Nexo

Start Earning Up to 16% Interest Automatically

Learn More
Home » Hacks » Ex-Amazon dev pleads guilty to Nirvana Finance hack, agrees to pay $12 million

Ex-Amazon dev pleads guilty to Nirvana Finance hack, agrees to pay $12 million

by

Ahmed awaits sentencing on March 13, 2024, facing a maximum of five years in prison.

Ex-Amazon dev pleads guilty to Nirvana Finance hack, agrees to pay $12 million

Share this article

Shakeeb Ahmed, a former software security engineer at Amazon, has pleaded guilty to one count of computer fraud in connection with the hacking of Nirvana Finance in July 2022.

The case represents the first conviction of its kind, with Ahmed being the first individual convicted for hacking a smart contract for a decentralized exchange (DEX). According to the US Attorney’s Office, Ahmed also pleaded guilty to involvement in hacking another unnamed DEX.

A report from Coindesk indicates that this aforementioned DEX is likely Crema Finance, given how it matches references. Still, evidence on this connection remains inconclusive, and the court has not specified the other exchange involved.

“AHMED carried out an attack on the Crypto Exchange by exploiting a vulnerability in one of the Crypto Exchange’s smart contracts and inserting fake pricing data to fraudulently cause that smart contract to generate approximately $9 million dollars’ worth of inflated fees,” the US Attorney’s Office stated.

Ahmed’s attack on Nirvana Finance used a method known as a flash loan exploit, which is a type of loan that doesn’t require upfront collateral and repays the borrowed assets within the same transaction block. This type of exploit is frequently used against decentralized finance lending protocols.

During the initial weeks after the exploit, Nirvana Finance offered Ahmed a $300,000 white-hat bounty for returning the stolen funds. According to the press statement, the bounty went up to as much as $600,000. However, Ahmed did not comply with this request, demanding $1.4 million. After negotiations with Nirvana Finance, Ahmed later sold off the assets (ANA coin) he held, resulting in the closure of Nirvana Finance.

“The $3.6 million AHMED stole represented approximately all the funds possessed by Nirvana, which as a result shut down shortly after AHMED’s attack,” the US Attorney’s Office stated.

Ahmed has agreed to forfeit $12.3 million, $5.6 million of which is in crypto. Ahmed is set to pay $5 million in restitution to victims of the exploit. He awaits sentencing by US District Judge Victor Marrero on 13 March 2024, with the charge carrying a maximum sentence of five years in prison.

Ahmed’s LinkedIn profile is unavailable to confirm his previous employment at Amazon. However, an Amazon spokesperson had previously verified that Ahmed worked there but is no longer employed by the company.

Share this article

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

Crypto Briefing may augment articles with AI-generated content created by Crypto Briefing’s own proprietary AI platform. We use AI as a tool to deliver fast, valuable and actionable information without losing the insight - and oversight - of experienced crypto natives. All AI augmented content is carefully reviewed, including for factural accuracy, by our editors and writers, and always draws from multiple primary and secondary sources when available to create our stories and articles.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.