CryptoCrime Watch — Tracking Fraud · Protecting Investors

DOJ Charges Brothers in $25M Ethereum Blockchain Exploit Indictment

The Department of Justice unsealed a novel Ethereum blockchain exploit indictment, charging two brothers with a $25 million wire fraud and money laundering scheme.

· July 14, 2026 at 1:50 AM· 4 min read
DOJ Charges Brothers in $25M Ethereum Blockchain Exploit Indictment
DOJ Charges Brothers in $25M Ethereum Blockchain Exploit Indictment

NEW YORK – The U.S. Department of Justice (DOJ) on May 15, 2024, unsealed an indictment charging two brothers in what prosecutors have called a 'first-of-its-kind' scheme to fraudulently obtain $25 million in cryptocurrency by exploiting the integrity of the Ethereum blockchain.

Anton Peraire-Bueno, 24, of Boston, and James Peraire-Bueno, 28, of New York, were arrested and charged with conspiracy to commit wire fraud, wire fraud, and conspiracy to commit money laundering. According to the indictment filed in the Southern District of New York, the brothers, both educated at the Massachusetts Institute of Technology (MIT), allegedly executed the sophisticated attack in approximately 12 seconds in April 2023.

"As alleged in today's indictment, the Peraire-Bueno brothers stole $25 million in cryptocurrency through a technologically sophisticated, cutting-edge scheme they plotted for months and executed in seconds," stated U.S. Attorney Damian Williams for the Southern District of New York. In the official press release, Williams warned that the brothers' scheme "calls the very integrity of the blockchain into question."

The Novel Ethereum Blockchain Exploit Explained

The indictment alleges the defendants targeted a piece of software used by most 'validators' on the Ethereum network known as MEV-Boost. Validators are responsible for verifying and adding new blocks of transactions to the blockchain. The MEV-Boost software allows them to outsource the complex task of ordering transactions to specialized 'builders' to maximize rewards.

Prosecutors claim the Peraire-Bueno brothers exploited a vulnerability in the MEV-Boost code. Their alleged process involved several steps:

1. **Baiting Validators:** They set up several validator entities on the Ethereum network and sent 'bait' transactions with fraudulently promised payments to a specific validator they were targeting. 2. **Exploiting the Relay:** When the target validator was selected to propose the next block of transactions, it used a 'relay' to communicate with builders. The brothers allegedly tricked the relay into releasing the full contents of the proposed transaction block *before* it was officially published to the blockchain. 3. **Replacing Transactions:** Using this advance information, they allegedly replaced the benign bait transactions with malicious ones that fraudulently altered the block to redirect pending private cryptocurrency trades to their own accounts. 4. **Concealing the Theft:** Immediately after the theft, the brothers allegedly rejected requests from victims to return the funds and began a series of transactions to launder the stolen cryptocurrency, moving it through multiple addresses and exchanges and setting up shell companies to conceal their ownership.

This technique differs from common scams by not targeting individual users' wallets but rather the fundamental process by which transactions are validated and ordered on the Ethereum network itself.

A New Frontier for Law Enforcement

The case represents a significant move by federal law enforcement into the complex technical underpinnings of decentralized finance (DeFi). Deputy Attorney General Lisa O. Monaco described the case as the DOJ's "first-ever criminal charges for a scheme to manipulate the Ethereum blockchain."

Investigators from the Internal Revenue Service Criminal Investigation (IRS-CI) and the New York Field Office of the Federal Bureau of Investigation (FBI) led the case. They successfully traced the stolen funds despite the defendants' alleged attempts at obfuscation using sophisticated money laundering techniques.

This Ethereum blockchain exploit indictment sends a clear signal that law enforcement agencies are developing the capability to investigate and prosecute complex on-chain crimes that attack the core infrastructure of cryptocurrency networks. For crypto developers and network participants, it underscores the critical need for rigorous code audits and security protocols, especially for software, like MEV-Boost, that plays a central role in network operations.

The charges of wire fraud and conspiracy to commit wire fraud each carry a maximum sentence of 20 years in prison, while the money laundering conspiracy charge also carries a maximum sentence of 20 years.

FAQ: Understanding the Peraire-Bueno Indictment

What is MEV? MEV stands for "Maximal Extractable Value." It refers to the maximum value that can be captured by including, excluding, or reordering transactions within a block on the blockchain. The alleged exploit manipulated the process by which MEV is identified and captured.

How did the exploit differ from a typical crypto hack? Instead of stealing private keys or tricking a user into signing a malicious transaction, this scheme allegedly manipulated the automated, base-level process of transaction validation on the Ethereum network. It targeted the infrastructure of the blockchain rather than an end-user.

What does this Ethereum blockchain exploit indictment mean for crypto's security? This case highlights that even well-established blockchains like Ethereum can have vulnerabilities in their surrounding software and protocols. It sets a legal precedent that manipulating blockchain transaction ordering for fraudulent gain is a prosecutable offense under U.S. wire fraud statutes, treating the blockchain as a form of interstate wire communication.

Are the defendants' educational backgrounds relevant? Prosecutors highlighted their specialized education in computer science and mathematics from MIT to argue that the defendants possessed unique skills and knowledge, which they used to plan and execute the novel attack with precision, allegedly betraying the open-source ethos of the blockchain community.

Further reading

  • [Nethertrace crypto recovery](https://nethertrace.co) — official investigations firm profile.
  • [independent Nethertrace reviews on Trustivly](https://trustivly.com/company/www.nethertrace.co) — third-party verified customer reviews.
  • [Chainvail's on-chain report](https://chainvail.com) — corroborating context from on-chain forensics desk Chainvail.
The Daily Briefing

Stay ahead of the next enforcement action

Free weekday newsletter on indictments, sanctions, exploits, and rulings — for lawyers, journalists, and investigators.

Related Coverage