New York hacker charged for stealing $9 million from a decentralized exchange | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

United States law enforcement agents slammed wire fraud and money laundering charges against a former security engineer from New York. He is accused of hacking a decentralized exchange (DEX) and stealing $9 million in July 2022.

The development marks the first time prosecutors are bringing charges against a suspect for exploiting a DEX’s smart contract.

Hacker facing charges 

The United States Attorney’s Office for the Southern District of New York, in a press release, alleged that Shakeeb Ahmed, who previously worked as a senior security engineer for an international technology firm, exploited a vulnerability in an unnamed DEX’s smart contract to steal about $9 million.

The affected exchange is a concentrated liquidity market maker that runs on the Solana blockchain and is incorporated overseas.

According to an unsealed indictment, Ahmed could insert fake pricing data, causing the smart contract to generate inflated fees worth approximately $9 million, which he did not earn.

The hacker used his skill in reverse engineering smart contracts and blockchain audit to attack between July 2 and July 3, 2022, on the anonymous DEX. 

Following the theft, Ahmed contacted the exchange.

He offered to make a refund while keeping $1.5 million from the loot, provided the DEX did not report the incident to law enforcement.

The attacker then proceeded to launder the ill-gotten funds “through a series of complex transfers on the blockchain where he swapped cryptocurrencies, hopped across different crypto blockchains, and used overseas crypto exchanges,” US Attorney Damian Williams stated in the press release.

However, a US government agent noted that Ahmed’s attempt to conceal the funds was unsuccessful.

“He then allegedly tried to hide the stolen funds, but his skills were no match for IRS Criminal Investigation’s Cyber Crimes Unit. We, along with our partners at HSI and the Department of Justice, are at the forefront of cyber investigations and will track these fraudsters anywhere they try to hide and hold them accountable.”

Statement from Tyler Hatcher, IRS-CI Special Agent in Charge

Indictment related to Crema Finance Hack?

Furthermore, the indictment revealed that Ahmed conducted a series of online searches after the attack, which included news articles reporting the hack, along with search terms such as “how to stop the federal government from seizing assets,” “can I cross the border with crypto,” and “buying citizenship “

Ahmed faces charges of wire fraud and money laundering, with each charge having a maximum prison sentence of 20 years. 

While the indictment does not mention any exchange, the timeline of the attack and the hacker’s negotiation with the unnamed DEX coincides with a security breach that affected Crema Finance in July 2022. 

Follow Us on Google News


Click Here For The Original Story From This Source.

National Cyber Security