• US Authorities have charged a former cybersecurity professional, Shakeeb Ahmed, with stealing $9 million worth of crypto assets from a decentralized crypto exchange.
• Ahmed allegedly exploited a vulnerability in the platform’s smart contract to generate inflated fees and then laundered them to conceal the source of the funds.
• He faces charges of wire fraud and money laundering which carry a maximum sentence of 20 years each.
US Authorities Charge Cybersecurity Engineer With Stealing $9,000,000 From Crypto Exchange
Details of the Attack
The attack was carried out sometime in July 2022 when Shakeeb Ahmed exploited a vulnerability of the Solana (SOL)-based DEX and inserted fake pricing data. This caused the platform’s smart contract to generate approximately $9 million worth of fees that were subsequently withdrawn in cryptocurrency and laundered to conceal their source and owner.
Ahmed’s Attempt at Evading Prosecution
After carrying out the attack, Ahmed had communications with the Crypto Exchange where he attempted to return all stolen funds except for $1.5 million if they agreed not to refer it to law enforcement. He also searched online for information about his own criminal liability, fleeing the United States, and more.
Charges Brought Against Ahmed
Ahmed has been arrested in New York on Tuesday and now faces charges of wire fraud and money laundering which carry a maximum sentence of 20 years each. According to US Attorney Damian Williams, this is the first time ever that criminal charges have been brought involving an attack on a smart contract operated by a decentralized cryptocurrency exchange.
Takeaway
This case serves as an important reminder that cryptocurrency exchanges are vulnerable targets for cybercriminals who can exploit weaknesses in their systems to steal large amounts of digital assets from unsuspecting victims around the world. It is therefore essential that users remain vigilant when transacting on these platforms as well as making sure they use reputable exchanges with strong security protocols in place