Shakeeb Ahmed, former Amazon engineer, was sentenced to 3 years for hacking DeFi protocols. Ahmed exploited smart contracts, causing an exchange to close after draining funds. The court sentenced him to forfeit $12.3 million and pay compensation exceeding $5 million.
In a landmark legal action, former Amazon engineer Shakeeb Ahmed was sentenced to three years in prison for orchestrating hacks on two DeFi cryptocurrency exchanges, resulting in the theft of more than $12 million.
U.S. District Judge Victor Marrero handed down the ruling, marking a significant milestone in cryptocurrency-related law enforcement.
DeFi Hacker Sentenced to 3 Years in Prison
Shakeeb Ahmed used his extensive knowledge of reverse engineering and Blockchain audits to manipulate smart contracts on exchanges. US Attorney Damian Williams stated that this case represents the first conviction for hacking a smart contract:
“No matter how novel or sophisticated the hack, this Office and our law enforcement partners are committed to following the money and bringing hackers to justice. And as today’s sentencing demonstrates, prison time – and the confiscation of all stolen crypto – is the inevitable consequence of such destructive hacks.”
On July 2 and 3, 2022, Ahmed attacked the first exchange by injecting false price data, generating $9 million in inflated fees, which he then illicitly withdrew. In a subsequent communication with the exchange, Ahmed agreed to return the funds, except for $1.5 million, as long as the exchange did not report the hack to the police.
A few weeks later, on July 28, Ahmed exploited a vulnerability in Nirvana Finance smart contracts. This second hack drained Nirvana of approximately $3.6 million, almost all of its funds, forcing the platform to shut down. Ahmed rejected Nirvana’s large bounty offer and opted to keep the stolen assets.
Nirvana’s NIRV stablecoin lost its peg to the US dollar, and its native coin ANA fell 85% following news of the hack and closed shortly after. According to the SDNY statement, Ahmed laundered the hacked funds:
“Using token swap transactions; ‘bridging’ fraud proceeds from the Solana Blockchain to the Ethereum Blockchain; exchanging fraud proceeds into Monero […]; using offshore cryptocurrency exchanges; and using cryptocurrency mixers, like Samourai Whirlpool.”
A third exchange, Crema, was also noted to have been targeted in July 2022 using the same methods, but federal charges did not link it to that hack.
According to Inner City Press, Ahmed, who was released on bail, now works for a mental health company. That publication quoted him as saying: “I witnessed hacks, I found a way to exploit an exchange’s smart contracts. I went to therapy” during his trial.
Former Amazon Engineer Used Cryptocurrency Mixers for Hack
Ahmed used sophisticated laundering techniques to conceal the origin of the stolen funds. These included swapping tokens between blockchains, converting assets into the untraceable cryptocurrency Monero, and using offshore cryptocurrency exchanges and mixers.
In addition to the prison sentence, the court has ordered Ahmed to confiscate about $12.3 million in stolen assets. It must also compensate the affected exchanges with more than $5 million. He will also be imposed three years of supervised release after his incarceration. US Attorney Damian Williams said in a statement that Ahmed’s conviction was the first for hacking a smart contract.
By Leonardo Perez
