As regulators and law enforcement worldwide vie to show how tough they are on cryptocurrency fraud and scams, Damian Williams, District Attorney for the Southern District of New York (SDNY), on Tuesday announced a major bust.
In a clip posted on Twitter, Williams stated that his office had racked up a law-enforcement first. Namely, the first-ever charges against the bad actor behind an attack on a smart contract on a decentralized cryptocurrency exchange. The SDNY’s indictment does not name the exchange, saying only that it launched overseas and runs on the Solana blockchain.
The SDNY District Attorney’s Indictment
Williams said that Shakeeb Ahmed, “a senior security engineer at an international technology company,” defrauded the exchange’s users of about $9 million in cryptocurrency. Ahmed then allegedly laundered the stolen funds by swapping currencies, moving among blockchains, and hiding money in far-flung exchanges.
But none of these maneuvers were enough to evade Williams’s office and its law enforcement partners, the DA said. Williams described his office as at the forefront of nabbing bad actors who misuse new technologies to commit what are, at bottom, old types of fraud.
The SDNY indictment details not only Ahmed’s alleged misdeeds, but continuing vulnerabilities in crypto exchanges. According to the indictment, Ahmed in July 2022 was a senior security engineer at “a leading international technology company” not affiliated with the exchange that fell victim.
His background came in handy here. Ahmed allegedly drew upon his knowledge of reverse engineering smart contracts and blockchain audits to carry out the theft.
Bilking the Exchange
The unnamed exchange is a market maker. It lets those who deposit cryptocurrency into its liquidity pools set the price ranges for trading of that money, according to the indictment.
Ahmed reputedly found a vulnerability in the exchange allowing for the insertion of bogus pricing data. On or around July 2, the indictment states, Ahmed struck. He tricked the exchange by establishing “position” accounts which he disguised as “tick” accounts purporting to present legitimate data about how much liquidity their user had provided for a given price range.
The bad actor allegedly did this to deceive the exchange’s smart contract. This complex scheme resulted in Ahmed receiving millions of dollars’ worth of fees that he had not actually earned, the indictment states.
Despite the bogus nature of the pricing data, the exchange did not spot the fraud. Ahmed withdrew the so-called earnings and proceeded to launder them, claims the indictment.
In addition, Ahmed reputedly made use of “flash loans” from an unnamed crypto lender to appear to add more liquidity, mislead the exchange further, and generate inflated fees for himself. The use of flash loans in crypto fraud is on the rise and was the subject of a recent De.Fi report.
In all, he amassed $9 million in ill-gotten funds.
Hiding the Theft
The indictment details a number of methods Ahmed allegedly used to cover his tracks. Besides engaging in token swaps, the defendant “bridged” his illicit gains from the Solana blockchain over to Ethereum.
He also reportedly transferred some of the money into Monero, which the indictment calls “an anonymized and particularly difficult cryptocurrency to trace.”
It goes on to describe a panicked response on Ahmed’s part to his own theft. Including online searches about the reach of law enforcement in the face of such a crime. He also did research on fleeing the country.
Ahmed also reputedly gave some of the stolen funds back to the exchange. But only on the condition that it not go to the police over what had happened. Yet, of the stolen $9 million, he still kept about $1.5 million.
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.