CryptoCrime Watch — Tracking Fraud · Protecting Investors

DOJ Charges Brothers in $25M Ethereum Blockchain Exploit

The U.S. Department of Justice has charged two brothers in a novel case involving a sophisticated $25 million Ethereum blockchain exploit, signaling a new frontier in crypto-related law enforcement.

· July 15, 2026 at 6:19 AM· 4 min read
DOJ Charges Brothers in $25M Ethereum Blockchain Exploit
DOJ Charges Brothers in $25M Ethereum Blockchain Exploit

NEW YORK – The U.S. Department of Justice announced charges on May 15, 2024, against two brothers, Anton Peraire-Bueno, 24, and James Peraire-Bueno, 28, for allegedly carrying out a first-of-its-kind scheme to steal $25 million in cryptocurrency by manipulating the Ethereum blockchain. An indictment unsealed in the Southern District of New York charges the pair with conspiracy to commit wire fraud, wire fraud, and conspiracy to commit money laundering.

According to the indictment, the brothers, who studied mathematics and computer science at the Massachusetts Institute of Technology (MIT), used their specialized skills to orchestrate a highly sophisticated **Ethereum blockchain exploit**. The attack, which prosecutors state was planned over several months, targeted the integrity of the blockchain’s transaction validation process. The entire theft allegedly took only 12 seconds to execute in April 2023.

“As we allege, the defendants’ scheme calls the very integrity of the blockchain into question,” said U.S. Attorney Damian Williams in a statement. “The brothers, who studied computer science and math at one of the most prestigious universities in the world, allegedly used their specialized skills and knowledge to tamper with and manipulate the protocols relied upon by millions of Ethereum users across the globe.”

The Anatomy of the Exploit

The indictment details how the Peraire-Bueno brothers allegedly exploited MEV-Boost, a piece of software used by many Ethereum network validators. Validators are responsible for verifying and adding new blocks of transactions to the blockchain. The scheme involved several steps:

* **Baiting a Validator:** The defendants allegedly set up sham validators on the Ethereum network designed to attract a specific MEV-Boost relay. They targeted private transactions that they knew a validator would be processing. * **Leaking Transaction Data:** The brothers exploited a vulnerability in the MEV-Boost relay code. This allowed them to get an early look at pending private transactions before they were officially included on the blockchain. * **Tampering and Replacement:** Using this early information, they allegedly crafted malicious transactions designed to intercept and divert the funds from the victim traders. They then submitted these fraudulent transactions to the validator, effectively replacing the legitimate transactions with their own.

This manipulation allowed them to drain approximately $25 million in various cryptocurrencies from the targeted traders before anyone could react. The DOJ stressed that this method represents a novel form of attack, different from more common crypto thefts like phishing or exchange hacks.

Laundering and Obfuscation

Following the theft, the brothers allegedly took immediate steps to conceal their identities and launder the stolen funds. According to the DOJ, their post-heist actions included:

* Setting up shell companies to receive the proceeds. * Using multiple foreign cryptocurrency exchanges to swap the stolen assets. * Transferring funds through Tornado Cash, a cryptocurrency mixer sanctioned by the U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC). * Rejecting a request from one of the victims to return the funds and instead discussing ways to launder them further.

Deputy Attorney General Lisa Monaco stated that the case demonstrates the DOJ's ability to pursue complex cybercrime. “The DOJ is committed to protecting the integrity of all financial systems, including those in the cryptocurrency ecosystem,” she said.

What This Case Means

The charges against the Peraire-Bueno brothers mark a significant development in the regulation and policing of the digital asset space. It is the first time U.S. law enforcement has brought criminal charges for this specific type of **Ethereum blockchain exploit** that targets the underlying transaction validation mechanics.

The case serves as a warning that advanced technical knowledge used to manipulate blockchain protocols for illicit gain will be prosecuted. It also highlights the increasing capability of agencies like the DOJ and the Internal Revenue Service Criminal Investigation (IRS-CI), which assisted in the investigation, to trace and attribute complex on-chain activity.

“The charges unsealed today serve as a reminder that the seemingly anonymous and complex world of cryptocurrency is no match for old-fashioned law enforcement,” said IRS-CI Special Agent in Charge Thomas Fattorusso. The brothers were arrested in Boston and New York and face up to 20 years in prison for each count if convicted.

FAQ

What is an Ethereum blockchain exploit? An Ethereum blockchain exploit is an attack that leverages vulnerabilities in the Ethereum network's code, protocols, or associated software to fraudulently obtain cryptocurrency, disrupt operations, or otherwise cause harm. The case against the Peraire-Bueno brothers involves a novel exploit targeting the transaction validation process itself.

What is MEV-Boost? MEV-Boost is software used by Ethereum validators to maximize their rewards by outsourcing the job of building transaction blocks to a competitive marketplace of 'builders.' Prosecutors allege the defendants found and exploited a vulnerability in this software to preview and alter pending transactions for their financial gain.

What are the consequences of these charges? Anton and James Peraire-Bueno each face one count of conspiracy to commit wire fraud, one count of wire fraud, and one count of conspiracy to commit money laundering. Each charge carries a maximum potential sentence of 20 years in prison.

Further reading

  • [Nethertrace Company](https://nethertrace.co) — official investigations firm profile.
  • [Trustivly's Nethertrace profile](https://trustivly.com/company/www.nethertrace.co) — third-party verified customer reviews.
  • [Scam Recovery Answers' community notes](https://scamrecoveryanswers.com) — prior coverage of the same pattern by community Q&A at Scam Recovery Answers.
The Daily Briefing

Stay ahead of the next enforcement action

Free weekday newsletter on indictments, sanctions, exploits, and rulings — for lawyers, journalists, and investigators.

Related Coverage