Bitfinex Hacker Sentenced to 5 Years For Stealing Nearly 120,000 Bitcoin

Why Trust Techopedia
Key Takeaways

  • Ilya Lichtenstein has been sentenced to five years in prison for stealing 119,754 Bitcoin from Bitfinex in 2016.
  • While worth far less at the time, at current exchange rates the Bitcoin would be worth over $10.7 billion.
  • Lichtenstein’s wife, Heather Morgan, is due to be sentenced on November 18th for her role in money laundering efforts.

A convicted suspect in the 2016 hack of Bitfinex, a major cryptocurrency exchange, has been sentenced to five years in prison.

Ilya Lichtenstein used a complex set of tactics to steal almost 120,000 Bitcoin, the US Department of Justice says. Once he hacked into the exchange, Lichtenstein initiated over 2,000 transactions, shifting 119,754 Bitcoin into a private wallet. To make tracing difficult, he deleted info from multiple log files, including Bitfinex’s network access credentials.

Concealment efforts continued after the hack was completed. With the help of his wife, Heather Morgan, the Department of Justice says that Lichtenstein began laundering the Bitcoin, using things like fake online accounts, darknet markets and exchanges, cryptocurrency “mixing” services, and converting the Bitcoin into other cryptocurrencies. US business accounts were used to make the couple’s banking seem honest, although the pair also converted some money into gold coins.

Both Morgan and Lichtenstein plead guilty to money laundering conspiracy charges in August 2023. Morgan is due to be sentenced on November 18th. Beyond his prison term, Lichtenstein will also have to serve three years of supervised release.

Liechtenstein’s theft was valued at roughly $61 million at the time, according to The Verge. There were concerns about whether Bitfinex would even survive the loss, but the exchange continues to operate today. At present exchange rates, the heist would be worth over $10.7 billion.

Cryptocurrency exchanges have become a regular target for hackers, with millions or billions of dollars at stake if an attack is successful. The largest known theft in recent times was a March 2022 raid on Ronin Network, valued at $620 million. The incident was linked to a North Korean state-backed collective, Lazarus Group. Only a slim portion of that money has been recovered.