A former Amazon.com software engineer who admitted to stealing millions of dollars in cryptocurrency by hacking two decentralised finance platforms was ordered to spend three years behind bars.
Shakeeb Ahmed, 34, was sentenced Friday by US District Judge Victor Marrero on Friday. Ahmed pleaded guilty in December to taking advantage of flaws in the DeFi platforms’ so-called smart contracts to insert fake pricing data, generating about US$12mil (RM57.3mil) of inflated and unearned profits that he was able to withdraw in cryptocurrency.
Such contracts are computer programs that automatically execute transactions when predetermined conditions are met. One of the platforms Ahmed hacked wasn’t identified by prosecutors but appears to be Crema Finance, based on details in the indictment. The other was Nirvana Finance, which shut down shortly after Ahmed’s July 2022 hack.
Ahmed was previously the technical lead of Amazon’s "bug bounty” program, which provides rewards to hackers for finding vulnerabilities in its software.
Prosecutors had recommended a sentence of four years in prison for what they said was a "first-of-its-kind” conviction for hacking smart contracts. They noted Ahmed’s acceptance of responsibility and that he surrendered most of his ill-gotten gains but said incarceration was warranted because of the seriousness of his crimes and to deter others.
Lawyers for Ahmed, an immigrant from Saudi Arabia, had sought a sentence of probation, saying his two hacks took place when his mental health was poor. They noted that he hadn’t spent the stolen funds except to pay for a sibling’s medical procedure.
Ahmed himself told the judge that he was "filled with shame and disappointment” for his actions, though he also downplayed the seriousness of his actions.
"It was more akin to a cheat code in a video game than a hack that undermined the financial system,” he said. – Bloomberg