Former Amazon security engineer Shakeeb Ahmed was sentenced to three years in prison for hacking two cryptocurrency exchanges in July 2022, resulting in the theft of over $12 million. Ahmed’s sentencing marks the first conviction for hacking a smart contract, a sophisticated form of cybercrime that has escalated with the rise of decentralized finance (DeFi).
Alongside his prison term, Ahmed was also sentenced to three years of supervised release. He has been ordered to forfeit $12.3 million and pay restitution to the affected companies.
The breached include Nirvana Finance, a decentralized crypto exchange, and an unnamed exchange on the Solana blockchain platform. Ahmed leveraged his expertise in smart contract reverse engineering and blockchain auditing to execute these hacks.
Ahmed pleaded guilty to one count of computer fraud in December 2022, a charge carrying a maximum penalty of five years imprisonment. U.S. Attorney Damian Williams emphasized the significance of this case, stating, “Today, Shakeeb Ahmed was sentenced to prison in the first-ever conviction for the hack of a smart contract and ordered to forfeit all of the stolen crypto.
No matter how novel or sophisticated the hack, this Office and our law enforcement partners are committed to following the money and bringing hackers to justice.”
In his first attack, Ahmed targeted an undisclosed crypto exchange by manipulating a smart contract to introduce false pricing data. This resulted in inflated fees totaling approximately $9 million.
Ahmed then withdrew these funds, proposing to return all but $1.5 million if the exchange refrained from involving law enforcement. Although the Justice Department did not name the victim, the details align with a July 2022 breach of the Crema Finance DeFi platform.
Following this, Ahmed exploited a loophole in Nirvana Finance’s DeFi protocol. He used a flash loan to acquire ANA cryptocurrency tokens at a low price and subsequently sold them at a higher rate, netting around $3.6 million.
Nirvana Finance’s efforts to recover the stolen assets included offering a $300,000 bounty, which Ahmed declined, demanding $1.4 million instead. This impasse led to Nirvana Finance’s closure, with Ahmed retaining the stolen funds.
To conceal the digital trail of the stolen assets, Ahmed employed several cryptocurrency mixers, such as Samourai Whirlpool, and utilized the Solana and Ethereum blockchains. He converted the stolen funds into Monero, a cryptocurrency known for its privacy features.
Additionally, Ahmed conducted online searches on evading detection, extradition, and securing citizenship in various countries, indicating his intent to evade justice.
This case underscores the increasing sophistication of cybercriminals and the challenges faced by law enforcement in combating such crimes.
The sentencing of Shakeeb Ahmed serves as a significant precedent, demonstrating the commitment of U.S. authorities to pursue and prosecute those who exploit advanced technologies for illicit gain.