Crypto Exchange Breach: Security Engineer Holds Guilty Plea Card.

December 18, 2023
1 min read
  • Shakeeb Ahmed, a senior security engineer, pled guilty to hacking a smart contract, marking the first-ever conviction of its kind.
  • By exploiting vulnerabilities, Ahmed managed to generate $9 million in illicit fees from two decentralized cryptocurrency exchanges – an unnamed platform, and Nirvana Finance.
  • Ahmed’s downfall came about when his attempts to evade investigators fell short, leading to his confession and the forfeiture of the stolen funds.

Shakeeb Ahmed, a former senior security engineer, utilized his knowledge and expertise took a malevolent turn in July 2022, targeting two decentralized cryptocurrency exchanges – an unnamed platform, and Nirvana Finance.

The precision of Ahmed’s initial attack on the Crypto Exchange was notable. Exploiting a vulnerability, he was successful in generating an astounding $9 million in illegal profits, derived from fees. However, not satisfied with this, he then targeted Nirvana Finance, utilizing a ‘flash loan’ to manipulate smart contracts and siphon off $3.6 million.

Ahmed made elaborate attempts to eliminate traces of his activities through cryptocurrency laundering and token-swapping. However, investigators from Homeland Security and IRS-CI were adept enough to trace his digital footprints. Despite making complex manoeuvres to hide his wrongdoing, the web of deceit he had carefully woven started to come undone.

In an ironic and somewhat self-incriminating twist of fate, Ahmed’s online searches for topics such as ‘defi hacks prosecution’ and ‘fleeing the U.S.’ highlighted his attempts to evade legal repercussions.

By July 2023, Ahmed’s deceptive operations collapsed, leading him to admit his actions openly and forfeit the stolen funds. Ahmed (34) entered a guilty plea to one count of computer fraud. This conviction carries a potential maximum penalty of five years in prison. Furthermore, he agreed to compensate his victims, with total reparations amounting to over $5,071,074.23.

U.S. Attorney Williams expressed his appreciation for the diligent work of the Homeland Security Investigations and the Internal Revenue Service’s Criminal Investigation division. He also acknowledged the efforts of the U.S. Attorney’s Office in the Southern District of California for their contribution to the investigation.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and