Crypto Hacker: Ex-Security Engineer Jailed for $12M Heists

Estimated read time 2 min read

A former senior security engineer has been sentenced to three years in prison for hacking two decentralized cryptocurrency exchanges and stealing over $12 million worth of cryptocurrency.

Shakeeb Ahmed, 34, of New York City, previously pleaded guilty to one count of computer fraud related to the hacks. In July 2022, he carried out attacks on a crypto exchange referred to as the “Crypto Exchange” as well as the decentralized finance protocol Nirvana Finance.

In the Crypto Exchange hack, Ahmed exploited a vulnerability in a smart contract to insert fake pricing data. This fraudulently generated around $9 million in inflated fees that Ahmed was able to withdraw as cryptocurrency. After initially demanding a $1.5 million payment to return the funds, he later agreed to return everything except that amount if they did not report the hack to law enforcement.

Weeks later, Ahmed struck again by hacking Nirvana Finance. He took out a $10 million flash loan to purchase Nirvana’s cryptocurrency ANA at an artificially low price using an exploit. He then immediately resold the ANA back to Nirvana at the higher market price, netting around $3.6 million in profit. Despite Nirvana offering a $600,000 bug bounty, Ahmed demanded $1.4 million and kept the stolen funds when no deal was reached. This theft represented nearly all of Nirvana’s funds, forcing it to shut down.

To cover his tracks, Ahmed used sophisticated money laundering techniques like swapping tokens, switching between blockchains, converting to privacy coins like Monero, using foreign exchanges, and crypto mixers.

At the time of the hacks, Ahmed worked as a senior security engineer skilled in reverse engineering smart contracts and blockchain audits – abilities he leveraged to pull off the thefts. After the attacks, he searched online for information about the hacks, potential criminal liability, lawyers, law enforcement’s investigative capabilities, and even how to flee the US.

In addition to the 3-year prison sentence, Ahmed was ordered to forfeit around $12.3 million in stolen funds and pay over $5 million in restitution to the victims. This case marks the first ever conviction for hacking a blockchain smart contract.

Sying Tien

IT professional, Social media scholar and a Crypto expert. If you have any comments, suggestions or questions feel free to contact me at sying.tien@thecoinspost.com and i will get back to you shortly.

You May Also Like

More From Author