Key Takeaways
- The U.S. Department of Justice has charged Ilya Lichtenstein and Heather Morgan for conspiracy to launder funds tied to the 2016 Bitfinex hack.
- The couple’s quirky online personas have led some to suggest that they are not behind the hack, despite the DoJ accusing them of laundering the stolen funds.
- While evidence suggests that Lichtenstein and Morgan had the expertise required to pull off the Bitfinex hack, it doesn’t mean they were the ones responsible.
Share this article
U.S. authorities have confiscated $3.6 billion from Ilya Lichtenstein and Heather Morgan in the largest asset seizure in history. However, the eccentric personalities of the suspects have left many wondering if the pair really are the ones responsible for hacking Bitfinex back in 2016.
Who Are the Alleged Bitfinex Hackers?
When the U.S. Department of Justice arrested two suspects and confiscated $3.6 billion worth of cryptocurrencies Tuesday morning, the world was eager to learn the identities of the alleged thieves. Onlookers probably imagined the quintessential shady hackers: pasty, reclusive, and antisocial. So it came as a big surprise when authorities revealed they had taken Ilya Lichtenstein and Heather Morgan into custody, a successful power couple living in New York with a penchant for zany behavior and a side hustle making amateur rap videos.
Media pundits quickly revealed the pair’s highly-cultivated and colorful online presence, rooting through YouTube videos, Tik Tok videos, and even Morgan’s op-eds as a former Forbes columnist. Morgan, 31, is described in her Forbes bio as “an expert in persuasion, social engineering, and game theory.” In her rap videos, where she performs under the alias Razzlekhan, she calls herself “the crocodile of Wall street.” Other hijinks she’s shared on social media include eating and drinking with her feet, explaining how she built a multimillion-dollar business with “zero outside funding,” and lots and lots of dancing and rapping.
Outside of managing her online persona, Morgan has run talks titled “How to Social Engineer Your Way Into ANYTHING” to packed audiences in New York Salons. In the talks, she explains how social engineering is about exploiting peoples cognitive biases and “triggering people to do what they’re already programmed to do.” She appears to have a strong aptitude for her brand of social engineering, and gives several examples of how she’s used it in her day-to-day life.
Lichtenstein, 34, presents a more grounded image online. In his Twitter bio, he describes himself as a “human angel investor, web3 developer, and serial entrepreneur.” He also has a strong technical background, cofounding MixRank, a Y-Combinator-backed startup that helps companies analyze marketing data around customers and competitors. However, he also stars in many of Morgan’s online antics, dancing around dressed in a Viking helmet and sharing his opinions on Keto diet lemon cookies.
The pair are far from what many people expected in a pair of multi-billion-dollar hackers. Some have suggested that Lichtenstein and Morgan are merely accomplices or “fall guys” for the real hacker who is yet to be caught. Others believe that the pair are indeed responsible, citing Morgan’s social engineering prowess and the pair’s technical backgrounds as evidence that they are capable of the heist. As no official post-mortem on the 2016 Bitfinex hack was ever released, it’s unclear how the exchange’s wallets were compromised.
Crypto Briefing looked into the available facts and evidence surrounding the pair and the criminal charges levied against them. Join us as we assess how likely it is that Lichtenstein and Morgan are the criminal masterminds behind the Bitfinex hack.
Were Lichtenstein and Morgan Behind the Hack?
Despite Lichtenstein and Morgan’s eccentric personas and relative internet celebrity, the couple appear to have the expertise needed hack Bitfinex. Lichtenstein’s technical background in coding and data analysis likely provided him with many of the skills necessary to crack into the crypto exchange, more so back in 2016 when security standards were less rigorous.
Additionally, Morgan is a self-proclaimed cybercrime expert, with her Linkedin profile claiming she is “currently focused on building software that combats the rampant increase in fraud and cybercrime.” With high-level knowledge on how to counter cybercrime, it’s not inconceivable that Morgan would possess knowledge of how to bypass Bitfinex’s defenses.
More shockingly, Morgan appears to have connections with BitGo, the wallet solution provider for Bitfinex at the time of the 2016 hack. In a 2020 Forbes article, Morgan discussed ways to protect businesses and clients from cyber criminals with BitGo’s Chief Compliance Officer, Matt Parrella. While Parrella only held his position as BitGo between July 2019 and November 2020, the fact that Morgan was in contact with BitGo employees and seen as an authority on cyber security after the Bitfinex hack took place raises several red flags.
Morgan’s love for social engineering could also factor into her involvement in the Bitfinex hack. Suppose Morgan had access to, or was in contact with Bitfinex or BitGo employees prior to the hack. In that case, she could have used her social engineering techniques to gain access to private or sensitive information that aided the heist, if she and Lichtenstein were indeed involved.
However, while evidence suggests that the couple had the competence to pull off the Bitfinex hack, it doesn’t mean they were the ones responsible. Court documents released Tuesday provide more insight into the pair’s money laundering activities, and reveal some embarrassing mistakes that are uncharacteristic of supposed multi-billion dollar hackers.
The most obvious evidence against Lichtenstein and Morgan’s involvement in the initial theft of funds from Bitfinex is that the Department of Justice has not yet charged them with such a crime. The two charges currently brought against the pair are conspiracy to commit money laundering and conspiracy to defraud the U.S. If authorities had evidence to suggest Lichtenstein and Morgan were behind the Bitfinex hack, there would likely be an additional charge of Grand Larceny in the first degree.
Furthermore, the same documents revealed that Lichtenstein had kept the private keys to the wallets containing the stolen cryptocurrency unencrypted on a cloud storage service. It seems strange that a self-professed cybersecurity expert and data analyst would have such poor operation security for wallets containing large amounts of stolen cryptocurrency.
Authorities connected email addresses used by Lichtenstein and Morgan on an Indian crypto exchange to a Bitcoin address tied to the stolen funds. Law enforcement then got a warrant to access Lichtenstein’s cloud data account, quickly revealing him to be in possession of addresses containing the stolen funds. If Lichtenstein hadn’t made the mistake of signing up for his cloud storage account using the same identity as he used for the Indian exchange, it is likely he and Morgan would have evaded detection.
A final point against Lichtenstein and Morgan’s involvement in the hack is how the pair were cashing out their ill-gotten gains. The couple had used Walmart gift cards, Uber, Hotels.com, and the PlayStation store to cash out small amounts of their fortune, in addition to withdrawing funds from Bitcoin ATMs around New York to purchase gold bullion. Overall, the vast majority of Lichtenstein and Morgan’s wealth was inaccessible to them. It again makes little sense that the pair would go to great lengths to steal so much cryptocurrency without having a viable plan to cash it all out.
Further developments in the case will likely shed more light on the situation and reveal if Lichtenstein and Morgan’s arrests were part of a wider, more sophisticated operation. The one thing that seems clear is to expect the unexpected—just because the situation is already absurd, it doesn’t mean the truth can’t turn out to be even wilder.
Disclosure: At the time of writing this feature, the author owned ETH and several other cryptocurrencies.
Share this article
DoJ Seizes $3.6B in Bitcoin From 2016 Bitfinex Hack
The $3.6 billion sum makes it the Department of Justice’s largest financial seizure in history. DoJ Recovers Funds From Bitfinex Hack U.S. officials have just confirmed the largest crypto seizure…
Is Time on our Side? The Case for Bitcoin’s Lengthening Cycles
One of the many unique features of BTC is its halving process, which is often accompanied by a bullish movement and preceded by bearish consolidation. Bitcoin’s halving events have been…
Bitfinex to End Services for Ontario Customers by March
Bitfinex has announced the suspension of services to its customers in Ontario. Moreover, the exchange has instructed its Ontario customers to withdraw their funds by March 1. Suspension of Services…
FTX Has Integrated Arbitrum. As for Coinbase? Pet Coins
FTX has announced support for Arbitrum withdrawals and deposits. Meanwhile, Coinbase has faced criticism for focusing on small cap coin listings instead of Layer 2 integration. FTX Launches Arbitrum Support…