A hacker has been sentenced to three years in prison by a US court for breaching two decentralized crypto exchanges and stealing over $12 million in digital assets, as confirmed by the US Department of Justice on April 12.
This marks the first conviction for hacking a smart contract, with US attorney Damian Williams emphasizing the commitment of law enforcement to track down hackers and recover stolen funds. The hacker, Shakeeb Ahmed, has been ordered to forfeit approximately $12.3 million in stolen assets, as well as pay over $5 million in restitution to the affected exchanges.
In 2022, Ahmed exploited vulnerabilities in the smart contracts of two decentralized exchanges – Nirvana and an unnamed platform. He manipulated pricing data on the unnamed platform to extract $9 million in inflated fees, which were then withdrawn in crypto. Ahmed also targeted Nirvana Finance, stealing $3.6 million by exploiting the exchange’s smart contracts to conduct profitable trades.
Despite efforts by the exchanges to recover the stolen funds, Ahmed used sophisticated methods to launder the digital assets, such as token-swap transactions and advanced crypto mixers like Samourai Whirlpool. At the time of the hacks, Ahmed was employed as a senior security engineer for an international technology company.
The sentencing serves as a warning to hackers that malicious activities in the crypto space will not go unpunished, with authorities actively pursuing individuals who engage in illegal activities.