Former Amazon security engineer pleads guilty to stealing approximately 1.7 billion yen from a virtual currency exchange

Shakib Ahmed, a former security engineer at Amazon, admitted to stealing more than $12.3 million (approximately 1,749 million yen) from two virtual currency exchanges. Already, all of the assets stolen by the defendant have been confiscated, and the defendant has promised to compensate approximately $5.07 million (approximately 722 million yen).

Southern District of New York | Former Security Engineer For International Technology Company Pleads Guilty To Hacking Two Decentralized Cryptocurrency Exchanges | United States Department of Justice

Ex-Amazon engineer pleads guilty to hacking crypto exchanges
https://www.bleepingcomputer.com/news/security/ex-amazon-engineer-pleads-guilty-to-hacking-crypto-exchanges/

Federal Judge Damien Williams of the Southern District of New York announced that Shakib Ahmed has entered a guilty plea to the hacking of two cryptocurrency exchanges that occurred in July 2022.

The first incident targeted the Solana blockchain exchange. The defendant manipulated the smart contract and inserted fake price data to steal virtual currency worth $9 million (approximately 1.28 billion yen). After that, he withdrew the funds and offered to return the remaining amount minus $1.5 million (approximately 213 million yen) to the exchange if he did not report it to law enforcement agencies.

Although the Department of Justice has anonymized the name of the virtual currency exchange that was affected in the first incident, the news site Bleeping Computer listed Crema Finance as the exchange that suffered the amount of damage reported during the relevant period. I am.

On 2nd July, a vulnerability in the ticks account caused an exploit on @Crema_Finance for a total amount of $8,782,446. We worked closely with the Crema team alongside @osec_io to break down the movement of the stolen funds following the exploit. ???? pic.twitter.com/3MdXqEalu8

— SolanaFM (@solanafm) July 3, 2022

Immediately after this incident, the defendant took advantage of a smart contract loophole in Nirvana Finance's DeFi protocol to conduct a flash loan attack targeting the virtual currency ANA. A flash loan attack is one that exploits flash loans, which are short-term transactions that allow unsecured loan repayments. The defendant purchased ANA for approximately $10 million (approximately 1,423 million yen), but had Nirvana Finance lower the bill by making it appear as if the purchase was cheaper, while at the same time making the purchased ANA more expensive. We obtained approximately 3.6 million dollars (approximately 512 million yen) by selling it to Nirvana Finance at a price.

Nirvana Finance offered the defendant a reward of up to $600,000 (approximately 85.4 million yen) for finding bugs in order to return the stolen funds, but the defendant received only $1.4 million (approximately 200 million yen). Because of his demands, no agreement was reached. It is said that the $3.6 million the defendant obtained at this time was equal to almost all the funds held by Nirvana Finance, and Nirvana Finance was shut down immediately after the attack.

In order to conceal the series of thefts, the defendant used multiple virtual currency mixers, blockchain, overseas exchanges, etc. to convert the proceeds into Monero, a virtual currency known for its high anonymity.

Ahmed has pleaded guilty to computer fraud charges and faces up to five years in prison. In addition, any fraudulently obtained funds totaling more than $12.3 million will be forfeited. The defendants have promised to pay compensation to the victims in the amount of $5,071,074.23.

A formal verdict is expected to be rendered on March 13, 2024.