A US hacker convicted of plundering more than $12 million worth of crypto assets from two decentralized exchanges (DEXs) was sentenced to three years in prison.
In July 2022, Shakeeb Ahmed, a security engineer, used fake pricing data to generate approximately $9 million worth of inflated fees on an unnamed DEX, according to the U.S. Department of Justice.
Ahmed then withdrew those fees in the form of crypto, but he agreed to return all of the stolen funds except for $1.5 million if the exchange agreed not to report the attack to law enforcement.
Later that month, the hacker also hit a DEX called Nirvana Finance, exploiting the project’s smart contracts to offer lower-priced crypto purchases. After purchasing the artificially devalued crypto, Ahmed immediately resold the digital assets at a higher price to the DEX. He managed to loot $3.6 million worth of crypto via the exploit, draining Nirvana’s coffers and causing the DEX to shut down.
The hacker pled guilty to computer fraud and will serve three years of supervised release in addition to his three-year sentence. He was also ordered to forfeit approximately $12.3 million and a “significant quantity” of cryptocurrency, as well as $5 million worth of restitution to the two DEXs.
Damian Williams, the US Attorney for the Southern District of New York, says Ahmed’s prosecution represents the first-ever conviction for the hack of a smart contract.
“No matter how novel or sophisticated the hack, this Office and our law enforcement partners are committed to following the money and bringing hackers to justice. And as today’s sentence shows, time in prison — and forfeiture of all the stolen crypto — is the inevitable consequence of such destructive hacks.”
Generated Image: Midjourney
Credit: Source link