Shakib Ahmed, the cybersecurity engineer convicted of stealing about $12 million in cryptocurrencies, was sentenced Friday to three years in prison.
The US Attorney for the Southern District of New York announced the ruling in a press release. Ahmed is accused of hacking into two cryptocurrency exchanges and stealing about $12 million in cryptocurrencies, according to prosecutors.
Adam Schwartz and Bradley Bondi, attorneys representing Ahmed, did not immediately respond to a request for comment.
When Ahmed was arrested last year, authorities described him as a “senior security engineer for an international technology company.” His LinkedIn profile said he previously worked at Amazon. But he was not working there at the time of his arrest, an Amazon spokesperson told TechCrunch.
Although the name of one of his victims was never revealed, Ahmed reportedly hacked Crema Finance, a Solana-based cryptocurrency exchange, in early July 2022.
Then, weeks later, Nirvana Finance was hacked. Ahmed stole $9 million and $3.6 million in these two hacks, respectively. In the case of Nirvana Finance, the stolen funds “represented virtually all of the funds owned by Nirvana Finance,” which led to Nirvana Finance's closure, according to the press release.
Ahmed pleaded guilty to carrying out both cyber attacks.
call us
Do you have information about cryptocurrency thefts and hacks? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram, Keybase, Wire @lorenzofb or email. You can also contact TechCrunch via SecureDrop.
After he hacked Carema, Ahmed contacted the company in an attempt to return the stolen funds, except for a $1.5 million fee — a kind of unofficial finder's fee — and a promise that Carema would not report the attack to authorities. Karima refused, and Ahmed was eventually arrested.
While this type of deal is unusual in the world of cybersecurity, it has become the norm in the world of cryptocurrencies. These deals are often referred to as “white hat” deals, although they involve hacking a target and stealing the victim's money without their consent, which is very similar to what “black hat” hackers typically do. Ahmed's case shows that while the cryptocurrency industry has accepted that these types of deals sometimes represent a cost of doing business, law enforcement does not see it the same way.
Aside from three years in prison, Ahmed was also sentenced to three years of supervised release, and was ordered to forfeit $12.4 million “and a significant amount of cryptocurrencies and pay reparations to the cryptocurrency exchange and Nirvana in the amount of over $5 million,” according to the statement. Journalist for prosecutors.
