US Government Crypto Wallets Drained; $20 Million In Ether And Stablecoins Likely Stolen In Malicious Transfers

A hacker seems to have pilfered roughly $20 million worth of stablecoins and Ethereum from wallets belonging to the United States government. According to analytics firm Arkham Intelligence, the funds were tied to the 2016 Bitfinex hack and had been unmoved for over eight months. 

US Government Wallets Compromised

On Thursday, tokens tied to US authorities were removed from the decentralized lending platform Aave and moved to a five-day-old wallet address in what Arkham analysts describe as a likely theft.

The prominent on-chain sleuth revealed that $1.25 million of Tether’s USDT stablecoin and $5.5 million worth of Circle’s US Dollar Coin (USDC) were withdrawn from Aave. Those funds were transferred to a wallet beginning with “0x348” alongside $446,000 worth of Ether and $13.7 million of aUSDC. Arkham said it was the first time the crypto assets had been touched in eight months.

The sleuth noted that the bad actors subsequently moved the tokens to multiple non-custodial applications in an apparent attempt to wash the funds. “We believe the attacker has begun laundering the proceeds through suspicious addresses linked to a money laundering service.”

It was a point echoed by pseudonymous crypto detective ZachXBT, who commented on X that the activity appeared “nefarious”. It’s more likely the funds were stolen rather than simply transferred by U.S. Marshals, the pundit added.

At press time, the government-controlled wallet was effectively empty, holding just around $126 worth of a Donald Trump-themed meme coin. Meanwhile, the suspect’s wallet currently holds roughly $13 million in crypto assets.

The suspect is yet to be identified and it’s unclear how the U.S. government — which holds over $13 billion worth of dozens of various cryptocurrencies — was compromised. What’s clear as day is the fact that the hacker exploited funds confiscated by the U.S. government in the 2016 Bitfinex hack.

The Massive 2016 Bitfinex Hack

Ilya Lichtenstein and his wife Heather Morgan hacked offshore crypto exchange Bitfinex in 2016 and stole 120,000 BTC, worth around $70 million at the time. However, the value of the assets ballooned to $4.2 billion by the time of the couple’s arrest in 2022 — making it the largest seizure to date.

Lichtenstein and Morgan had faced allegations of money laundering and conspiracy to defraud the US government and agreed to enter a plea deal with U.S. authorities in July 2023 in exchange for lighter sentencing.

If it turns out that the US government was indeed hacked, it would be the latest surprising twist in a story that has been unfolding since 2016.