7 August 2023

New York ‘crypto’ couple pleads guilty to laundering 120K Bitcoin stolen in 2016 Bitfinex hack


New York ‘crypto’ couple pleads guilty to laundering 120K Bitcoin stolen in 2016 Bitfinex hack

A married couple from New York dubbed “Bitcoin Bonnie and Crypto Clyde” pleaded guilty to laundering billions of dollars in bitcoin stolen during the 2016 Bitfinex hack.

Ilya Lichtenstein, 35, and his wife, Heather Morgan, 33, were arrested in February 2022 after the US authorities seized 95,000 bitcoin then valued at $3.6 billion. Since their arrests, the government has seized another approximately $475 million tied to the hack.

The authorities say Lichtenstein used “a number of advanced hacking tools and techniques to gain access to Bitfinex’s network.” From there, he made over 2,000 transactions transferring 119,754 bitcoin from the cryptocurrency exchange Bitfinex to his crypto wallet.

Lichtenstein then covered his tracks by deleting access credentials and other log files that may have given him away to law enforcement and enlisted the help of his wife, Morgan, in laundering the stolen funds.

The couple utilized multiple sophisticated techniques to launder the stolen money such as using fake personas to set up online accounts, depositing stolen money into accounts at a variety of darknet markets and crypto exchanges to hide the transactions, using crypto mixers like Bitcoin Fog, Helix, and ChipMixer to convert bitcoin to other crypto coins, and exchanging a portion of the stolen funds into gold coins, which Morgan then concealed by burying them.

Ilya Lichtenstein pleaded guilty to conspiracy to commit money laundering, which carries a maximum penalty of 20 years in prison. Morgan pleaded guilty to one count of money laundering conspiracy and one count of conspiracy to defraud the US, each of which carries a maximum penalty of five years in prison.

Back to the list

Latest Posts

North Korean Lazarus Group targets software devs in Operation 99 campaign

North Korean Lazarus Group targets software devs in Operation 99 campaign

Operation 99 aims to steal sensitive information, including source code, configuration files, API keys, and crypto wallet credentials.
20 January 2025
Threat actors impersonating Ukraine’s CERT using AnyDesk

Threat actors impersonating Ukraine’s CERT using AnyDesk

In these cases, threat actors sent requests to connect via AnyDesk, falsely claiming to represent CERT-UA.
20 January 2025
Europol's largest-ever operation seizes millions in criminal assets worldwide

Europol's largest-ever operation seizes millions in criminal assets worldwide

The global operation uncovered 83 crypto wallets and addresses linked to criminal organizations.
20 January 2025