Hacker Betrays Trust, Steals $9 Million in Cryptocurrency
An individual has been arrested by the US government for allegedly hacking into a cryptocurrency exchange and stealing $9 million worth of cryptocurrency. The accused, Shakeeb Ahmed, who is described as a senior security engineer, used his knowledge and skills to defraud the exchange and its users. Although the news report does not specify his current employer, it was discovered through his LinkedIn page that he was previously employed by Amazon. TechCrunch contacted Amazon, and a spokesperson confirmed that Ahmed is no longer employed by the company.
According to a press release from the U.S. Attorney’s Office for the Southern District of New York, “As alleged in the indictment, Shakeeb Ahmed, who was a senior security engineer at an international technology company, used his expertise to defraud the exchange and its users. and steal approximately $9 million in cryptocurrencies. We also allege that he laundered the stolen funds through multiple with complex transactions on the blockchain where he exchanged cryptocurrencies, jumped across different crypto-blockchains and used foreign crypto-exchanges,” said US Attorney Damian Williams.
Cybersecurity professional defraudes crypto exchange to the tune of $9 million
The report does not specifically mention the victim of this cyber attack. However, CoinDesk’s report highlighted that the date and stolen amount are consistent with an attack on Crema Finance, the crypto exchange used by Solana. The attack took place in July 2022, and the hacker later returned nearly $8 million and kept $1.7 million.
TechCrunch’s report also corroborated information provided by a DOJ prosecutor, who revealed that Ahmed “was in communication with a crypto exchange where he decided to return all but $1.5 million of the stolen funds if the crypto exchange agreed not to refer the attack to law enforcement.”
It is a common practice in the world of cyber security. Such criminals call themselves white hats and claim that they have good intentions. After stealing a large amount, they could contact a victim assembly and negotiate to return 80-85 percent of the stolen money, keeping a sort of “reward” for disclosing a security vulnerability if law enforcement is not referred.
However, it should be noted that as can be seen from this, the return of some of the loot does not mean that criminal charges will not be brought and charges will not be filed. This is not ethical hacking, even if the criminals would have you believe so.