The Feds have charged a former engineer for the hack and $9 million exploit of a Solana-based cryptocurrency exchange.
IRS And Homeland Security Charge Former Engineer
New York prosecutors have charged a former senior security engineer at an international technology company, Shakeeb Ahmed, in the first-ever criminal case involving an attack on an unnamed decentralized exchange.
The indictment alleges that Ahmed exploited a vulnerability in the exchange’s smart contract, resulting in approximately $9 million worth of inflated fees. He then laundered the stolen funds through complex transactions on the blockchain.
IRS Agent Tyler Hatcher said,
“As alleged, Mr. Ahmed used his skills as a computer security engineer to steal millions of dollars. He then allegedly tried to hide the stolen funds, but his skills were no match for IRS Criminal Investigation’s Cyber Crimes Unit. We, along with our partners at HSI and the Department of Justice, are at the forefront of cyber investigations and will track these fraudsters anywhere they try to hide and hold them accountable.”
Manipulated Pricing Data To Inflate Fees
The attack targeted a decentralized cryptocurrency exchange operating on the Solana blockchain. The exchange allowed users to exchange various cryptocurrencies and pay fees to those who provided liquidity. Ahmed’s attack involved inserting fake pricing data into the smart contract, causing it to generate inflated fees in the range of $9 million.
After generating the fees, he engaged in token-swap transactions and bridged the fraud proceeds from the Solana blockchain to the Ethereum blockchain. He also converted the proceeds into Monero, an anonymous cryptocurrency that is hard to trace. Ahmed further attempted to cover his tracks by using overseas cryptocurrency exchanges.
Tracked Down Through Online Activities
Following the attack, Ahmed approached the exchange, offering to return the stolen funds for a bounty fee of $1.5 million on the condition that the crypto exchange promised not to approach law enforcement.
However, his actions did not go unnoticed by authorities. Investigators tracked his online activities, which included searches for information on the attack, criminal liability, and potential escape from the United States to evade charges.
Homeland Security Special Agent in Charge Chad Plantz said,
“Financial crime strikes at the core of our national and economic banking security. With an attack of this magnitude, it’s crucial we ensure continued consumer confidence in our financial system…It’s cases like these that demonstrate HSI’s commitment and ability to work with a coalition of the willing to dismantle these complicated and technical fraud schemes and identify those responsible regardless of where they operate.”
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
Source: https://cryptodaily.co.uk/2023/07/engineer-charged-in-first-ever-dex-attack-criminal-case