By Michael Scott
An accomplished computer security engineer faces wire fraud and money laundering charges associated with a decentralized exchange attack.
A global technology firm’s ex-security engineer has been apprehended and charged for the supposed use of a smart contract bug to acquire cryptocurrency worth $9 million. The hack affected Solana-founded decentralized crypto exchange (DEX).
Insider Steals $9M Cryptocurrencies
On June 11, an announcement of the first-ever case concerning a smart contract attack operated by a DEX was made by Damian Williams, the U.S Attorney for the Southern District of New York.
The statement claimed that Shakeeb Ahmed, the accused, utilized his skills to swindle the exchange and users to steal cryptocurrency worth nearly $9 million. Further, Williams revealed that the attack occurred in July 2022 and targeted a Solana-based decentralized exchange.
Attacker Targets Susceptibility of Smart Contracts Using Flash Loans
The attacker leveraged the susceptibility in the smart contracts to create exaggerated fees with flash loans. Afterward, a series of intricate transfers on the blockchain were involved in the withdrawal and laundering of the cryptocurrency.
Specifically, the attacker exchanged cryptocurrencies, utilized overseas crypto exchanges, and churned across various crypto blockchains.
Despite Williams’s failure to reveal the DEX that was affected in July, prior reports show that on July 2 2022, an unidentified hacker took advantage of Crema Finance, a Solana-based liquidity protocol, to steal cryptocurrency worth $9.6 million.
Exploiter Returns Proceeds from Hacking Crema Finance
Afterward, the exploiter returned a significant part of the funds but was permitted to hold $1.6 million as an incentive.
The statement by William also revealed Ahmed’s decision to return all the stolen funds excluding $1.5 million, on condition that law enforcement was not involved in the case. He claimed the actions did not cover the offender’s tracks or tricked law enforcers.
Additionally, they did not affect the efforts aimed at pursuing the money.
Returning Millions Insufficient to Save Exploiter from Law Enforcement
Ahmed’s arrest happened in New York, and he has been accused of money laundering and wire fraud associated with the Solana-based DEX attack in July 2022. Despite contacting Crema Finance for an explanation, no response was provided to the inquiries.
Orlando.btc, a crypto and startup lawyer, responded to the current news by claiming the move could benefit DeFi’s overall ecosystem.
According to the accusation, the Department of Justice should initiate criminal charges in case an individual willingly utilizes a protocol in a manner that it was not planned to be utilized.
The revelation of ex-security engineer exploiting vulnerabilities leaves decentralized platforms as targets by malicious staff members. However, the case challenges protocols to exercise vigilance on their operations to avoid insider-staged exploits.