First Smart Contact Hacker Pleads Guilty to Inside Job

• Insider pleads guilty in first-ever smart contract hack case.
• Ahmed agrees to forfeit over $12.3 million in stolen assets.
• The case sets a legal precedent for smart contracts.

Since its inception, hacks have plagued the world of Decentralized Finance (DeFi). However, law enforcement has finally caught up with hackers in this new tech space. 

A US court recently secured a plea deal from Shakeeb Ahmed, a former senior security engineer on two hacked DeFi projects. The insider pled guilty to hacking two decentralized crypto exchanges, stealing more than $13 million. 

Attacker Pleads Guilty in First Crypto Hack Case

On Thursday, December 14, a US court announced a guilty plea by Shakeeb Ahmed, a senior security engineer for an international technology company. As part of his plea, Ahmed has agreed to forfeit over $12.3 million, which includes approximately $5.6 million in fraudulently obtained cryptocurrency. 

In July 2023, Shakeeb Ahmed, a former security engineer, was arrested for defrauding an unnamed Solana-based DEX by exploiting a smart contract bug and stealing $9 million. This incident marks the first criminal case involving a smart contract exploit in the DeFi sector​​.

Following this, Ahmed targeted Nirvana Finance. Using a flash loan of approximately $10 million, he purchased ANA tokens from Nirvana at a low price, exploiting a flaw in their smart contract. 

After the price of ANA increased due to his large purchase, he resold the tokens at the new, higher price, netting him an illegal profit of around $3.6 million. This exploit drained Nirvana’s funds, leading to its subsequent shutdown.

Legal Precedent for Smart Contract Fraud

The case against Ahmed, prosecuted by the Southern District of New York’s Money Laundering Transnational Criminal Enterprises Unit and Complex Frauds Cybercrime Unit, is the first case of smart contact fraud in US history. With his sentencing set for March 13, 2024, Ahmed’s case sets a precedent in the crypto legal landscape. 

Smart contracts are self-executing contracts with the terms of the agreement directly written into lines of code. Despite their potential for creating more efficient and transparent systems, smart contracts also introduce unique vulnerabilities and challenges, as highlighted by Ahmed’s case.

On the Flipside

• Crypto scams have been on a downward trend in 2023, dropping by 75% in the year’s first half. Still, the total losses to hacks, scams, and rug pulls amounted to $655.61 million .
• The DEX hack case highlights the potential risks and vulnerabilities inherent in the sector.

Why This Matters

The conviction of Shakeeb Ahmed marks a pivotal moment in the legal handling of crimes involving decentralized finance technologies. It underscores the vulnerabilities of DeFi platforms to cyber-attacks and the importance of robust legal frameworks and security measures in the burgeoning crypto industry. 

Read more about the Shakeeb Ahmed crimes: 
Why a Solana DEX Dev Was Arrested for Unprecedented SC Attack

Read more about Bitcoin’s ORDI: 
Bitcoin’s ORDI Could Surge 1200% in 2024: Bitget Report