Two Israeli brothers arrested for crypto hacking of undetermined amounts

Two Israeli brothers arrested for crypto hacking of undetermined amounts

Two Israeli brothers, Eli and Assaf Gigi, 31 and 21 years of age, respectively, were arrested for alleged crypto thievery by authorities after an investigation that began in 2017. The strange thing about this case is that after a $1.7 million theft was confirmed, the two brothers, whether true or not, were soon implicated in a much larger hacking scheme, the compromise of the Bitfinex exchange in 2016 for $100 million (119,756 BTC disappeared). An Israeli news outlet, Ynet, reported the secondary linkage, while phishing software was at the heart of the other alleged malfeasance.

With regards to the initial charge, it was reported that:

The Gigi brothers Eli, 31, and Assaf, 21, allegedly constructed a phishing scheme that involved luring investors from crypto trading forums, such as Telegram or Reddit, onto websites that mimicked prominent crypto exchanges. They would collect the traders’ login and wallet information and use it to transfer the funds stored on legitimate exchanges to their own accounts.

The charges are numerous: “Theft, fraud, aggravated counterfeiting, use of a forged document, perjury, money laundering, and income tax offenses.” Various news agencies are trying to piece together how the brothers performed their schemes, but few details have been forthcoming. It appears that they ran a number of websites, which promised crypto wallet software. Victims would either load their related crypto keys or have sophisticated malware installed on their devices, which would report back the personal information necessary to complete the thefts.

How did these young men have the sophisticated know how to execute such elaborate schemes? It appears the younger brother was following his older brother’s lead. Eli, 31, had worked previously in the Israeli Defense Forces (IDF) as a computer science expert. One informed Reddit user explained that, with these skills, he would most likely have performed his services for “Unit 8200, the largest military branch in the Israeli army. It specializes in hacking, spying and creating computer viruses (Stuxnet) – many of them are now employed by Google, Microsoft and Coinbase”.

Lawyer Yeela Harel of the cyber department in the State Attorney’s Office was the law enforcement official responsible for filing the charges against these two men. In addition to the stated charges, Harel also noted that the brothers used “a number of methods to cover [their] tracks, including employing remote servers and shuffling the stolen funds around through different wallets”.

The police became suspicious when they heard reports that Eli had been “dropping scam links on digital wallet forums”. The links would take its victims to another server where supposedly crypto wallet software could be downloaded. It is also believed that additional malware was downloaded, as well, just in case the victim did not follow through and insert his private keys in the wallet software. In either case, the software would report back to Eli and his brother the data necessary to perform immediate thefts of whatever tokens resided in the victim’s crypto account.

The linkage to the Bitfinex breach back in 2016 is a bit murkier. Ever since the 119,756 Bitcoins were stolen, there has been global cooperation between several cyber units to observe and track any crypto addresses where it was known that the ill-gotten loot had been transferred. After three years of inactivity, there was a report that a few weeks back some of the funds were on the move. Ynet reported there was a connection with the GiGi brothers, but other reports have contradicted this supposition.

More details will obviously be forthcoming on this case. For the time being, Posta, an Israeli crime news portal, relayed that Eli Gigi had admitted in court:

I was wrong, I came from a bad place. I’m a good boy, and I’m sorry. I’m willing to cooperate.

Read Also: