Silk Road China

Silk Road mega thief James Zhong pleads guilty

The US Attorney for the Southern District of New York has announced that the thief who stole over 50,000 Bitcoin from the Dark Web marketplace Silk Road in 2012 has pled guilty.

James Zhong pled guilty to committing wire fraud after he unlawfully obtained over 50,676 Bitcoin from Silk Road. At the time it was seized, the Bitcoin was worth more than $3 billion, making it the largest amount of illicit funds ever recovered by federal law enforcement. Since then it has lost about two-thirds of its value. 

Silk Road

Silk Road, in its original form, existed from 2011 to 2013 and was the mainstream method of buying drugs online. Silk Road distributed various other illegal items but mainly dabbled in drugs. Transactions on the website took place using Bitcoin.

In 2013, US Federal authorities arrested Ross Ulbricht, the alleged founder and leader behind Silk Road. He was sentenced to life in prison in 2015.

The successor to Silk Road, imaginatively called Silk Road 2, had all of its funds stolen in 2014 due to a vulnerability in the escrow service.

The heist

With Zhong’s confession we have learned more about how he managed to steal the Bitcoin. He started by creating at least nine “fraud accounts.” Using the term “fake accounts” seems inappropriate here, given that we don’t expect anyone to have registered an account with Silk Road under their real name.

Zhong funded the fraud accounts with an initial deposit of between 200 and 2,000 Bitcoin. Then, using a lag in the market’s transaction system which allowed someone to withdraw their own escrow multiple times, he triggered a rapid series of transactions that allowed him to transfer approximately 50,000 Bitcoin from Silk Road’s payment system into his own accounts.

In one example, on September 19, 2012, he deposited 500 Bitcoin into a Silk Road wallet.  Less than five seconds after making the initial deposit, Zhong executed five withdrawals of 500 Bitcoin in rapid succession — i.e., within the same second — resulting in a net gain of 2,000 Bitcoin.

Covering his tracks

To hide the origin of his stolen Bitcoin, he used a cryptomixer, a series of complex transactions designed to throw cryptocurrency tracing methods off track. But through investigations using methods that have managed to track pseudonymous cryptotransactions in the past—which mainly consist of following wallet transfers and tracking user activity tracking—the IRS CI managed to recover approximately 50,491.06251844 Bitcoin.


Zhong is scheduled to be sentenced on February 22, 2023. He pled guilty to one count of wire fraud, which carries a maximum sentence of 20 years in prison. Under recommended federal guidelines he could be facing 27 to 33 months in prison. According to his lawyer, Zhong returned virtually all the stolen Bitcoin and says he is extremely remorseful.

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.


Pieter Arntz

Malware Intelligence Researcher

Was a Microsoft MVP in consumer security for 12 years running. Can speak four languages. Smells of rich mahogany and leather-bound books.