The Department of Justice unsealed a series of cybersecurity indictments.

DOJ says it seized billions in Bitcoin stolen by hacker from Silk Road darknet marketplace

The Justice Department said it conducted the largest cryptocurrency seizure in its history after searching the home of James Zhong, a hacker who pleaded guilty on Friday to charges related to incidents involving the now-defunct Silk Road darknet marketplace.

According to the Justice Department and Internal Revenue Service, the 32-year-old committed wire fraud in September 2012 when he stole more than 50,000 Bitcoin from Silk Road. The stolen funds were seized during a raid on Zhong’s Gainesville, Georgia home in November 2021.

“For almost ten years, the whereabouts of this massive chunk of missing Bitcoin had ballooned into an over $3.3 billion mystery,” U.S. Attorney Damian Williams said.

“Thanks to state-of-the-art cryptocurrency tracing and good old-fashioned police work, law enforcement located and recovered this impressive cache of crime proceeds. This case shows that we won’t stop following the money, no matter how expertly hidden, even to a circuit board in the bottom of a popcorn tin.”

According to court documents, Zhong siphoned the funds by figuring out a way to circumvent Silk Road’s processes. The marketplace operated from 2011 to 2013 and was used to trade illicit goods around the world. The platform’s founder, Ross Ulbricht, was sentenced to life in prison in 2015.

While the marketplace was in operation, Zhong created nine accounts and triggered more than 140 transactions in rapid succession in order to trick Silk Road’s withdrawal-processing system into releasing the funds from its Bitcoin-based payment system. He transferred the Bitcoin into a number of different accounts to conceal his identity. 

Zhong never actually used the platform to list or buy anything illicit, only funding the fraudulent accounts with initial deposits between 200 and 2,000 Bitcoin.

“As an example, on September 19, 2012, Zhong deposited 500 Bitcoin into a Silk Road wallet.  Less than five seconds after making the initial deposit, Zhong executed five withdrawals of 500 Bitcoin in rapid succession — i.e., within the same second — resulting in a net gain of 2,000 Bitcoin,” the Justice Department said.   

“As another example, a different Fraud Account made a single deposit and over 50 Bitcoin withdrawals before the account ceased its activity. Zhong moved this Bitcoin out of Silk Road and, in a matter of days, consolidated them into two high-value amounts.”

IRS Criminal Investigation Special Agent in Charge Tyler Hatcher explained that once Zhong completed the heist, he attempted to “hide his spoils through a series of complex transactions which he hoped would be enhanced as he hid behind the mystery of the ‘darknet.’” 

The Justice Department called the seizure the largest involving cryptocurrency in their history and the second largest financial seizure ever. 

The U.S. government is now looking to forfeit more than 51,680 Bitcoin (about $1.07 billion in today's value), as well as Zhong’s 80% stake in a Memphis-based company he used to buy real estate, $661,900 in cash seized from his home, four one-ounce silver-colored bars, three one-ounce gold-colored bars, four 10-ounce silver-colored bars, and one gold-colored coin.

During the raid on Zhong’s home, agents found the Bitcoin hidden in an underground floor safe and in a single-board computer that was submerged under blankets in a popcorn tin stored in a bathroom closet. 

Beginning in March 2022, Zhong began surrendering other Bitcoin that he had managed to obtain, handing over more than one thousand additional coins. 

Zhong pleaded guilty to one count of wire fraud and is facing a maximum sentence of 20 years in prison. He will be sentenced on February 22, 2023.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Jonathan Greig

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.