The US government has accused a cybersecurity professional of hacking into a cryptocurrency exchange and stealing around $9 million worth of cryptocurrency, in what looks like a case of an ethical hacker gone rogue, then trying to appear ethical again.
In a statement on TuesdayThe U.S. Attorney’s Office for the Southern District of New York announced the indictment of Shakeeb Ahmed, 34, calling him “a senior security engineer for an international technology company whose resume reflected skills in, among other things, retro -engineering smart contracts and blockchain audits”. , which are part of the specialized skills used by AHMED to execute the attack.
While prosecutors did not specify who the victim was, cryptocurrency news site Coindesk reported that the description and date of the hack matches the attack on Crema Finance, a Solana-based exchange, which occurred in early July 2022, around the same date – July 2 and 3 – that Ahmed allegedly hacked the nameless exchange.
In this case, the hacker ended up returning around $8 million in crypto and kept the rest, as reported at the time. In their press release, DOJ prosecutors said that Ahmed “had communications with Crypto Exchange in which he decided to return all stolen funds except $1.5 million if Crypto Exchange agreed to return them. not to refer the attack to the police”.
It’s a very commmon convenient in the world of crypto and web3. In the past, hackers who stole crypto and offered to return portions of it by negotiating directly with victims have sometimes been called “white hats,” cybersecurity jargon for hackers with good intentions. Clearly, these hackers have taken what is a word with a fairly clear and established meaning and co-opted it for a practice that resides – to say the least – in a gray area.
And, as this case shows, returning some of your crypto loot doesn’t mean you won’t be sued.
Federal authorities pointed to the fact that Ahmed, who is charged with wire fraud and money laundering, used the chops he learned in his day job to carry out the theft.
“Ahmed used his skills as a computer security engineer to steal millions of dollars. He then allegedly tried to hide the stolen funds, but his skills were no match for the IRS Criminal’s cybercrime unit. Investigation,” Special Agent in Charge Tyler Hatcher, who works for IRC-CI, the criminal investigations arm of the IRS, is quoted as said in the press release.
Ahmed allegedly exploited a vulnerability in the exchange and inserted “false pricing data to fraudulently generate millions of dollars in inflated fees”, which he did not actually earn, but was still able to withdraw. according to the indictment against Ahmed.
Then, according to federal authorities, Ahmed laundered the stolen crypto “through a series of transactions,” such as token swapping, “linking” the Solana blockchain product to the Ethereum blockchain, among other things.
Later, Ahmed also allegedly searched online for information about the hack, “his own criminal responsibility”, lawyers specializing in similar cases, whether law enforcement could investigate such an attack and “flee the United States to avoid criminal prosecution”.
Do you have any information on this hack, other cyberattacks on crypto projects, or cryptocurrency thefts? We would love to hear from you. From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Wickr, Telegram and Wire @lorenzofb, or email lorenzo@techcrunch.com. You can also contact TechCrunch via SecureDrop.
