Hacker Pleads Guilty to $12 Million Solana DeFi Hacks, Marking the First Smart Contract Fraud Conviction

On December 14th, authorities revealed that Shakeeb Ahmed, a security engineer, has confessed to exploiting two Solana DeFi apps.

During the announcement, Damian Williams, United States Attorney for the Southern District of New York (SDNY), informed the public about the perpetrator's guilty plea.

"Five months ago, my Office announced the first ever arrest involving an attack on a smart contract. Today … Shakeeb Ahmed pled guilty and agreed to return all of the stolen crypto to his victims … Today’s conviction shows that no matter how sophisticated the methods used, fraud is fraud, and we will swiftly catch and convict you.”

Ahmed initiated the initial attack on July 2, 2022, by specifically targeting an undisclosed decentralized exchange. His aim was to exploit inflated fees and generate a staggering $9 million.

As part of a deal, Ahmed agreed to return all but $1.5 million of the stolen funds on the condition that the targeted exchange refrained from reporting the attack to law enforcement. However, SDNY authorities took action and apprehended Ahmed in July 2023, resulting in his arrest and subsequent charges.

Further investigations uncovered that Ahmed conducted a second attack on Nirvana Finance, a decentralized finance platform on the Solana network, approximately on July 28, 2022.

During that attack, Ahmed exploited flash loans to acquire Nirvana's ANA token at a discounted rate. He then sold these tokens at a higher price, resulting in a gain of $3.6 million. Following unsuccessful negotiations regarding a bounty with Nirvana, Ahmed opted not to return the stolen funds. Unfortunately, as a result of the significant loss of funds, Nirvana was forced to shut down.

Though the hack against Nirvana Finance was reported as it occurred, Ahmed’s involvement in the attack was not known until today.

More Than $12 Million Stolen

According to the announcement, Ahmed managed to steal a staggering sum of over $12 million from the two platforms. To conceal his theft, he employed various methods and took multiple actions.

In an attempt to cover his tracks, Ahmed exchanged his unlawfully acquired funds for Monero (XMR), utilized crypto mixers like Samourai Whirlpool to obfuscate transaction trails, employed a blockchain-hopping strategy, transferred funds to the Ethereum blockchain, and conducted transactions on international cryptocurrency exchanges. He also searched for information related to legal defenses and the possibility of fleeing the United States.

Authorities have confirmed that Ahmed has entered a guilty plea for one count of computer fraud, carrying a maximum sentence of five years in prison. The determination of his sentence will take place in March 2024. Additionally, Ahmed has agreed to compensate his victims by paying $5 million in restitution.