Depending on whom you believe, Ted Price of Hatfield is either one of the most audacious cybercriminals to hit the internet in almost a decade or a drug-addled fabulist with delusions of grandeur.
Federal investigators – and the unemployed 30-year-old himself – say he pulled off one of the largest bitcoin thefts in the short history of the supposedly fraud-proof virtual currency, stealing the equivalent of nearly $50 million.
He also claimed, during a rambling confession to Homeland Security investigators July 12, to have developed hacking exploits for use by foreign governments and to have plotted his escape with the use of a fake passport and a private jet.
But his lawyer and family contend that the jet-setting expert hacker described in the story Price spun for investigators bears no resemblance to the man they know – a jobless addict who they say still relies on his parents for gas money, and who was high on oxycodone and other opioids at the time of those damning admissions.
More details are expected to emerge Thursday, when both sides will ask a federal judge to weigh in on the likelihood that Price's claims are true at a probable cause hearing in Philadelphia. The judge's decision on the strength of the evidence will determine the future of what could be one of the most significant cybercrime prosecutions in years — one that already has drawn interest from cybersecurity experts.
"If this guy actually did what he said he did, that's breathtaking," said Edward McAndrew, a former federal cybercrimes prosecutor who now helps to lead Ballard Spahr's privacy and data security group. "If he could actually pick the bitcoin wallets of this many people, that really calls into question the security of the system."
Yet there is reason for doubt, his lawyer Catherine C. Henry said at a hearing in federal court in Philadelphia last week – chiefly, that the man who contends he has access to currency worth millions and a private jet to aid his escape initially came to the attention of authorities as a suspect in a string of petty thefts.
A review of Price's history in various online forums for bitcoin enthusiasts and hackers reveals that his screen name, cited in court filings, had relatively little activity in those worlds prior to this spring. It is possible that he used other online monikers in the past.
"If he is a millionaire and has a private jet, then of course he's a flight risk," Henry said in court last week while arguing for her client's release. "But if that's made up and if, on the other hand, he has no income, lives with his parents, and has a 7-year-old child, then these are just grandiose statements."
Police in Northampton Township, Bucks County, began probing Price's background this month after the parents of an ex-girlfriend accused him of stealing two laptops and a gold necklace from their home.
Officers later recovered the missing items from various resale shops where Price had sold them, according to the arrest affidavit filed in his case. His ex-girlfriend discovered the evidence of his alleged cybercrimes – including 105 printed pages listing strings of alphanumeric code later identified as bitcoin keys — in two laptop bags she retrieved from Price's family condo when she went to confront him, the affidavit said.
Authorities concede that they're not yet sure whether Price has the ability to access the bitcoins he claims to have stolen.
Although they initially charged him July 13 with one federal count tied to his alleged bitcoin thefts, they later withdrew the charge and refiled the case based on charges tied to dozens of stolen credit-card numbers — also found in Price's laptop bag — that he said he'd bought from hackers on the dark web.
Investigators say they have been unable to verify Price's story in other ways, including locating the fake passport Price claimed he obtained to flee the country under the name of Jeremy Renner, an actor he says he admired after seeing him in the 2012 Marvel movie The Avengers.
And yet, said Assistant U.S. Attorney Lesley Bonney, the investigation continues and additional charges could be added by the time Price's case goes before a grand jury.
"Most people don't carry around hundreds of pages of bitcoin keys with them," she said at a court hearing July 19.
Bitcoin, a decentralized, virtual currency existing entirely on the internet, quickly drew adherents after its debut in 2009 because it enables anonymous transactions untethered to third-party banks.
The system relies on what experts have described as a fraud-proof public ledger, known as a blockchain, that records every confirmed bitcoin transaction and provides a foolproof way to track currency assigned to the bitcoin wallets of users.
A user accesses his or her bitcoin with two strings of complex alphanumeric codes – a public key, similar to a bank account number, and a private key, akin to a password or signature that allows the money to be spent or exchanged to a physical form of currency. At the current exchange rate, one bitcoin is worth about $2,600.
But the same qualities that make bitcoin attractive to users have made it a prime target for scammers. Unlike major banks or credit cards, nearly all of which offer some form of fraud protection, bitcoin transactions are irreversible. And although victims of theft might be able to track their stolen funds through the public ledger of the blockchain, the anonymity built into the system makes it nearly impossible to identify the thief.
Price, according to court filings, told investigators this month that he developed a malware program that would surreptitiously divert bitcoins into his own wallet by disrupting the transactions of other users. With the program substituting his own bitcoin keys for those on either end of an exchange, he managed to funnel between $40 million and $50 million into bitcoin wallets under his control, he said.
"Because the bitcoin wallet address [was] a legitimate address, the user [did] not realize that bitcoin transaction [was] being diverted into a wallet other than theirs," wrote Emily J. Evans, a special agent with Homeland Security Investigations, in the affidavit drafted for Price's arrest.
Yet now, two weeks after investigators took Price into custody, even his family seems uncertain what to believe. Most of his close relatives either did not respond or declined to respond to requests for comment.
But during a brief conversation outside the condo where he lived with his son, Price's father, Samuel Sr., appeared conflicted.
"It's all hearsay," he said when approached by a reporter. "The truth will all come out in open court."
Then the elder Price paused.
"Did he do what they said, as far as those bitcoins? Probably," he said. "But I guess they're still trying to figure it all out."