Shakeeb Ahmed, a former security engineer at Amazon, has pleaded guilty to charges of hacking and stealing over $12.3 million from two crypto exchanges in July 2022. This high-profile cybercrime incident, according to BleepingComputer reporting, has sent shockwaves through the cryptocurrency community, highlighting the vulnerabilities of decentralized finance platforms.
The two exchanges victimized by Ahmed’s sophisticated hacking skills were Nirvana Finance, a decentralized crypto exchange, and an unnamed exchange operating on the Solana blockchain platform. Utilizing his expertise in blockchain audit and smart contract reverse engineering, Ahmed orchestrated a complex scheme to manipulate and exploit these platforms.
Ahmed’s first target was the undisclosed crypto exchange on the Solana blockchain. He manipulated a smart contract to introduce false pricing data, which led to the generation of approximately $9 million in inflated fees. After withdrawing these funds, Ahmed brazenly offered to return the stolen amount, minus $1.5 million, on the condition that the exchange would not involve law enforcement. This attack closely resembles the breach that impacted the Crema Finance decentralized finance platform in July 2022.
Following this initial hack, Ahmed turned his attention to Nirvana Finance. He exploited a loophole in the DeFi protocol’s smart contract, taking a flash loan of ANA cryptocurrency tokens at a low price and selling them back at a higher rate. This maneuver netted him around $3.6 million. Despite being offered a $300,000 bounty to return the stolen assets, Ahmed refused, demanding $1.4 million and ultimately leading to the shutdown of Nirvana Finance after no agreement was reached.
Evading capture and concealing the crypto heist
In an effort to evade capture and obscure the digital trail of his illicit gains, Ahmed employed various tactics. He used cryptocurrency mixers, including Samourai Whirlpool, and transferred funds across the Solana and Ethereum blockchains. He also used foreign exchanges to convert the stolen millions into Monero, a cryptocurrency favored for its enhanced privacy features.
Ahmed’s online activities revealed his intentions to flee the United States and avoid legal consequences. He researched strategies to thwart asset seizures, secure citizenship in different countries, and evade extradition, indicating a clear plan to escape justice.
U.S. Attorney Damian Williams commented on the case, stating, “Five months ago, my Office announced the first-ever arrest involving an attack on a smart contract. Today, senior security engineer Shakeeb Ahmed pled guilty and agreed to return all of the stolen crypto to his victims. That arrest is now the first-ever conviction for such a hack.”
Ahmed’s guilty plea to a single computer fraud charge carries a maximum imprisonment term of five years. He has agreed to compensate his victims with a sum totaling $5,071,074.23 and will forfeit over $12.3 million, including approximately $5.6 million worth of fraudulently obtained cryptocurrency. His sentencing is scheduled for March 13, 2024, before United States District Judge Victor Marrero.
This case serves as a stark reminder of the ongoing security challenges faced by the cryptocurrency industry and the need for robust protective measures against such sophisticated cyberattacks.