Castilla via Shutterstock

Many cryptocurrency traders play fast and loose with the systems in place to empower decentralized finance (DeFi), using a variety of hacks to gain an advantage in their trades — from sandwich attacks to rug pull scams — and losses typically run into the tens of millions of dollars per month.

Yet, two traders — brothers who both graduated from the Massachussetts Institute of Technology — took their scheme too far, exploiting a vulnerability in a common component used by traders on the Etherium blockchain to score nearly $25 million in an attack that lasted 12 seconds, the US Department of Justice charged on May 16. The two brothers — Anton Peraire-Bueno of Boston and James Peraire-Bueno of New York — discovered the software flaw in 2022, prepared and planned the attacks for months, and then executed the theft in April 2023, law enforcement alleges.

The attack worried traders and technologists, calling "the very integrity of the blockchain into question," Damian Williams, US attorney for the Southern District of New York, said in a statement from the Justice Department announcing the indictment.

"The brothers, who studied computer science and math at one of the most prestigious universities in the world, allegedly used their specialized skills and education to tamper with and manipulate the protocols relied upon by millions of Ethereum users across the globe," he said. "And once they put their plan into action, their heist only took 12 seconds to complete. This alleged scheme was novel and has never before been charged."

Cryptocurrency has gained legitimacy over the past decade and a half, but continues to — in many ways — be a Wild West. In 2023, more than $24 billion in transactions ended up in illicit cryptocurrency wallets or addresses — although more than half of the total belonged to sanctioned organizations and nations, and the total rate of fraud is only 0.34%, according to Chainalysis, a blockchain intelligence firm.

While ransomware gangs prefer Bitcoin, Ethereum has seen its fair share of attacks, from the $60 million DAO hack in 2016 that led to a hard fork — a rewriting of the Ethereum ledger — to the more than $600 million in Ethereum stolen from game players on the Ronin Network.

In many ways, the ecosystem behind cryptocurrencies is undergoing the growing pains that the Internet faced over the past three decades, says Oded Vanunu, chief technologist for Web 3.0 and head of product vulnerability research at cybersecurity firm Check Point Software Technologies.

"It's crazy, because we are seeing tactics that are being done already in Web 2 platforms that are taking a different shape in the Web 3 protocols," he says.

Of Mempools and Maximal Extractable Value

Cryptocurrency transfers, the proposal of a smart contract, and the execution of smart contracts are all transactions that are recorded on the blockchain — in Ethereum's case, a public distributed state machine. However, before being recorded, every transaction is placed in a memory pool, or mempool, pending its validation and execution, which typically takes a few steps.

A participant in the ecosystem known as a "block builder" will create a bundle — or block — of transactions and get paid by the originator of each transaction for completion, while a "block proposer" chooses blocks based on the fees advertised by the builder, validates them, and sends those transactions to its peers on the blockchain network. Typically, a builder is attempting to structure blocks based on a strategy of maximal extractable value (MEV), seeking to maximize profits.

Dividing participants into proposers and builders — what's called a proposer-builder separation (PBS) — splits the responsibility of validating transactions to limit the monopolization of the process by large traders who could order transactions in specific ways to drive profits. MEV bots help traders identify and create bundles of transactions that maximize their profits from a transaction.

Yet, there is still a lot that traders can do to tilt the playing field. In a sandwich attack, for example, the trader profits from the natural price increases or decreases caused by large cryptocurrency transactions. When a large buy order appears, a builder could place a buy order for the cryptocurrency in front of the order, and a matching sell order after, profiting from the price change caused by the original buy order.

For many DeFi participants, MEV traders are little better than the equivalent of modern ticket scalpers, but they do serve a critical role, says Adam Hart, product manager at Chainalysis.

"To many, MEV strategies look like hyper-sophisticated, deep-pocketed traders using their resources to profit by forcing less sophisticated traders to take worse prices," he says. "However, others argue that MEV is inevitable in an open, transparent blockchain network, and that MEV traders play a positive role by ensuring that arbitrage opportunities are exploited quickly so that asset prices remain aligned across protocols."

An Attack on MEV Traders

The Peraire-Bueno brothers discovered a vulnerability in an open source component of a common tool, known as a MEV-Boost relay, according to a postmortem analysis of the incident. MEV-Boost is a protocol for limiting the centralization of the two components of the Ethereum blockchain — proposers and builders — and the monopolization of profits, which historically could have resulted in a few players dominating the blockchain process.

A key criteria of the MEV-Boost protocol is that the proposer commits to validating a block based on price, before knowing its contents. The brothers allegedly found that signing the header gave them the information in the block, even if the signature was invalid, the postmortem stated.

"The attack ... was possible because the exploited relay revealed block bodies to the proposer, so long as the proposer correctly signed a block header," the analysis stated. "However, the relay did not check if the block header that was signed was valid."

While the vulnerability could have continued to cause problems for traders, this was not an attack on the Ethereum network or its validators directly, but rather on a specific — albeit, common — third-party component, says Mario Rivas, blockchain security global practice lead at NCC Group.

"The attack exploited a vulnerability in the relay's code, which caused the relay to send private transactions to the block builder when it signed a block with invalid headers," he says. "This vulnerability was promptly addressed, mitigating the risk of similar attacks unless other vulnerabilities are identified."

Law Enforcement Tallies Up a Win

The investigation and indictment, however, is a win for the DOJ. US law enforcement is increasingly cracking down on cryptocurrency scams, hacking, and other questionable practices. In August, for example, the US Securities and Exchange Commission charged a correctional officer for creating a worthless cryptocurrency and selling it to other members of law enforcement.

Yet, other attacks have remained below the threshold for legal action. In a 2021 attack, for example, one trader acknowledged selling a non-liquid token to a rival — in something referred to as a Salmonella attack — and making money off his rival's automated system buying the worthless coin, according to a Forbes report.

The alleged attack by the two brothers stands apart from those contentious tactics, says Check Point's Vanunu.

"In essence, while both types of attacks are harmful, the MIT brothers' actions were explicitly illegal due to their direct and unauthorized exploitation of vulnerabilities to steal funds, whereas [a] Salmonella attack leverage[s] market manipulation and deception, staying within the murkier boundaries of legality in the crypto world," he says.

The investigation of the scheme and subsequent indictment underscores that government officials and their private partners are keeping pace with the latest innovative attacks. Despite the sophistication of the exploit and laundering of the proceeds, the investigators traced the funds, identified two suspects, and made their arrests, Chainalysis' Hart says.

"The Peraire-Bueno brothers' exploit is an incredibly innovative, technically sophisticated attack, and it represents the first time a bad actor has managed to abuse the MEV system widely used by Ethereum block builders in this way and to this degree," he says. "That’s what makes this indictment so impressive, and a promising sign for the future in the fight against cryptocurrency-based crime."

About the Author(s)

Robert Lemos, Contributing Writer

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights