Ilya Lichtenstein was sentenced to 60 months for his alleged role in laundering more than 120,000 Bitcoin, which was reportedly stolen from the crypto exchange Bitfinex in 2016. This was the sentence recommended by Department of Justice (DOJ) attorney Jessica Peck.
Lichtenstein’s wife, Heather “Razzlekhan” Morgan, is now reportedly scheduled to be sentenced on November 18, 2024.
The Bitfinex probe, which notably led to the largest seizure in US history, was led by former IRS-CI Special Agent Chris Janczewski — now TRM’s Head of Global Investigations.
Janczewski recently shared insights on the Bitfinex hack as well as other large crypto investigations.
Notably, Lichtenstein and Morgan pled guilty to money laundering conspiracy charges in August of last year, and Lichtenstein admitted to being the original hacker who was allegedly responsible for the damaging Bitfinex security breach.
The arrest and investigation intrigued the general public because of the couple’s rather strange/unconventional online personas as well as the substantial amount of stolen crypto involved.
As set forth in the criminal complaint, Lichtenstein allegedly stole 119,754 BTC (then valued at about $71 million) in August 2016.
Then, in 2022, prior to Lichtenstein and Morgan being taken into police custody for laundering the proceeds of the 2016 theft, law enforcement agencies were able to seize around 94,000 BTC (then valued at about $3.6 million)—notably the largest seizure in the US’s history.
Following these developments, TRM Labs pointed out that law enforcement agencies continued to investigate the incident; and with the assistance of the defendants, even more seizures of US currency, gold coins, BTC, ETH, USDC, USDT, and other assets — all linked to the original theft — had been made.
Because of the seized assets and increased price of cryptocurrencies, the government has “recovered approximately $10 billion in assets, according to forfeiture documents filed in court.”
As explained by TRM Labs, Lichtenstein exploited a vulnerability in Bitfinex’s security protocols in August 2016, “enabling him to execute one of the largest cryptocurrency thefts in history.” He admitted that, while inside Bitfinex, he was “able to capture usernames and passwords for users.” He used this information to attempt to access other crypto exchanges.
At the time, Bitfinex was using “a security model involving multi-signature wallets provided by BitGo, which added an extra layer of authorization for withdrawals to prevent unauthorized transfers.” But Lichtenstein discovered and “exploited a flaw in this multi-signature setup.”
According to TRM Labs, this case showcases “how far cryptocurrency investigations have come, particularly as blockchain technology becomes more integral to financial crime enforcement.”
TRM Labs concluded that as crypto crime continues to evolve, so must the tools and techniques to uncover malfeasance.