2016 Bitfinex hack
{{Short description|Cryptocurrency theft}}
The Bitfinex cryptocurrency exchange was hacked in August 2016. 119,756 bitcoins, worth about {{US$|72}} million at the time, were stolen.
In February 2022, the US government recovered and seized a portion of the stolen bitcoin, then worth {{USD|3.6}} billion, by decrypting a file owned by Ilya Lichtenstein (born 1989) that contained addresses and private keys associated with the stolen funds.{{cite press release|title=Case: 1 :22-mj-00022 - Complaint with Arrest Warrant|url=https://www.justice.gov/opa/press-release/file/1470186/download|date=February 7, 2022|access-date=February 10, 2022|archive-date=February 9, 2022|archive-url=https://web.archive.org/web/20220209011822/https://www.justice.gov/opa/press-release/file/1470186/download|url-status=live}} Lichtenstein and his wife, Heather R. Morgan (born 1991), were charged with conspiracy to launder the stolen bitcoin. In August 2023, Lichtenstein admitted to committing the theft. Both Lichtenstein and Morgan pleaded guilty to money laundering.{{cite news |last1=Paúl |first1=María Luisa |title='Bitcoin Bonnie and Clyde' plead guilty in 'spy novel'-like laundering case |url=https://www.washingtonpost.com/nation/2023/08/04/bitfinex-hack-guilty-plea/ |newspaper=Washington Post |access-date=5 August 2023 |date=4 August 2023}}
In November 2024, Lichtenstein was sentenced to five years in a US prison for his involvement in money laundering the stolen bitcoin.{{cite web|last=Hoskins|first=Peter|title=US hacker sentenced over Bitcoin heist worth billions|website=BBC Home|date=2024-11-15|url=https://www.bbc.com/news/articles/c2dl70wed1lo|access-date=2025-01-30}} Morgan was sentenced to 18 months in prison for fraud and conspiracy charges.{{cite web|last=Davis|first=Wes|title=Razzlekhan, crypto's most embarrassing rapper, is going to prison|website=The Verge|date=2024-11-18|url=https://www.theverge.com/2024/11/18/24299934/razzlekhan-crypto-bitfinex-hack-heather-morgan|access-date=2025-01-30}}
Hack
In August 2016, the Bitfinex cryptocurrency exchange, based in Hong Kong, announced it had suffered a security breach.{{Cite news |title=Bitfinex comes back from $69 million bitcoin heist |newspaper=Sfgate |date=May 21, 2017 |url=http://www.sfgate.com/business/article/Bitfinex-comes-back-from-69-million-bitcoin-heist-11161585.php |url-status=live |archive-url=https://web.archive.org/web/20170522112449/http://www.sfgate.com/business/article/Bitfinex-comes-back-from-69-million-bitcoin-heist-11161585.php |df=mdy-all |archive-date=2017-05-22 |last1=Nakamura |first1=By Yuji }} Around 2,000 approved transactions were sent to a single wallet from users' segregated wallets.{{Cite magazine|last=Chow|first=Andrew R|date=February 10, 2022|title=Inside the Chess Match That Led the Feds to $3.6 Billion in Stolen Bitcoin|url=https://time.com/6146749/cryptocurrency-laundering-bitfinex-hack/|url-status=live|access-date=February 12, 2022|magazine=Time|archive-url=https://web.archive.org/web/20220210131336/https://time.com/6146749/cryptocurrency-laundering-bitfinex-hack/ |archive-date=2022-02-10 }} Immediately thereafter, bitcoin's trading price plunged by 20%, causing the value of the stolen bitcoins to dip to {{US$|58}} million.{{cite news|last=Tsang|first=Amie|date=August 3, 2016|title=Bitcoin Plunges After Hacking of Exchange in Hong Kong|newspaper=The New York Times|location=Hong Kong|url=https://www.nytimes.com/2016/08/04/business/dealbook/bitcoin-bitfinex-hacked.html|url-status=live|archive-url=https://web.archive.org/web/20170518201610/https://www.nytimes.com/2016/08/04/business/dealbook/bitcoin-bitfinex-hacked.html|archive-date=May 18, 2017}} After learning of the breach, Bitfinex halted all bitcoin withdrawals and trading{{Cite journal |last=Shekhtman |first=Lonnie |date=August 3, 2016 |title=Bitcoin security breaches raise questions about digital currency's future |url=http://www.csmonitor.com/Business/new-economy/2016/0803/Bitcoin-security-breaches-raise-questions-about-digital-currency-s-future |url-status=live |archive-url=https://web.archive.org/web/20170528013604/http://www.csmonitor.com/Business/new-economy/2016/0803/Bitcoin-security-breaches-raise-questions-about-digital-currency-s-future |archive-date=May 28, 2017 |journal=Christian Science Monitor}} and said it was tracking down the perpetrators of the hack.{{cite news |title=Bitcoin Worth $72M Was Stolen in Bitfinex Exchange Hack in Hong Kong |url=http://fortune.com/2016/08/03/bitcoin-stolen-bitfinex-hack-hong-kong/ |url-status=live |archive-url=https://web.archive.org/web/20161120085013/http://fortune.com/2016/08/03/bitcoin-stolen-bitfinex-hack-hong-kong/ |archive-date=November 20, 2016 |access-date=October 26, 2016 |website=Fortune}} Exchange customers, even those whose accounts had not been broken into, had their account balance reduced by 36% and received BFX tokens in proportion to their losses.{{Cite news |last=Baldwin |first=Clare |author-link=Clare Baldwin |date=August 6, 2016 |title=Bitfinex exchange customers to get 36 percent haircut, debt token |publisher=Reuters |url=https://www.reuters.com/article/us-bitfinex-hacked-hongkong/bitfinex-exchange-customers-to-get-36-percent-haircut-debt-token-idUSKCN10I06H |url-status=live |access-date=June 20, 2018 |archive-url=https://web.archive.org/web/20190316072616/https://www.reuters.com/article/us-bitfinex-hacked-hongkong/bitfinex-exchange-customers-to-get-36-percent-haircut-debt-token-idUSKCN10I06H |archive-date=March 16, 2019}} The exchange's access to U.S. dollar payments and withdrawals was then curtailed. The hack happened even though Bitfinex was securing the funds with BitGo, which uses multiple-signature security.{{Cite news|date=2016-08-03|title=Bitcoin worth $72 million stolen from Bitfinex exchange in Hong Kong|language=en|work=Reuters|url=https://www.reuters.com/article/us-bitfinex-hacked-hongkong-idUSKCN10E0KP|access-date=2021-10-14|archive-date=2020-11-11|archive-url=https://web.archive.org/web/20201111120442/https://www.reuters.com/article/us-bitfinex-hacked-hongkong-idUSKCN10E0KP|url-status=live}}
In July 2023, Bitfinex worked with the Department of Homeland Security to recover about $315,000 in cash and cryptocurrencies stolen in the 2016 breach. The funds will be redistributed to holders of Bitfinex's Recovery Right Tokens, digital coins issued to people who suffered financial losses due to the hack.{{Cite news|url=https://www.bloomberg.com/news/articles/2023-07-06/crypto-exchange-bitfinex-says-315-000-from-2016-hack-recovered|title=Crypto Exchange Bitfinex Says $315,000 From 2016 Hack Recovered|newspaper=Bloomberg|date=July 6, 2023|via=www.bloomberg.com|access-date=2024-05-21|archive-date=2023-07-07|archive-url=https://web.archive.org/web/20230707213916/https://www.bloomberg.com/news/articles/2023-07-06/crypto-exchange-bitfinex-says-315-000-from-2016-hack-recovered|url-status=live}}
Laundering
In early 2017, small amounts of the stolen bitcoins began to be moved from the wallet it had been initially stored in to the Dark Web marketplace AlphaBay with the intention of laundering it. After AlphaBay was shuttered by international law enforcement led by the FBI, the money was rerouted to the Russian marketplace Hydra. The shutdown of AlphaBay may have given law enforcement access to the service's internal transaction logs and allowed it to identify the perpetrators.
In February 2022, a New York couple, Ilya Lichtenstein (aged 34) and his wife Heather R. Morgan (aged 31), were charged by US federal authorities with conspiring to launder the bitcoins, which was worth {{US$|5.3}} billion at the time.{{cite news |last1=Barrett |first1=Devlin |title=Feds arrest couple, seize $3.6 billion in hacked bitcoin funds |url=https://www.washingtonpost.com/national-security/2022/02/08/bitfinex-hack-bitcoin-arrests/ |newspaper=The Washington Post |date=February 8, 2022 |access-date=February 9, 2022 |archive-date=February 16, 2022 |archive-url=https://web.archive.org/web/20220216064314/https://www.washingtonpost.com/national-security/2022/02/08/bitfinex-hack-bitcoin-arrests/ |url-status=live }}{{Cite news|last=Lyngaas|first=Sean|date=February 8, 2022|title=Feds arrest a New York couple and seize $3.6 billion in stolen cryptocurrency|page=1|work=CNN News|url=https://edition.cnn.com/2022/02/08/investing/cryptocurrency-laundering/index.html|access-date=February 9, 2022|archive-date=February 14, 2022|archive-url=https://web.archive.org/web/20220214173633/https://edition.cnn.com/2022/02/08/investing/cryptocurrency-laundering/index.html|url-status=live}} Lichtenstein was an entrepreneur who had co-founded a sales company called MixRank. Morgan was an entrepreneur, columnist for Inc., former Forbes digital contributor (from 2017 to 2021), and online rapper.{{Cite magazine |last=Hissong |first=Samantha |date=2022-02-08 |title=Accused Bitcoin Mega Crook Made Rap Videos. And Dear God, Are They Cringey |url=https://www.rollingstone.com/culture/culture-news/crypto-laundering-scheme-doj-1296783/ |access-date=2022-03-05 |magazine=Rolling Stone |language=en-US |archive-date=2022-03-05 |archive-url=https://web.archive.org/web/20220305050726/https://www.rollingstone.com/culture/culture-news/crypto-laundering-scheme-doj-1296783/ |url-status=live }}{{Cite magazine |last=Dugan |first=Kevin |date=2022-02-15 |title=The Many Lives of Crypto's Most Notorious Couple How the accused bitcoin launderers spent their time. |url=https://nymag.com/intelligencer/2022/02/the-many-shifting-sides-of-cryptos-most-notorious-couple.html |access-date=2024-05-13 |magazine=New York Magazine |language=en-US |archive-date=2024-05-13 |archive-url=https://web.archive.org/web/20240513134409/https://nymag.com/intelligencer/2022/02/the-many-shifting-sides-of-cryptos-most-notorious-couple.html |url-status=live }} Although neither were charged with committing the hack, law enforcement had acquired a search warrant for a cloud storage service used by Lichtenstein, obtaining a spreadsheet of wallet addresses and passwords linked to the hack.{{Cite web |date=2022-02-09 |title=US Justice's largest ever financial seizure sees two arrests over $3.6bn stolen crypto |url=https://www.internationalinvestment.net/news/4044672/us-justice-largest-financial-seizure-arrests-usd-6bn-stolen-crypto |url-status=live |archive-url=https://web.archive.org/web/20220217134348/https://www.internationalinvestment.net/news/4044672/us-justice-largest-financial-seizure-arrests-usd-6bn-stolen-crypto |archive-date=2022-02-17 |access-date=2022-02-17 |website=InternationalInvestment |language=en}} Though the stolen bitcoins could be tracked through public transactions logged on the blockchain, it was only after the wallet passwords were recovered that law enforcement could access and seize their contents.{{Cite news|url=https://www.reuters.com/world/us/us-couple-accused-laundering-crypto-bitfinex-hack-reach-plea-deal-2023-07-21/|title=Crypto rapper 'Razzlekhan,' husband reach plea deal over Bitfinex hack laundering|first1=Luc|last1=Cohen|newspaper=Reuters|date=July 21, 2023|via=www.reuters.com|access-date=July 26, 2023|archive-date=July 26, 2023|archive-url=https://web.archive.org/web/20230726201027/https://www.reuters.com/world/us/us-couple-accused-laundering-crypto-bitfinex-hack-reach-plea-deal-2023-07-21/|url-status=live}}{{cite web|title=In Bitfinex Cryptocurrency Heist, 2 Charged Reach Plea Deal|website=The New York Times|date=2023-07-21|url=https://www.nytimes.com/2023/07/21/nyregion/bitfinex-heist-laundering-plea-deal.html|access-date=2023-07-26|archive-date=2023-07-26|archive-url=https://web.archive.org/web/20230726195942/https://www.nytimes.com/2023/07/21/nyregion/bitfinex-heist-laundering-plea-deal.html|url-status=live}}
Some of the funds were moved to more traditional financial accounts and spent on gold, NFTs, Uber rides and a PlayStation.{{Cite magazine |date=2022-08-16 |title=The Ballad of Razzlekhan and Dutch, Bitcoin's Bonnie and Clyde |url=https://www.vanityfair.com/news/2022/08/the-ballad-of-razzlekhan-and-dutch-bitcoins-bonnie-and-clyde |access-date=2022-08-18 |magazine=Vanity Fair |language=en-US |archive-date=2022-08-18 |archive-url=https://web.archive.org/web/20220818101015/https://www.vanityfair.com/news/2022/08/the-ballad-of-razzlekhan-and-dutch-bitcoins-bonnie-and-clyde |url-status=live }} Although hundreds of millions of dollars were converted to fiat currency, 80% of the bitcoins (approximately 94,000) remained in the original wallet at the center of the hack.
In August 2023, Lichtenstein pleaded guilty to conspiracy to commit money laundering, and Morgan to one count of money laundering conspiracy and one count of conspiracy to defraud the United States. Lichtenstein additionally admitted to carrying out the hack. An information was filed against both defendants.{{Cite web |last=Forkin |first=Dan Mangan, Jim |date=July 21, 2023 |title='Crypto Couple' appear set to plead guilty in bitcoin hack money laundering case |url=https://www.cnbc.com/2023/07/21/crypto-couple-appear-set-to-plead-guilty-in-bitcoin-money-laundering.html |url-status=live |archive-url=https://web.archive.org/web/20230725163021/https://www.cnbc.com/2023/07/21/crypto-couple-appear-set-to-plead-guilty-in-bitcoin-money-laundering.html |archive-date=July 25, 2023 |access-date=July 26, 2023 |website=CNBC}}
In November 2024, Lichtenstein was sentenced to 60 months in prison and three years of supervised release.{{cite web |title=Bitfinex Hacker Sentenced in Money Laundering Conspiracy Involving Billions in Stolen Cryptocurrency |date=November 15, 2024 |url=https://www.justice.gov/usao-dc/pr/bitfinex-hacker-sentenced-money-laundering-conspiracy-involving-billions-stolen |work=justice.gov}} Morgan was sentenced to 18 months in prison and three years of supervised release for fraud and conspiracy charges.{{Cite web |last=Davis |first=Wes |date=2024-11-18 |title=Razzlekhan, crypto's most embarrassing rapper, is going to prison |url=https://www.theverge.com/2024/11/18/24299934/razzlekhan-crypto-bitfinex-hack-heather-morgan |access-date=2024-11-19 |website=The Verge |language=en}}
On December 6, 2024, Netflix released a documentary directed by Chris Smith featuring the story of Lichtenstein's and Morgan's crimes, titled Biggest Heist Ever.{{Cite magazine |last=Brodsky |first=Rachel |date=2024-12-06 |title=The True Story Behind Netflix's 'Biggest Heist Ever' |url=https://time.com/7200219/bitcoin-netflix-biggest-heist-ever/ |access-date=2025-01-30 |magazine=TIME |language=en}}
In 2025, the US President signed an executive order to create a Strategic Bitcoin Reserve including Bitcoin seized by US law enforcement. In theory, this includes over 100,000 Bitcoin seized from the Bitfinex hackers, but the US Department of Justice has recommended to the courts that the Bitcoin seized after the hack be returned to Bitfinex.{{cite web|title=Fact Sheet: President Donald J. Trump Establishes the Strategic Bitcoin Reserve and U.S. Digital Asset Stockpile|website=The White House|date=2025-03-07|url=https://www.whitehouse.gov/fact-sheets/2025/03/fact-sheet-president-donald-j-trump-establishes-the-strategic-bitcoin-reserve-and-u-s-digital-asset-stockpile/|access-date=2025-03-22}}{{cite web|title=Establishment of the Strategic Bitcoin Reserve and United States Digital Asset Stockpile|website=The White House|date=2025-03-07|url=https://www.whitehouse.gov/presidential-actions/2025/03/establishment-of-the-strategic-bitcoin-reserve-and-united-states-digital-asset-stockpile/|access-date=2025-03-22}}{{cite web|last=Nandita Bose|first=Jasper Ward|title=Trump signs order to establish strategic bitcoin reserve|website=Reuters|date=2025-03-07|url=https://www.reuters.com/technology/trump-signs-order-establish-strategic-bitcoin-reserve-white-house-crypto-czar-2025-03-07/|access-date=2025-03-22}}{{cite web|last=McMahon|first=Annabelle Liang & Liv|title=Bitcoin reserve: Why has Trump set up a US crypto stockpile?|website=BBC Home|date=2025-03-07|url=https://www.bbc.com/news/articles/cqx0g1py5v0o|access-date=2025-03-22}}{{cite web|title=US DOJ to return $9B in recovered Bitcoin from 2016 hack to Bitfinex|website=MSN|date=2025-03-29|url=https://www.msn.com/en-us/money/other/us-doj-to-return-9b-in-recovered-bitcoin-from-2016-hack-to-bitfinex/ar-AA1xgzq5|access-date=2025-03-29}}