Tech

Feds announce seizure of $3.36 billion in bitcoin stolen a decade ago from illegal Silk Road marketplace—the second-largest crypto recovery

Key Points
  • James Zhong of Gainesville, Georgia, pleaded guilty to wire fraud in the theft of about $3.36 billion in bitcoin stolen from the illegal Silk Road marketplace, which the FBI shut down in 2013.
  • This is the federal government's second-largest seizure of cryptocurrency, following the $3.6 billion in stolen crypto linked to the 2016 hack of Bitfinex.
Cryptocurrencies have been under pressure after the collapse of major exchange FTX.
Jonathan Raa | Nurphoto | Getty Images

The U.S. Department of Justice announced Monday that it seized about $3.36 billion in stolen bitcoin during a previously unannounced 2021 raid on the residence of James Zhong.

Zhong pleaded guilty Friday to one count of wire fraud, which carries a maximum sentence of 20 years in prison.

U.S. authorities seized about 50,676 bitcoin, then valued at over $3.36 billion, from Zhong during a search of his house in Gainesville, Georgia, on Nov. 9, 2021, the DOJ said. It is the DOJ's second-largest financial seizure to date, following its seizure of $3.6 billion in allegedly stolen cryptocurrency linked to the 2016 hack of the crypto exchange Bitfinex, which the DOJ announced in February.

According to authorities, Zhong stole bitcoin from the illegal Silk Road marketplace, a dark web forum on which drugs and other illicit products were bought and sold with cryptocurrency. Silk Road was launched in 2011, but the Federal Bureau of Investigation shut it down in 2013. Its founder, Ross William Ulbricht, is now serving a life sentence in prison.

"For almost ten years, the whereabouts of this massive chunk of missing Bitcoin had ballooned into an over $3.3 billion mystery," U.S. Attorney Damian Williams said in a press release.

According to the Southern District of New York, Zhong took advantage of the marketplace's vulnerabilities to execute the hack.

Special Agent in Charge Tyler Hatcher, of the Internal Revenue Service – Criminal Investigation, said Zhong used a "sophisticated scheme" to steal the bitcoin from Silk Road. According to the press release, in September 2012, Zhong created nine fraudulent accounts on Silk Road, funding each with between 200 and 2,000 bitcoin. He then triggered over 140 transactions in rapid succession, which tricked the marketplace's withdrawal-processing system to release approximately 50,000 bitcoin into his accounts. Zhong then transferred the bitcoin into a variety of wallet addresses all under his control.

Dark web: how the unseen internet is accessed
VIDEO3:3903:39
Dark web: how the unseen internet is accessed

Through blockchain analysis and good old-fashioned police work, law enforcement and blockchain analytic experts was able to recover more than 50,000 bitcoin from Zhong. They even uncovered crypto stored on a computer submerged under blankets in a popcorn tin in a bathroom closet, according to the press release.

Public records show Zhong was the president and CEO of a self-created company, JZ Capital LLC, which he registered in Georgia in 2014. According to his LinkedIn profile, his work there focused on "investments and venture capital."

His profile also states he was a "large early bitcoin investor with extensive knowledge of its inner workings" and that he had software development experience in computer programming languages.

Zhong's social media profiles include pictures of him on yachts, in front of airplanes, and at high-profile football games.

But these types of hacks didn't end with the Silk Road's demise. Crypto platforms continue to be vulnerable to criminals.

In October 2022, Binance, the world's largest crypto exchange by trading volume, suffered a $570 million hack. The company said a bug in a smart contract enabled hackers to exploit a cross-chain bridge, BSC Token Hub. As a result, the hackers withdrew the platform's native cryptocurrency, called BNB tokens.

In March 2022, a different hacker found vulnerabilities in the decentralized finance platform Ronin Network and made off with more than $600 million — the largest hack to date. The private keys, which serve as passwords to protect cryptocurrency funds in wallets, were compromised.

According to a Chainalysis report, $1.9 billion worth of cryptocurrency had been stolen in hacks of services through July 2022, compared with just under $1.2 billion at the same point in 2021.