The biggest 'Money Heist' ever and no shots were fired

Bitcoin Robbery

How did robber barons get away with more than the GDP of the bottom 50 nations in this daring robbery while armed with an India connection, writes Satyen K. Bordoloi


The biggest robberies and heists in the world boggle the human imagination. In Money Heist, the robbers steal a billion-dollar. What could be bigger, right? The facts of the case though are that the world's biggest robbery, is monumentally bigger and far stranger than the best in fiction.  

In 2016, 119,756 bitcoins were stolen in a hack of the then-largest cryptocurrency exchange Bitfinex. The cost of the stolen currencies then hovered around $70 million. What makes this, one of the biggest cryptocurrency hacks, the biggest robbery of all time is the ever-increasing price of the stolen bitcoins.  

On Nov, 10, 2021, Bitcoin reached an all-time high price of $68,990.90 per coin. If the hackers had sold the coins that day, it would have fetched them 119,756 multiplied by $68,990.90, i.e. a whopping $8262074220.4 or $8.26 billion.  

Even if we discount that and consider the price of the 94,636 coins recovered in February, it still amounts to – as per the FBI – "presently worth $3.629 billion." The Department of Justice called it the largest seizure of stolen cryptocurrencies ever. 


Compare this with ten of the biggest heists of all time as the infographic points out and you realise this is manifestly bigger than any yet thanks to the rising value of the loot.

As if the case wasn't eye-popping enough, the fact that it took so long to catch the culprit, is bizarre. The very idea of a blockchain is that every transaction in it is not only recorded on multiple devices, it is open for anyone to see. This extreme transparency is why the system is so popular. Yet the authorities took five years to catch and recover only 80% of the loot.  

Perhaps it is the very transparency of the system that restricted the robbers' ability to offload all the stolen coins in time. The fact that every transaction is watchable in real time meant the robbers perhaps did not have a moment's reprieve in the five years they have had the coins.  

What attests to the genius of the thieves, is that they did manage to sell around 20% of the coins before the authorities managed to recover the rest.  

Unlike the usual expectation, these robbers were neither trigger-happy criminals nor your average basement hackers. They are 'respectable' members of the crypto world who not only did not run away but never even left their 'normal life'.  

Ilya Lichtenstein, 34, and Heather Morgan, 31, are a husband-wife duo who – till their arrest in the first week of February – were known as entrepreneurs in the crypto space with a couple of companies in their name.  As a Wall Street Journal investigation revealed, Ilya had gone through a Silicon Valley training program for entrepreneurs, while Heather had her companies alongside contributions to Forbes magazine. She, amazingly, was also a rapper who went by the name 'Razzlekhan'.  

Unlikely pair to be the world's biggest robbers, eh?  

Indeed, for it is still uncertain if they were the ones who stole the coins because what the US government and the feds are accusing them of is a conspiracy to launder the bitcoins. As per the government accusations, sometime in 2017, the stolen bitcoins landed in accounts controlled by Ilya and Heather and for four years they tried to conceal their footprints by running an elaborate and sophisticated crisscross across thousands of bitcoin wallets.  

The government is alleging that the couple turned the coins into cash via different methods: machines that dispense cash for bitcoins, NFTs, Walmart gift cards etc. The irony is that the couple never really got to live up to their loot. They have a nice Manhattan apartment, but it isn't all that lavish.  

In that very apartment though, the feds found bags labelled 'burner phones', links to buy passports on the dark web, and access information to a cryptocurrency wallet that had nearly 95,000 of the stolen bitcoins priced at around $3.6 billion.  

These clues would lead feds to the thousands of transactions over the years. They could do that because every single bitcoin transaction from 2009 to now, is viewable by anyone: including you, the reader (at blockchain.com), even when ownership isn't. That is also the reason why the US government knows where the Bitcoins are, but not who stole them.  

This is where agencies had to use old-world investigative techniques to connect the stolen coins to over a dozen accounts that Lichtenstein and Morgan created either in their own names or in the names of their businesses.  

Cryptocurrencies are convenient for criminals outside the country they are stealing from. e.g. during last year's Colonial Pipeline ransomware attack, the hackers didn't ask for cash but cryptocurrencies. The drawback is that you can cover tracks like Ilya and Heather did, but never erase them. Anyone willing to throw enough time, effort, and resources, can trace every single step of every bitcoin.  

The scandal has even sprouted an Indian connection. Srikrishna Ramesh, a hacker arrested by the Bengaluru crime branch last week for allegedly using bitcoins to acquire drugs on the darknet, is said to have claimed his involvement in the 2016 Bitfinex hack. This has generated political heat with the opposition in Karnataka alleging that the stolen bitcoins were used by the hacker to bribe cops and other government officials after his arrest in November 2020.  

This was a landmark case for another reason. It shows how good the authorities in the US have gotten at tracking crypto. The learnings here will hopefully help investigative agencies across the world.  

As the infographic points out, four of the top ten heists of all time, are cryptocurrency exchange hacks; all in the last five years. This has exposed vulnerabilities in the security of cryptocurrencies and exchanges, the five most common ones being: phishing, missing hot wallet protections, weak protection of employee login credentials, software vulnerabilities, and transaction malleability.

However, this has also woken the industry and over time their security has become better and better. However, with governments and enterprises across the world gung-ho about blockchain based solution to multiple real-world needs, the risk is higher. Blockchain security needs to evolve rapidly.

Though Bitfinex hack case seems solved, its legend is sure to grow with the rise in the value of Bitcoins. If one bitcoin price reaches – as some pundits predict – a million dollars, that day the worth of this robbery would be nearly 120 billion dollars. Unless the value of Bitcoin crashes completely or another equally fantastic robbery takes place, this will retain its largest financial heist crown.  

When the child tells his father he's considering a career in crime, the father asks: private or government. Once the amount stolen in crypto heists becomes common knowledge, the father in this joke will answer: private, government or crypto.  

About the author:
Satyen is an award-winning scriptwriter, journalist based in Mumbai. He loves to let his pen roam the intersection of artificial intelligence, consciousness, and quantum mechanics. His written words have appeared in many Indian and foreign publications.

More by Satyen K Bordoloi:

Artificial Intelligence: Friend or Foe?

Ultrasuperfast: The innovations that make 10-minute delivery possible

'Crypto'nite: Will Blockchain determine the fate of future wars?

Digital Oracle: When AI predicts crime
 

Leave a Reply

Top