Security Engineer Pleads Guilty To $12 Million Crypto Exchange Hack

An unidentified decentralized crypto exchange and Nirvana Financial, a decentralized financial yield protocol, were both compromised in a hacking incident, which a software engineer admitted to.

A maximum five-year prison term awaits him for wire fraud and money laundering charges. According to the US Attorney’s Office, this was the first smart contract hacking case to result in a conviction.

Shakeeb Ahmed has agreed to turn over $12.3 million, including $5.6 million in unlawfully obtained cryptocurrencies, as part of his guilty plea.

Exploiting Smart Contracts: Ahmed’s Crypto Heist

This appeal is a result of his role in taking advantage of flaws in Nirvana Finance’s and another anonymous decentralized digital currency exchange’s smart contracts.

Ahmed hacked two decentralized cryptocurrency exchanges in July 2022 using his skills in reverse engineering smart contracts and blockchain audits, according to a press release on December 14, 2023.

The statement claims that he used a variety of strategies, including cryptocurrency mixers and foreign exchanges, to launder the stolen assets from both sites.

Ahmed, a former engineer at Amazon, returned everything to the exchange, with the exception of $1.5 million, and the exchange chose not to notify the police about the event.

“Ahmed used his technical knowhow to steal over $12 million and tried to cover his tracks by swapping stolen crypto for Monero, using cryptocurrency mixers, hopping across blockchains, and utilizing overseas crypto exchanges,” the statement read.

The exchange allowed users to buy and sell different digital currencies and paid those customers who deposited crypto to increase the market liquidity.

Following Ahmed’s arrest, more details about his involvement in a $3.49 million flash loan scam involving Nirvana Finance came to light.

Nirvana Finance Collapse: Hacker’s Demands Unmet

Nirvana Finance closed, despite its initial promise of a $300,000 white hat bounty for the recovery of the hacked monies.

While trying to hide his tracks, Ahmed used cryptocurrency mixers, hopped blockchains, engaged with foreign exchanges, and converted the stolen cryptocurrency to Monero.

According to the most recent press release, Nirvana offered Ahmed a total bug bounty of $600,000. However, the hacker turned down the offer and demanded $1.4 million in return for returning the money that had been stolen.

Unfortunately, Ahmed and Nirvana Finance were unable to come to a consensus, which resulted in the exchange closing down and the security engineer keeping all of the money.

In an effort to evade legal action, Ahmed turned to Google, searching for information on “how to block federal government from collecting assets” as well as trying to find out how to purchase citizenship.

Ahmed, a US citizen residing in New York City, was charged in July and then released on bail. The date of his sentencing is March 13, 2024.

Featured image from Shutterstock

Read Entire Article


Add a comment