Smart Contract Hacking Costs Ex-Engineer $12M and His Freedom
A former senior security engineer was sentenced to three years in prison for executing sophisticated hacks against two decentralized cryptocurrency exchanges, stealing over $12 million worth of digital assets.
Shakeeb Ahmed, 34, of New York, pleaded guilty to computer fraud charges related to the July 2022 hacks. He exploited vulnerabilities in the smart contracts governing the exchanges to artificially inflate fees and purchase crypto tokens at manipulated prices.
Damian Williams, the U.S. Attorney for the Southern District of New York, announced the sentencing and first-ever conviction for hacking a blockchain smart contract. “No matter how novel or sophisticated the hack, this office is committed to following the money and bringing hackers to justice,” Williams stated.
The Two Crypto Exchange Hacks In the first hack, Ahmed exploited a pricing flaw in an unnamed decentralized exchange. He inserted fake data to generate around $9 million in inflated fees, which he then withdrew as cryptocurrency. Ahmed later agreed to return most of the funds to avoid prosecution.
Weeks later, Ahmed struck again by hacking Nirvana Finance, a decentralized exchange for the ANA token. He used a flash loan to purchase ANA at an artificially low price through a smart contract exploit. Ahmed then immediately sold the ANA back to Nirvana at the higher market rate, netting $3.6 million – virtually all of Nirvana’s funds.
After the attacks, Ahmed searched online for information about the hacks, potential criminal liability, and how to flee the country to avoid charges.
Sophisticated Money Laundering Techniques To cover his tracks, Ahmed employed advanced crypto money laundering methods. These included swapping tokens, “bridging” funds between blockchains, converting to privacy coin Monero, using overseas exchanges, and leveraging “mixers” like Samourai Whirlpool.
In addition to his prison sentence, Ahmed was ordered to forfeit the $12.3 million in stolen cryptocurrency. He must also pay over $5 million in restitution to the victim exchanges.
The post Smart Contract Hacking Costs Ex-Engineer $12M and His Freedom appeared first on The Coins Post.