DOJ charges 2 brothers tied to $25M attack on MEV bots last year

The two brothers were arrested in New York and Boston, and they face two courts later Wednesday

article-image

Kristi Blokhin/Shutterstock modified by Blockworks

share

Two brothers accused of orchestrating an attack last year on Ethereum trading bots have been indicted by the US government. 

The Department of Justice unsealed charges against Anton Peraire-Bueno and James Peraire-Bueno on Wednesday.

The pair are charged with conspiracy to commit wire fraud, wire fraud, and conspiracy to commit money laundering after the brothers allegedly tried to “exploit the very integrity of the Ethereum blockchain to fraudulently obtain approximately $25 million worth of cryptocurrency within approximately 12 seconds.”

Both were arrested on Tuesday and will face judges in Massachusetts and New York. 

The April 2023 exploit targeted bots that seek profit by essentially trying to front-run transactions on the network. Maximum extractable value, or MEV, referring to the maximum value that can be obtained during transaction block production beyond rewards and fees. 

Read more: Ethereum Validator Goes Rogue, Frontruns MEV Bots for $25M

The Peraire-Bueno brothers sought to “lure” MEV bots from the traders they allegedly targeted by “proposing at least eight specific transactions that…the defendants knew would cause the” targeted bots to include the lure transactions in the bundles, the indictment said. The exploit took advantage of a since-patched code vulnerability in the MEV-Boost software. 

“In each of these eight bundles, the victim traders effectively bought substantial amounts of particularly illiquid cryptocurrencies…for approximately $25 million of various stablecoins.” 

“Through the Exploit, which is believed to be the very first of its kind, Anton Peraire-Bueno and James Pepaire-Bueno manipulated and tampered with the process and protocols by which transactions are validated and added to the Ethereum blockchain. In doing so, they fraudulently gained access to pending private transactions and used that access to alter certain transactions and obtain their victims’ cryptocurrency,” a DOJ press release said. 

To avoid detection, the two tried to conceal their identities through shell companies and private crypto addresses. 

Following the attack, the brothers even “transferred the stolen cryptocurrency through a series of transactions designed to conceal the source and ownership of the stolen funds.”

They researched know-your-customer (KYC) procedures online, per the indictment, to learn the KYC standards and extradition procedures. They allegedly also researched the crimes they’d end up being charged with.

“As alleged in today’s indictment, the Peraire-Bueno brothers stole $25 million in Ethereum cryptocurrency through a technologically sophisticated, cutting-edge scheme they plotted for months and executed in seconds,” said Deputy Attorney General Lisa Monaco.


Get the news in your inbox. Explore Blockworks newsletters:

  • Blockworks Daily: The newsletter that helps thousands of investors understand crypto and the markets, by Byron Gilliam.
  • Empire: Start your morning with the top news and analysis to inform your day in crypto.
  • Forward Guidance: Reporting and analysis on the growing intersection of crypto and macroeconomics, policy and finance.
  • 0xResearch: Alpha directly in your inbox. Market highlights, data, degen trade ideas, governance updates, token performance and more.
  • Lightspeed: Built for Solana investors, developers and community members. The latest from one of crypto’s hottest networks.
  • The Drop: For crypto collectors and traders, covering apps, games, memes and more.
  • Supply Shock: Tracking Bitcoin’s rise from internet plaything worth less than a penny to global phenomenon disrupting money as we know it.
Tags

Upcoming Events

Industry City | Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

recent research

Research Report Templates.jpg

Research

Bluefin possibly stands at an inflection point. The token is near an all-time low yet the protocol’s spot volume market share and derivatives exchange usage have been increasing month over month since its November launch. Given its current market position and the upcoming upgrades (for both Bluefin and SUI), there may be upside potential before the increased supply growth in December. However, strong opposition from existing competitors (like Cetus and Suilend), as well as new entrants (like Aftermath), pose key challenges to Bluefin’s medium-term success.

article-image

Top Committee Democrat Sen. Elizabeth Warren in her opening statement accused Atkins of “helping billionaire CEOs like Sam Bankman-Fried”

article-image

Introducing garbled circuits for enhanced privacy and regulatory compliance

article-image

Ross Ulbricht was a freedom maximalist building freedom tech, powered by Bitcoin

article-image

Solana validators can reap benefits including payments, votes and community clout

article-image

Sponsored

WalletConnect is cementing itself as the essential connectivity layer, ensuring wallets remain the entry point for billions of users

article-image

According to a legal filing, Galaxy Digital helped boost the price of LUNA while quietly selling its tokens