The Department of Justice said this is the ‘first-ever sentencing for this kind of hack.’ The hacker’s conviction will happen in March.
On Thursday, Shakeeb Ahmed pleaded guilty to charges associated with hacking a pair of decentralized cryptocurrency exchanges (DEX) in a precedent-establishing case. This includes the July attack on Nivrana Finance, a Solana decentralized exchange.
Part of his plea involves the New York resident agreeing to surrender stolen funds amounting to more than $12M.
Nirvana Finance’s Smart Contacts Manipulated in Heist
In a statement, Damian Williams, United States attorney for the Southern District of New York, said it marked ‘the first ever sentencing for this kind of a hack.’ Ahmed leveraged susceptibilities in exchanges’ smart contracts, which are utilized in the automation of transactions.
Last July, he tricked an exchange to grant him $9M in false fees. According to prosecutors, he manipulated Nirvana Finance’s smart contacts and stole $3.6M. He was apprehended in July.
Afterwards, Ahmed attempted to use cryptocurrency mixing services, overseas accounts, and blockchain transfers to conceal the funds. Additionally, the senior security engineer searched for terms such as ‘buying citizenship’ and ‘evidence laundering’ to learn how to escape prosecution.’
Following the filing of initial charges concerning the first attack in July, Thursday’s plea revealed the role Ahmed played in the earlier unresolved case that led to the exploitation of Nirvana Finance, a Solana decentralized exchange. He has agreed to pay back all stolen funds to those affected.
According to prosecutors, Ahmed pulled off his attack on Nirvana by utilizing a $10M flash loan. He utilized an exploit he noticed in the decentralized exchange’s smart contracts to buy ANA at a reduced cost instead of at a greater cost than Nirvana was designed to charge him in view of his purchase’s size.
Once ANA’s price was revised to demonstrate his huge purchase, he sold back the ANA and pocketed profits worth an estimated $3.6M. After Nirvana discovered what had occurred, it gave Ahmed a $600000 bug bounty if he gave back the remaining funds.
Regulator Declares Action Against Fraud Irrespective of Channel
However, the security engineer demanded he be permitted to retain $1.4M. Following Nirvana’s refusal, the talks stopped, and he retained all the embezzled funds.
The $3.6M in stolen funds accounted for nearly all the funds the Solana platform held, which finally ceased operations after the attack.
According to Williams, the conviction ‘indicates that irrespective of the sophistication of the methods utilized, fraud remains to be fraud, and they will do all that is needed to arrest and convict the suspects.’
Judge Victor Marrero will sentence Mr Ahmed on March 13. He is facing a 5-year imprisonment for computer fraud.