- Shakeeb Ahmed, the individual who admitted to computer fraud, has been handed a three-year prison term, marking the first conviction related to a smart contract breach.
- Ahmed utilized various methods, including cryptocurrency mixers, to launder the stolen funds.
- Following a guilty plea, a US Judge has mandated Ahmed to surrender $12.3 million and compensate both Nirvana and an undisclosed cryptocurrency exchange.
On a recent announcement by the US Department of Justice (DoJ), Shakeeb Ahmed, who illicitly acquired over $12 million in cryptocurrencies, has been sentenced to a three-year incarceration by US District Judge Victor Marrero. Ahmed managed to pilfer the funds within a month from two distinct decentralized exchanges, namely Nirvana Finance and another unnamed platform.
For further details: Kucoin Exchange, executives indicted by DoJ, HSI, citing ‘multibillion-dollar criminal conspiracy’
Penalty for Crypto Hacker
In a groundbreaking ruling regarding a smart contract breach, US District Judge Victor Marrero imposed the three-year sentence on Ahmed, a former security specialist at an international technology firm.
As disclosed in the DoJ’s press release, Ahmed exploited his expertise in reverse engineering smart contracts and conducting blockchain audits to capitalize on vulnerabilities within an undisclosed crypto exchange and Nirvana Finance.
Ahmed’s initial target was the unnamed exchange in early July 2022, where he exploited a pricing data loophole to generate and withdraw cryptocurrency fees amounting to approximately \(9 million. The DoJ reported, "After the theft, AHMED engaged in discussions with the Crypto Exchange, proposing to return all the illicit funds except for \)1.5 million in exchange for not involving law enforcement.”
Additional reading: SBF handed a 25-year jail term post his conviction in November
Subsequently, Ahmed leveraged a smart contract flaw within Solana-based Nirvana Finance to execute a flash loan attack, resulting in a \(3.6 million gain. Despite Nirvana offering a bug bounty of \)600,000 for the funds’ return, Ahmed demanded $1.4 million instead, leading to a stalemate.
Ahmed retained the embezzled funds as negotiations with Nirvana fell through. The DoJ highlighted, “The $3.6 million AHMED stole essentially represented the entirety of Nirvana’s assets, leading to its closure shortly after the attack.”
To obfuscate the origins of the stolen funds, Ahmed employed a combination of asset bridging from Solana to Ethereum, the privacy coin Monero, and cryptocurrency mixers.
For more insights: OneCoin’s head of legal and compliance sentenced to four years in prison, as CZ’s sentencing looms
Ahmed’s initial arrest took place in July 2023, followed by a guilty plea in December, culminating in the three-year sentence pronounced on Friday by Judge Victor Marrero. In addition to the prison term, Ahmed has been instructed to forfeit \(12.3 million and provide \)5 million in restitution to Nirvana and the undisclosed crypto exchange.
US Attorney Damian Williams emphasized, “Irrespective of the complexity or novelty of the breach, our office and law enforcement allies are steadfast in tracking illicit proceeds and holding hackers accountable.”
In related news, Sam Bankman-Fried, the convicted founder of the now-defunct FTX exchange, has lodged an appeal against his 25-year prison sentence.