"Nirvana Finance Hacker Pleads Guilty to Prosecutors, Agrees to Forfeit $12.3 Million in Illicit Funds and Compensate Victims"

The Southern District of New York Federal Prosecutor’s Office announced on Thursday (14th) that a senior security engineer named Shakeeb Ahmed has admitted to attacking the DeFi protocol Nirvana Finance and another unnamed decentralized cryptocurrency exchange.

Ahmed has admitted to committing computer fraud and has agreed to forfeit the $12.3 million he obtained from these two hacking incidents. He will also pay a total of $5 million in compensation to the victims. Ahmed faces a maximum of five years in prison and will be sentenced on March 13th next year.

In two hacking attacks in 2022, Ahmed was charged in July this year with telecommunication fraud and money laundering. The indictment shows that he exploited a vulnerability in a smart contract of an unnamed exchange on the Solana chain. According to a previous report by Zombit, the description in the indictment and other details suggest that the attacked exchange may be Crema Finance.

A few weeks after the first hacking attack, Ahmed launched an attack on Nirvana Finance worth $3.6 million, involving a flash loan and a vulnerability he discovered in the platform’s smart contract. Nirvana had offered a $600,000 reward for the hacker to return the stolen funds, but he demanded $1.4 million, and no agreement was reached between the two parties.

During these two hacking attacks, Ahmed worked as a senior security engineer at an international technology company. His resume reflects skills in reverse engineering of smart contracts and blockchain auditing. However, after succeeding in the attacks, Ahmed searched Google for a series of information on hacking attacks, including how to handle funds, escape the United States, and avoid criminal charges.

The prosecutor’s statement states that Ahmed “used sophisticated means” to launder money, “including token exchange transactions, bridging fraudulent proceeds from the Solana blockchain to the Ethereum blockchain, converting fraudulent proceeds into Monero (an anonymous and particularly difficult-to-trace cryptocurrency), using overseas cryptocurrency exchanges, and using cryptocurrency mixers like Samourai Whirlpool.”

Source
Related report: “Security engineer turns to the dark side and gets arrested! After obtaining $9 million, he asked Google how to protect himself.”

Leave a Reply

Your email address will not be published. Required fields are marked *

Check Also

Successful Conclusion of CoinEx Taiwan’s 7th Anniversary Celebration, Embracing the Arrival of the Web3 Era Hand in Hand with Users

Since its establishment in 2017, CoinEx has been a professional cryptocurrency trading pla…