December 15, 2023 at 03:38PM
Former Amazon security engineer Shakeeb Ahmed pleaded guilty to hacking and stealing over $12.3 million from two cryptocurrency exchanges in July 2022. He manipulated smart contracts to exploit pricing data, yielding inflated fees, and took advantage of a DeFi protocol loophole. Ahmed used various methods to conceal the stolen funds and evade capture. He entered a guilty plea for computer fraud and agreed to return the stolen crypto, with sentencing set for March 13, 2024.
Based on the meeting notes provided, here are the key takeaways:
– Former Amazon security engineer Shakeeb Ahmed pleaded guilty this week to hacking and stealing over $12.3 million from two cryptocurrency exchanges in July 2022.
– The affected companies are Nirvana Finance, a decentralized crypto exchange, and an unnamed exchange on the Solana blockchain platform that Ahmed hacked using his blockchain audit and smart contract reverse engineering skills.
– Ahmed manipulated a smart contract to introduce false pricing data, generating roughly $9 million worth of inflated fees from the undisclosed crypto exchange. He later withdrew the funds and offered to return all but $1.5 million on the condition that the exchange refrained from involving law enforcement.
– The details of the attack match those of a July 2022 breach impacting the Crema Finance decentralized finance (DeFi) platform.
– Ahmed exploited a Nirvana Finance DeFi protocol smart contract loophole to take a flash loan of ANA cryptocurrency tokens at a low price and sell it back at a higher rate, yielding him approximately $3.6 million.
– Despite being offered a $300,000 bounty to return the stolen crypto assets, Ahmed demanded $1.4 million and kept everything he stole, forcing the exchange to shut down.
– Ahmed used several cryptocurrency mixers, the Solana and Ethereum blockchains, and foreign exchanges to convert the stolen funds into Monero, a cryptocurrency known for its enhanced privacy and anonymity, in an effort to evade capture.
– Ahmed actively sought ways to elude detection and extradition, as revealed by his online search history.
– U.S. Attorney Damian Williams announced that Ahmed entered a guilty plea for a single computer fraud charge and committed to compensating his victims with a sum totaling $5,071,074.23. He will also forfeit over $12.3 million, including roughly $5.6 million worth of fraudulently obtained cryptocurrency.
– Sentencing has been scheduled for March 13, 2024, to be adjudicated by United States District Judge Victor Marrero.
These takeaways capture the key points from the meeting notes. Let me know if there’s anything else I can assist you with.